Digital trust services are a set of solutions that provide security and exchange of information and documents in electronic form. They include, among others. qualified electronic signatures, qualified electronic seals and qualified time stamps. According to the law, these tools guarantee documents integrity and authenticity, meaning that the content of the document has not been altered and the identity of the signers has been verified. Thanks to the eIDAS regulation, an electronic signature has the legal force equivalent to a handwritten signature, which allows the use of electronic documents on a par with paper documents in all EU countries.
Examples of trust services include issuance of qualified signature certificates, e-signature submission and verification services, time stamping services, or qualified electronic delivery. The increasing use of these services in business and government is due to the time and money savings afforded by digital documents. An electronic document bearing a qualified signature or e-signature can replace a paper document in many procedures, as long as its reliability over time is maintained. The key challenge then becomes the long-term maintenance of the validity of such signatures, especially in the context of archiving electronic documents.
A qualified electronic signature is based on a qualified certificate issued by a certified trust service provider for a specified period of time - usually 1 year, 2 years or 3 years. During this period, the certificate is valid, and any document signed during this period is considered to bear a valid signature. Verification systems can easily confirm the validity of the signature only during the validity of the certificate. Once the certificate expires, the situation becomes more complicated - the the document remains legally signed, because the signature was valid at the time of submission, but proving this fact years later may be difficult, if we do not take care of additional safeguards.
In practice, this means that if we electronically sign a contract and then the signature certificate expires, then years later, verification tools may indicate the signature as "invalid" (e.g., due to an invalid certificate or lack of up-to-date revocation lists). Such a situation happened to Mr. John, who signed an electronic contract with a valid signature and kept the document in the archive, but forgot to renew the certificate. When a year later there was a court dispute with the contractor, it turned out to be difficult to prove in court that the contract was signed at a time when Jan's certificate was valid. In other words, the failure to prepare the document for long-term storage undermined its evidentiary power.
This example shows the main challenge: How to ensure the long-term validity of an electronic signature? The solution is to use additional mechanisms to secure electronically signed documents. The most important of these is the qualified time stamp, which unambiguously confirms the date and time of the signature. If Mr. Jan had timestamped the contract, the problem of determining the date of signature would not have occurred at all.
Qualified time stamp is a service that confirms the existence of a document at a specific point in time by attaching a time signature to it from a trusted time source. The timestamp provider uses an independent, synchronized time source, which guarantees the objectivity of that date. By placing a time stamp on a signed file, it is possible to accurately determine the date on which an electronic document was signed, even if the qualified certificate of the signature or seal later expires.
The timestamp "freezes" the status of the document and signature at the time of application. Thanks to this, when it becomes necessary to verify the signature many years later, we can prove that the the signature existed and was valid at the time stamped. This is crucial for legal validity of electronic documents stored for the long term. In practice, a good rule of thumb is to add a time stamp directly during the signing of the document - then we confirm that the document was signed within the validity period of the certificate. If we plan to store e-documents for many years (e.g. 5 years or longer), the use of a timestamp and further maintenance becomes even necessary.
It is worth noting that qualified time stamp in itself is a trust service - is issued by a qualified provider and thus enjoys a presumption of correctness. It forms the basis of the signature maintenance process, which we describe below.
Electronic signature maintenance is nothing more than the extended use of timestamps in the life cycle of a signature, aimed at Maintain the validity and evidentiary power of the signature for a long period of time. In definition it is more advanced timestamping, which allows you to confirm that qualified certificate was valid at the time the e-document was signed. In other words, maintenance provides proof that the signature was made within the validity period of the certificate, even if many years have passed since then. This service is particularly useful for archiving a large number of files stored for a long time - such as in corporate or official archives, where documents must remain valid for 5, 10 or even 50 years.
During the maintenance of the e-signature there is cyclic and automatic addition of time stamps to already signed documents, at strictly defined intervals (e.g., every year). Each subsequent timestamp re-certifies the current state of the signature and certificate, thereby extending the period during which the document can be securely verified. This makes it much easier to maintain electronic archives of documents whose validity cannot be questioned even after years. In practice, maintenance includes not only adding tags, but also verification of the status of certificates (checking that they have not been revoked, for example, using CRLs or OCSP services) and the secure storage of documents in archiving repositories. The combination of these measures ensures that the electronic signature retains its cryptographic and legal reliability throughout the archiving period.
Importantly, professional maintenance often involves the use of the of the most up-to-date cryptographic standards. Each subsequent timestamp is based on currently secure algorithms and keys, which protects the signature from future decryption (security breach) or violation of data integrity. Even if the original signature algorithm were to weaken over time (e.g., methods of breaking it have emerged), subsequent time seals using newer algorithms will secure the document. Thus, electronically signed documents can remain valid for very long periods, even if the original cryptographic mechanisms are no longer secure.
In conclusion, the maintenance of qualified signatures is a good archiving practice, especially for documents of great evidentiary or legal importance to a company or office. As experts point out, regular signature maintenance - such as adding time stamps and using other security mechanisms - is key to avoiding legal problems and ensuring the authenticity of documents for many years to come.
These "other mechanisms" may include:
The long-term validity of electronic signatures is so important that it has been included in international technical standards. European standards (ETSI) define special formats for electronic signatures designed for long-term validation and archiving. Among the most important are the profiles XAdES-A and PAdES-LTV:
It is worth noting that the mentioned profiles (XAdES-A, PAdES-LTV) are officially authorized by eIDAS regulations and supported by the software of trust service providers. In addition to them, there are analogous solutions for other formats, such as. CAdES-A (archival signature profile in CMS/PKCS#7 format) or containers ASiC that link documents to signatures. They all share a common goal: to keep the electronic signature verifiable despite the passage of time and technological changes. The use of the appropriate format (XAdES, PAdES) depends on the type of document - e.g., for PDF, PAdES will be preferred, and for XML or other data, XAdES or CAdES. Nevertheless, each of these standards, in its archived version, is a technical-level signature maintenance tool.
The long-term validity of electronic documents is of great importance wherever these documents serve as legal or accounting evidence. Companies and public institutions are required to keep certain documents (contracts, invoices, personnel files, administrative decisions, etc.) for many years. If these documents are in electronic form, we need to be sure that in 5, 10 or 20 years it will still be possible to verify their signature and recognize them as authentic and integral. Qualified signature maintenance is precisely the mechanism that makes this possible.
Lack of proper maintenance could result in an electronic signature becoming unverifiable after a long period of time the electronic signature becomes unverifiable - e.g., the software would show an error or a warning that the signature is insecure. Such a document would virtually lose its evidentiary power, even though it was fully valid at the time of signing. From a legal and business perspective, this is an unacceptable risk. Regular maintenance of signatures is the key to avoiding such problems. It ensures that, even many years after the signature was made, the electronic document retains the same legal valuethat it had right after signing.
Signature preservation is therefore important to Ensuring legal continuity of digitized documents. It provides assurance that the digital archive of a company or office is as reliable as a traditional paper archive. In addition, it makes it easier to meet audit and regulatory requirements - in the event of an audit, we can demonstrate that electronic documents are properly secured and verifiable. In times of digital transformation, when more and more processes are moving to the online world, digital trust services (including qualified signatures, seals and time stamps) are becoming the foundation of document trust. However, only their proper maintenance and archiving ensures that this trust is not lost over time.
To sum up, the long-term validity of e-documents is not only a matter of convenience, but above all a matter of legal security. The use of qualified signature maintenance ensures that electronic contracts, decisions and other records will remain indisputable evidence in the future. Investment in appropriate archiving mechanisms (timestamps, signature preservation systems) translates into peace of mind and confidencethat the digitization of documents does not jeopardize their validity, but, on the contrary, strengthens it with modern cryptographic technologies.
The process of ensuring the long-term validity of electronic documents can be described in several steps. Below is a typical archiving process with qualified signature maintenance:
The above steps ensure that the archived electronic document does not lose its validity or reliability. Many of the steps (adding tags, checking certificates) are automated and invisible to the end user - they are often performed by dedicated archiving systems offered by trust service providers. For example, a provider may offer a "cloud-based" signature maintenance service, where the user submits his documents to the archive, and the system itself takes care of periodically securing them with time stamps.
It is worth noting that according to this procedure, even many years have passed after signing the document, we can present a complete set of evidence of its authenticity: the original qualified signature, together with a sequence of consecutive time stamps and certificates that prove uninterrupted validity. Such a document will be treated on a par with the original in terms of legal force. As a result, organizations can digitize documentation without fear, knowing that thanks to the preservation of qualified signatures their electronic archives will remain secure and trusted for years to come.
Digital trust services play a key role in ensuring that digital document circulation is trustworthy and sustainable. However, the qualified electronic signature itself is only the beginning - for its legal power stands the test of time, it is necessary to implement a signature maintenance process. The maintenance of a qualified signature, based on timestamps i long-term validation standards (XAdES-A, PAdES-LTV), makes it possible to securely archive electronic documents without fear of losing their validity. This allows companies and offices to reap the full benefits of document digitization, combining the convenience of electronic signatures with the the certainty of their permanence. In an era of increasing numbers of e-documents, such attention to the long-term validity is not only a recommendation of good practice, but actually a necessity for the continuity and security of information in the digital world.
