{"id":3823,"date":"2025-08-14T07:26:05","date_gmt":"2025-08-14T07:26:05","guid":{"rendered":"https:\/\/certera.com\/blog\/?p=3823"},"modified":"2025-08-14T07:27:34","modified_gmt":"2025-08-14T07:27:34","slug":"latest-s-mime-baseline-requirements-2025-email-security-is-changing-forever","status":"publish","type":"post","link":"https:\/\/certera.com\/blog\/latest-s-mime-baseline-requirements-2025-email-security-is-changing-forever\/","title":{"rendered":"Latest S\/MIME Baseline Requirements 2025: Email Security is Changing Forever"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\">If you\u2019ve been treating email security as a \u201cset it and forget it\u201d job, 2025 is your wake-up call. The rules are changing. The deadlines are real. And the way organizations issue and manage S\/MIME certificates will never be the same.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">In the last few months, the CA\/Browser Forum\u2019s S\/MIME Certificate Working Group (SMCWG) pushed through <strong>two important ballots and a compliance deadline<\/strong> <strong>(SMC013 and SMC012)<\/strong> that will directly affect how secure email works for everyone using public Certification Authorities (CAs).<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-here-s-what-s-coming\">Here\u2019s what\u2019s coming:<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Automation with ACME for S\/MIME<\/strong> \u2014 No more manual mailbox validation.<\/li>\n\n\n\n<li><strong>Post-Quantum Cryptography (PQC) support<\/strong> \u2014 Preparing for a <a href=\"https:\/\/certera.com\/blog\/what-is-post-quantum-cryptography-roadmap-future-and-checklist\/\">PQC<\/a> world where quantum computers can break today\u2019s encryption.<\/li>\n\n\n\n<li><strong>Mandatory Name Attributes in Certificates<\/strong> \u2014 A compliance change hitting every organization using public CAs by July 16, 2025.<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">This isn\u2019t just technical housekeeping. This is a shift in how the email trust ecosystem operates. You must know what\u2019s changing, why it matters, and exactly what you need to do to avoid getting caught unprepared.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-tl-dr-the-2025-s-mime-shake-up\">TL;DR: The 2025 S\/MIME Shake-Up<\/h2>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><tbody><tr><td>&nbsp;<\/td><td><strong>SMC012 \u2013 ACME Automation for S\/MIME &nbsp;<\/strong><\/td><td><strong>SMC013 \u2013 Quantum-Safe S\/MIME (PQC) &nbsp;<\/strong><\/td><\/tr><tr><td><strong>What It Is<\/strong><\/td><td>&nbsp; ACME finally comes to S\/MIME, automating mailbox &amp; domain validation<\/td><td>Two NIST-approved quantum-proof algorithms land for CA testing<\/td><\/tr><tr><td><strong>What the Ballot Does &nbsp;<\/strong><\/td><td>Lets CAs &amp; ACME clients validate via short-lived email tokens \u2013 fast, hands-free<\/td><td>Enables single-key PQC certs with zero reliance on old, quantum-vulnerable algorithms<\/td><\/tr><tr><td><strong>When the Changes Will Take Place &nbsp;<\/strong><\/td><td>Already live \u2013 July 2, 2025<\/td><td>Post-IPR review: August 20, 2025<\/td><\/tr><tr><td><strong>Why You Should Care &nbsp;<\/strong><\/td><td>You ditch manual certificate checks for automation that scales<\/td><td>First real step toward quantum-proof email security on open networks<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-the-big-problem-trust-consistency-and-the-quantum-threat\">The Big Problem: Trust, Consistency, and the Quantum Threat<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Email is still the world\u2019s number one communication tool for business. And yet\u2026 The standards for verifying and securing those emails haven\u2019t always been consistent.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Some CAs verified mailbox control using methods borrowed from TLS website validation. Others took more relaxed approaches. And in the absence of clear, universal requirements, identity assurance varied wildly from one provider to the next. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Add to that the slow crawl toward automation and the looming shadow of quantum computing, and you\u2019ve got a system that needs a serious tune-up.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-that-s-what-the-july-2025-updates-are-all-about\">That\u2019s What the July 2025 Updates are all about:<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Standardising how mailbox validation works so that CAs, email clients, and organisations are all on the same page.<\/li>\n\n\n\n<li>Adding automation so certificate issuance can keep up with scale and speed demands.<\/li>\n\n\n\n<li><a href=\"https:\/\/certera.com\/blog\/what-is-quantum-safe-cryptography-vs-post-quantum-cryptography\/\">Preparing for the quantum era<\/a>, where traditional encryption won\u2019t cut it.<\/li>\n\n\n\n<li>Making identity verification mandatory and visible, so email recipients can trust the sender.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-update-1-acme-automation-for-s-mime\">Update 1: ACME Automation for S\/MIME<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Effective date: July 2, 2025<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">If you\u2019ve worked with <a href=\"https:\/\/certera.com\/cheap-ssl-certificates\">TLS\/SSL certificates<\/a>, you probably know ACME. It\u2019s the protocol that powers automated certificate issuance at services. Now, for the first time, <a href=\"https:\/\/certera.com\/blog\/what-is-acme-protocol-how-does-it-work\/\">ACME<\/a> is officially part of the S\/MIME Baseline Requirements (Ballot SMC012).<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">CAs can now use <strong>ACME random tokens<\/strong> to verify that you control a specific mailbox or domain. These tokens are short-lived (up to 24 hours), unique to each request, and sent via SMTP to the address being validated.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">You respond with the token, and the CA verifies receipt of that token, and the wait should be over. No longer just HTTP or DNS validation schemes of the TLS world.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Why this matters:<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Speed:<\/strong> Certificates can be released within a few seconds rather than hours or days.<\/li>\n\n\n\n<li><strong>Scalability:<\/strong> When you deal with hundreds or thousands of mailboxes, getting automated is sustainable.<\/li>\n\n\n\n<li><strong>Future-readiness:<\/strong> <a href=\"https:\/\/certera.com\/blog\/what-is-post-quantum-cryptography-how-to-resist-pqc-attacks\/\">PQC upgrades<\/a> will need fast key rotation. They cannot be handled by manual procedures.<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Stephen Davidson,<\/strong> chair of the CABF S\/MIME Working Group, put it best:<\/p>\n\n\n\n<p class=\"quote-section wp-block-paragraph\">The trend has been to deprecate older methods and emphasise automation options specific to the needs of <a href=\"https:\/\/certera.com\/blog\/what-is-a-s-mime-certificate-and-how-does-it-work\/\">S\/MIME<\/a>. This method is a good example.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">If you want to survive the next wave of security upgrades, start automating now.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-update-2-post-quantum-cryptography-comes-to-s-mime\">Update 2: Post-Quantum Cryptography Comes to S\/MIME<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Review Period Ends: August 20, 2025<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Quantum computing might sound like sci-fi, but it\u2019s not. When a cryptographically relevant quantum computer (CRQC) finally arrives, RSA and ECC, the algorithms behind most encryption today, will be breakable. That\u2019s where Post-Quantum Cryptography (PQC) comes in.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Ballot SMC013 introduces two <a href=\"https:\/\/certera.com\/blog\/nist-advances-14-algorithms-to-round-2-of-the-pqc-standardization-process\/\">NIST-approved PQC algorithms<\/a> into the S\/MIME Baseline Requirements for testing purposes:<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>ML-DSA<\/strong> \u2014 A digital signature algorithm based on CRYSTALS-DILITHIUM.<\/li>\n\n\n\n<li><strong>ML-KEM<\/strong> \u2014 A key encapsulation mechanism designed for secure key exchange, even against quantum attacks.<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">These certificates won\u2019t be generally available yet. They\u2019re for CAs and clients to experiment with \u201csingle-key\u201d PQC (no fallback to pre-quantum algorithms).<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Why start now? Because switching the world\u2019s encryption to quantum-safe standards isn\u2019t going to happen overnight. It\u2019ll take years, and testing is the first step.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-update-3-mandatory-name-attributes-in-s-mime-certificates\">Update 3: Mandatory Name Attributes in S\/MIME Certificates<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Compliance Deadline: July 16, 2025<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">This is the change that will catch unprepared organisations off guard. From this date forward, Sponsor-validated S\/MIME certificates issued by public CAs must include:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Given Name (G={{GivenName}})<\/strong><\/li>\n\n\n\n<li><strong>Surname (SN={{Surname}})<\/strong><\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">If these are missing, your certificate request will be rejected. The purpose is simple: to strengthen identity verification and make secure email more trustworthy. Without this, recipients might have no idea who\u2019s sending that encrypted or signed email. With it, impersonation and fraud become much harder.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Also Read:<\/strong> <a href=\"https:\/\/certera.com\/blog\/new-s-mime-baseline-requirements-september-2023\/\">New S\/Mime Baseline Requirements \u2013 September 2023<\/a><\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-who-s-impacted\">Who\u2019s Impacted?<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">If you use public CAs for <a href=\"https:\/\/certera.com\/smime-certificates\">S\/MIME Certificates<\/a>, <strong>you\u2019re affected<\/strong>. This includes organisations issuing certificates through platforms like Microsoft Intune, ManageEngine Endpoint Central, VMware Workspace ONE, Jamf, Cisco Meraki, Ivanti, Scalefusion, BlackBerry UEM, or any other Unified Endpoint Management (UEM) or Mobile Device Management (MDM) solution. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>You\u2019re not impacted<\/strong> if you use only <a href=\"https:\/\/certera.com\/solutions\/private-ca\">private\/internal CAs<\/a> or don\u2019t use S\/MIME for email security. However, no platform will automatically update your profiles. You must handle the updates manually.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-what-you-need-to-do-now-action-plan\">What You Need to Do Now: Action Plan<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-1-review-certificate-profiles\">1. Review Certificate Profiles<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Check your SCEP or similar profiles used for S\/MIME.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-2-add-the-required-name-fields\">2. Add the Required Name Fields<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Update the Subject Name format to include:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>G={{GivenName}}<\/strong><\/li>\n\n\n\n<li><strong>SN={{Surname}}<\/strong><\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-3-test-before-full-rollout\">3. Test Before Full Rollout<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Initially, assign the updated profile to a small group the updated profile. Verify the issuance and email capabilities.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-4-plan-for-reissuance-costs\">4. Plan for Reissuance Costs<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">The reissuance of all users can be caused by editing the profiles. Make sure to liaise with your CA so as to avoid unwanted charges.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-5-communicate-with-your-ca-provider\">5. Communicate with Your CA Provider<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Make sure that they are prepared to be automated and to have their name attributes changed.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-6-monitor-for-further-updates\">6. Monitor for Further Updates<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">PQC and other ballot changes will keep coming. don\u2019t get blindsided.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-benefits-of-acting-early\">Benefits of Acting Early<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">If you treat this as just another compliance box to tick, you are wrong and you should think again.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>By acting early, you:<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Build Trust<\/strong> \u2014 Clear name identification reduces impersonation risk.<\/li>\n\n\n\n<li><strong>Improve Security<\/strong> \u2014 Standardised attributes make fraudulent certificates harder to obtain.<\/li>\n\n\n\n<li><strong>Simplify Troubleshooting<\/strong> \u2014 Uniform formats make it easier for IT teams to debug issues.<\/li>\n\n\n\n<li><strong>Prepare for the Quantum Shift<\/strong> \u2014 Automation now means faster adoption of PQC later.<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">When a deadline like July 16, 2025, hits, the scramble will be real. The companies that have already updated their profiles will be sipping coffee while the rest are drowning in urgent support tickets.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-here-is-how-it-affects-you-after-the-deadline-the-certificate-chaos\">Here is how it affects you after the deadline: The \u201cCertificate Chaos\u201d<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Your CEO tries to send an encrypted email to a client. The client\u2019s email client rejects its certificate as invalid. Your helpdesk is flooded with calls. Your IT team scrambles to fix profiles, reissue certificates, and coordinate with the CA.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">All because the Subject Name didn\u2019t include two attributes you could\u2019ve added in 10 minutes weeks ago.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Now picture the opposite. If you updated in June, tested in a sandbox, and rolled out changes without disruption. July 17 comes and goes, and your secure email runs like clockwork.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-how-this-fits-into-the-bigger-cybersecurity-picture\">How This Fits Into the Bigger Cybersecurity Picture?<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">These changes aren\u2019t happening in isolation. They\u2019re part of a broader trend:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Automation everywhere<\/strong> \u2014 TLS, S\/MIME, code signing, you name it.<\/li>\n\n\n\n<li><strong>Quantum preparedness<\/strong> \u2014 Moving the global infrastructure toward PQC.<\/li>\n\n\n\n<li><strong>Tighter identity standards<\/strong> \u2014 <a href=\"https:\/\/certera.com\/blog\/what-is-zero-trust-security-understand-security-mode-benefits-examples\/\">Zero trust principles<\/a> applied to certificates.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-don-t-just-comply-leverage-the-change\">Don\u2019t Just Comply, Leverage the Change<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Yes, this is about compliance. But it\u2019s also an opportunity. <strong>If you implement ACME automation now, you can:<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Reduce manual admin work.<\/li>\n\n\n\n<li>Speed up onboarding for new users.<\/li>\n\n\n\n<li>Rotate keys faster when needed.<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>If you start experimenting with PQC now, you can:<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Position your org as a leader in security innovation.<\/li>\n\n\n\n<li>Avoid rushed, risky migrations later.<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>And by updating your certificate profiles ahead of the deadline, you:<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Avoid outages.<\/li>\n\n\n\n<li>Maintain client trust.<\/li>\n\n\n\n<li>Keep your IT team sane.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-conclusion\">Conclusion<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">2025 isn\u2019t just another update for email security. It\u2019s a full system upgrade for how trust, automation, and encryption work. The winners will be the organisations that move now, not the ones scrambling on July 16. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Update your profiles, embrace ACME, and start testing PQC. Do it early, do it right, and when the rest of the world is firefighting, you\u2019ll be moving on to your next big project.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-faqs\">FAQs<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-what-exactly-is-happening-to-email-security-in-2025\">What exactly is happening to Email Security in 2025?<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Three big shifts are coming:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Automation with ACME for S\/MIME<\/strong> \u2013 No more manual mailbox validation; issuance becomes faster and scalable.<\/li>\n\n\n\n<li><strong>Post-Quantum Cryptography (PQC) support<\/strong> \u2013 New quantum-resistant algorithms are being introduced for testing.<\/li>\n\n\n\n<li><strong>Mandatory name attributes in certificates<\/strong> \u2013 Given Name and Surname must be in every publicly issued S\/MIME certificate.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-who-s-affected-by-these-changes\">Who\u2019s affected by these Changes?<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Any organisation using public CAs for S\/MIME certificates.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-what-s-the-deal-with-mandatory-name-attributes\">What\u2019s the deal with mandatory name attributes?<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">From July 16, 2025, public S\/MIME certs must include a Given Name (G) and Surname (SN). Without these, issuance will fail.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-what-happens-if-we-ignore-these-changes\">What happens if we ignore these changes?<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Worst-case scenario:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Certificates fail.<\/li>\n\n\n\n<li>Emails bounce or get flagged as untrusted.<\/li>\n\n\n\n<li>Your CEO can\u2019t send an encrypted message to a client.<\/li>\n\n\n\n<li>Your helpdesk is buried in tickets.<\/li>\n\n\n\n<li>You\u2019re paying emergency reissuance fees.<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>If you\u2019ve been treating email security as a \u201cset it and forget it\u201d job, 2025 is your wake-up call. The rules are changing. The deadlines are real. And the way organizations issue and manage S\/MIME certificates will never be the same. In the last few months, the CA\/Browser Forum\u2019s S\/MIME Certificate Working Group (SMCWG) pushed<span class=\"morelink d-block mt-3\"><a href=\"https:\/\/certera.com\/blog\/latest-s-mime-baseline-requirements-2025-email-security-is-changing-forever\/\">Read More<\/a><\/span><\/p>\n","protected":false},"author":1,"featured_media":3825,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[265],"tags":[744,745],"class_list":["post-3823","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-email-document-security","tag-s-mime-baseline-requirements","tag-s-mime-changes-2025","entry"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Latest S\/MIME Baseline Requirements 2025: Profiles &amp; Compliance Changes<\/title>\n<meta name=\"description\" content=\"CA\/B recently announced significant update to the S\/MIME Baseline Requirements. Know how these 3 new email signing changes affect you.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/certera.com\/blog\/latest-s-mime-baseline-requirements-2025-email-security-is-changing-forever\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Latest S\/MIME Baseline Requirements 2025: Profiles &amp; Compliance Changes\" \/>\n<meta property=\"og:description\" content=\"CA\/B recently announced significant update to the S\/MIME Baseline Requirements. Know how these 3 new email signing changes affect you.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/certera.com\/blog\/latest-s-mime-baseline-requirements-2025-email-security-is-changing-forever\/\" \/>\n<meta property=\"og:site_name\" content=\"EncryptedFence by Certera - Web &amp; Cyber Security Blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/certeraLLC\/\" \/>\n<meta property=\"article:published_time\" content=\"2025-08-14T07:26:05+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-08-14T07:27:34+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/certera.com\/blog\/wp-content\/uploads\/2025\/08\/latest-smime-email-signing-changes.webp\" \/>\n\t<meta property=\"og:image:width\" content=\"960\" \/>\n\t<meta property=\"og:image:height\" content=\"620\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Janki Mehta\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@certera_llc\" \/>\n<meta name=\"twitter:site\" content=\"@certera_llc\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Janki Mehta\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"8 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/latest-s-mime-baseline-requirements-2025-email-security-is-changing-forever\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/latest-s-mime-baseline-requirements-2025-email-security-is-changing-forever\\\/\"},\"author\":{\"name\":\"Janki Mehta\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#\\\/schema\\\/person\\\/e5a476aa90d9e02260ebfe4b0bf046b7\"},\"headline\":\"Latest S\\\/MIME Baseline Requirements 2025: Email Security is Changing Forever\",\"datePublished\":\"2025-08-14T07:26:05+00:00\",\"dateModified\":\"2025-08-14T07:27:34+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/latest-s-mime-baseline-requirements-2025-email-security-is-changing-forever\\\/\"},\"wordCount\":1668,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/latest-s-mime-baseline-requirements-2025-email-security-is-changing-forever\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/certera.com\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/08\\\/latest-smime-email-signing-changes.webp\",\"keywords\":[\"S\\\/MIME Baseline Requirements\",\"S\\\/MIME Changes 2025\"],\"articleSection\":[\"Email &amp; Document Security\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/certera.com\\\/blog\\\/latest-s-mime-baseline-requirements-2025-email-security-is-changing-forever\\\/#respond\"]}],\"copyrightYear\":\"2025\",\"copyrightHolder\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#organization\"}},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/latest-s-mime-baseline-requirements-2025-email-security-is-changing-forever\\\/\",\"url\":\"https:\\\/\\\/certera.com\\\/blog\\\/latest-s-mime-baseline-requirements-2025-email-security-is-changing-forever\\\/\",\"name\":\"Latest S\\\/MIME Baseline Requirements 2025: Profiles & Compliance Changes\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/latest-s-mime-baseline-requirements-2025-email-security-is-changing-forever\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/latest-s-mime-baseline-requirements-2025-email-security-is-changing-forever\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/certera.com\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/08\\\/latest-smime-email-signing-changes.webp\",\"datePublished\":\"2025-08-14T07:26:05+00:00\",\"dateModified\":\"2025-08-14T07:27:34+00:00\",\"description\":\"CA\\\/B recently announced significant update to the S\\\/MIME Baseline Requirements. Know how these 3 new email signing changes affect you.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/latest-s-mime-baseline-requirements-2025-email-security-is-changing-forever\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/certera.com\\\/blog\\\/latest-s-mime-baseline-requirements-2025-email-security-is-changing-forever\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/latest-s-mime-baseline-requirements-2025-email-security-is-changing-forever\\\/#primaryimage\",\"url\":\"https:\\\/\\\/certera.com\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/08\\\/latest-smime-email-signing-changes.webp\",\"contentUrl\":\"https:\\\/\\\/certera.com\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/08\\\/latest-smime-email-signing-changes.webp\",\"width\":960,\"height\":620,\"caption\":\"New Industry Requirements for S\\\/MIME\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/latest-s-mime-baseline-requirements-2025-email-security-is-changing-forever\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/certera.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Latest S\\\/MIME Baseline Requirements 2025: Email Security is Changing Forever\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/certera.com\\\/blog\\\/\",\"name\":\"EncryptedFence by Certera - Web & Cyber Security Blog\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#organization\"},\"alternateName\":\"Certera's EncryptedFence Blog\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/certera.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#organization\",\"name\":\"Certera\",\"url\":\"https:\\\/\\\/certera.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/certera.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/08\\\/logo-encryptedfence.svg\",\"contentUrl\":\"https:\\\/\\\/certera.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/08\\\/logo-encryptedfence.svg\",\"caption\":\"Certera\"},\"image\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/certeraLLC\\\/\",\"https:\\\/\\\/x.com\\\/certera_llc\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/certera-llc\\\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#\\\/schema\\\/person\\\/e5a476aa90d9e02260ebfe4b0bf046b7\",\"name\":\"Janki Mehta\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/1fba817ef81065f1393461fc3a0d85c40f2cc826919819ea4df4b12d76566e62?s=96&d=https%3A%2F%2Fcertera.com%2Fblog%2Fwp-content%2Fuploads%2F2023%2F02%2Fhttps-vs-sftp-jpg.webp&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/1fba817ef81065f1393461fc3a0d85c40f2cc826919819ea4df4b12d76566e62?s=96&d=https%3A%2F%2Fcertera.com%2Fblog%2Fwp-content%2Fuploads%2F2023%2F02%2Fhttps-vs-sftp-jpg.webp&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/1fba817ef81065f1393461fc3a0d85c40f2cc826919819ea4df4b12d76566e62?s=96&d=https%3A%2F%2Fcertera.com%2Fblog%2Fwp-content%2Fuploads%2F2023%2F02%2Fhttps-vs-sftp-jpg.webp&r=g\",\"caption\":\"Janki Mehta\"},\"description\":\"Janki Mehta is a passionate Cyber-Security Enthusiast who keenly monitors the latest developments in the Web\\\/Cyber Security industry. She puts her knowledge into practice and helps web users by arming them with the necessary security measures to stay safe in the digital world.\",\"sameAs\":[\"https:\\\/\\\/certerassl.com\\\/\"],\"url\":\"https:\\\/\\\/certera.com\\\/blog\\\/author\\\/certerabguser\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Latest S\/MIME Baseline Requirements 2025: Profiles & Compliance Changes","description":"CA\/B recently announced significant update to the S\/MIME Baseline Requirements. Know how these 3 new email signing changes affect you.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/certera.com\/blog\/latest-s-mime-baseline-requirements-2025-email-security-is-changing-forever\/","og_locale":"en_US","og_type":"article","og_title":"Latest S\/MIME Baseline Requirements 2025: Profiles & Compliance Changes","og_description":"CA\/B recently announced significant update to the S\/MIME Baseline Requirements. Know how these 3 new email signing changes affect you.","og_url":"https:\/\/certera.com\/blog\/latest-s-mime-baseline-requirements-2025-email-security-is-changing-forever\/","og_site_name":"EncryptedFence by Certera - Web &amp; Cyber Security Blog","article_publisher":"https:\/\/www.facebook.com\/certeraLLC\/","article_published_time":"2025-08-14T07:26:05+00:00","article_modified_time":"2025-08-14T07:27:34+00:00","og_image":[{"width":960,"height":620,"url":"https:\/\/certera.com\/blog\/wp-content\/uploads\/2025\/08\/latest-smime-email-signing-changes.webp","type":"image\/jpeg"}],"author":"Janki Mehta","twitter_card":"summary_large_image","twitter_creator":"@certera_llc","twitter_site":"@certera_llc","twitter_misc":{"Written by":"Janki Mehta","Est. reading time":"8 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/certera.com\/blog\/latest-s-mime-baseline-requirements-2025-email-security-is-changing-forever\/#article","isPartOf":{"@id":"https:\/\/certera.com\/blog\/latest-s-mime-baseline-requirements-2025-email-security-is-changing-forever\/"},"author":{"name":"Janki Mehta","@id":"https:\/\/certera.com\/blog\/#\/schema\/person\/e5a476aa90d9e02260ebfe4b0bf046b7"},"headline":"Latest S\/MIME Baseline Requirements 2025: Email Security is Changing Forever","datePublished":"2025-08-14T07:26:05+00:00","dateModified":"2025-08-14T07:27:34+00:00","mainEntityOfPage":{"@id":"https:\/\/certera.com\/blog\/latest-s-mime-baseline-requirements-2025-email-security-is-changing-forever\/"},"wordCount":1668,"commentCount":0,"publisher":{"@id":"https:\/\/certera.com\/blog\/#organization"},"image":{"@id":"https:\/\/certera.com\/blog\/latest-s-mime-baseline-requirements-2025-email-security-is-changing-forever\/#primaryimage"},"thumbnailUrl":"https:\/\/certera.com\/blog\/wp-content\/uploads\/2025\/08\/latest-smime-email-signing-changes.webp","keywords":["S\/MIME Baseline Requirements","S\/MIME Changes 2025"],"articleSection":["Email &amp; Document Security"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/certera.com\/blog\/latest-s-mime-baseline-requirements-2025-email-security-is-changing-forever\/#respond"]}],"copyrightYear":"2025","copyrightHolder":{"@id":"https:\/\/certera.com\/blog\/#organization"}},{"@type":"WebPage","@id":"https:\/\/certera.com\/blog\/latest-s-mime-baseline-requirements-2025-email-security-is-changing-forever\/","url":"https:\/\/certera.com\/blog\/latest-s-mime-baseline-requirements-2025-email-security-is-changing-forever\/","name":"Latest S\/MIME Baseline Requirements 2025: Profiles & Compliance Changes","isPartOf":{"@id":"https:\/\/certera.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/certera.com\/blog\/latest-s-mime-baseline-requirements-2025-email-security-is-changing-forever\/#primaryimage"},"image":{"@id":"https:\/\/certera.com\/blog\/latest-s-mime-baseline-requirements-2025-email-security-is-changing-forever\/#primaryimage"},"thumbnailUrl":"https:\/\/certera.com\/blog\/wp-content\/uploads\/2025\/08\/latest-smime-email-signing-changes.webp","datePublished":"2025-08-14T07:26:05+00:00","dateModified":"2025-08-14T07:27:34+00:00","description":"CA\/B recently announced significant update to the S\/MIME Baseline Requirements. Know how these 3 new email signing changes affect you.","breadcrumb":{"@id":"https:\/\/certera.com\/blog\/latest-s-mime-baseline-requirements-2025-email-security-is-changing-forever\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/certera.com\/blog\/latest-s-mime-baseline-requirements-2025-email-security-is-changing-forever\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/certera.com\/blog\/latest-s-mime-baseline-requirements-2025-email-security-is-changing-forever\/#primaryimage","url":"https:\/\/certera.com\/blog\/wp-content\/uploads\/2025\/08\/latest-smime-email-signing-changes.webp","contentUrl":"https:\/\/certera.com\/blog\/wp-content\/uploads\/2025\/08\/latest-smime-email-signing-changes.webp","width":960,"height":620,"caption":"New Industry Requirements for S\/MIME"},{"@type":"BreadcrumbList","@id":"https:\/\/certera.com\/blog\/latest-s-mime-baseline-requirements-2025-email-security-is-changing-forever\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/certera.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Latest S\/MIME Baseline Requirements 2025: Email Security is Changing Forever"}]},{"@type":"WebSite","@id":"https:\/\/certera.com\/blog\/#website","url":"https:\/\/certera.com\/blog\/","name":"EncryptedFence by Certera - Web & Cyber Security Blog","description":"","publisher":{"@id":"https:\/\/certera.com\/blog\/#organization"},"alternateName":"Certera's EncryptedFence Blog","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/certera.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/certera.com\/blog\/#organization","name":"Certera","url":"https:\/\/certera.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/certera.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/certera.com\/blog\/wp-content\/uploads\/2023\/08\/logo-encryptedfence.svg","contentUrl":"https:\/\/certera.com\/blog\/wp-content\/uploads\/2023\/08\/logo-encryptedfence.svg","caption":"Certera"},"image":{"@id":"https:\/\/certera.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/certeraLLC\/","https:\/\/x.com\/certera_llc","https:\/\/www.linkedin.com\/company\/certera-llc\/"]},{"@type":"Person","@id":"https:\/\/certera.com\/blog\/#\/schema\/person\/e5a476aa90d9e02260ebfe4b0bf046b7","name":"Janki Mehta","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/1fba817ef81065f1393461fc3a0d85c40f2cc826919819ea4df4b12d76566e62?s=96&d=https%3A%2F%2Fcertera.com%2Fblog%2Fwp-content%2Fuploads%2F2023%2F02%2Fhttps-vs-sftp-jpg.webp&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/1fba817ef81065f1393461fc3a0d85c40f2cc826919819ea4df4b12d76566e62?s=96&d=https%3A%2F%2Fcertera.com%2Fblog%2Fwp-content%2Fuploads%2F2023%2F02%2Fhttps-vs-sftp-jpg.webp&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/1fba817ef81065f1393461fc3a0d85c40f2cc826919819ea4df4b12d76566e62?s=96&d=https%3A%2F%2Fcertera.com%2Fblog%2Fwp-content%2Fuploads%2F2023%2F02%2Fhttps-vs-sftp-jpg.webp&r=g","caption":"Janki Mehta"},"description":"Janki Mehta is a passionate Cyber-Security Enthusiast who keenly monitors the latest developments in the Web\/Cyber Security industry. She puts her knowledge into practice and helps web users by arming them with the necessary security measures to stay safe in the digital world.","sameAs":["https:\/\/certerassl.com\/"],"url":"https:\/\/certera.com\/blog\/author\/certerabguser\/"}]}},"_links":{"self":[{"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/posts\/3823","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/comments?post=3823"}],"version-history":[{"count":3,"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/posts\/3823\/revisions"}],"predecessor-version":[{"id":3827,"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/posts\/3823\/revisions\/3827"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/media\/3825"}],"wp:attachment":[{"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/media?parent=3823"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/categories?post=3823"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/tags?post=3823"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}