The qualified preservation service for qualified electronic signatures could be implemented according to the:
- The preservation over long periods of time, using digital signature techniques, of the ability to validate a digital signature, of the ability to maintain its validity status and of the ability to get proof of the existence of the associated signed data as they were at the time of the submission to the preservation service even if later the signing key becomes compromised, the certificate expires, or cryptographic attacks become feasible on the signature algorithm or the hash algorithm used in the submitted signature.
- The provision of proof of the existence of digital objects, whether they are signed or not, using digital signature techniques (digital signatures, time-stamp tokens, evidence records, etc.).
Three preservation storage models for the preservation service are distinguished within the standards used to define this service:
- Preservation services with storage. In this case, the data to be preserved is stored by the preservation service, and the evidence and the preserved data are delivered upon request by the preservation service to the preservation client.
- Preservation services with temporary storage. In this case, the data to be preserved is stored on the client side. The preservation service keeps the data or a hash of the data to be held only temporarily until the evidence is produced. Evidences are produced asynchronously. Once they are produced, the evidence is stored for some period to allow the client to retrieve them.
- Preservation services without storage. In this case, the data to be preserved is stored on the client side. Evidence is produced synchronously and is included in the response to the client. The preservation service only keeps traces of its actions to be able to provide records of its activities.
Depending on the preservation storage model, the service will implement different processes, and the assessment scope may vary widely.
Español