Skip to main content

LTV (Long Term Validation) have a long expiration date, but it may be NOT forever, so I think we need to take appropriate action after the life-time is exceeded.

The specification of the downloaded PDF seems to be PAdES-LTV.

In PAdES-LTV, I understand that the expiration date of the entire PDF is the expiration date of the last added document timestamp.

When the certificate of document time stamp attached to the downloaded PDF expire?

If it's long enough, I don't have to do anything, so I asked how long it is.

I looked at page 9 of the PAdES-LTV specification (below link) and understood and asked the question as above.

https://www.etsi.org/deliver/etsi_ts/102700_102799/10277804/01.01.01_60/ts_10277804v010101p.pdf

Hi,

Thank you for reaching out here in the DocuSign Community. 

According to our existing documentation, if you are using our Advanced Electronic Signatures your certificate's validity will be kept for years or even decades.

In the case that you are using our regular electronic signatures, there might be a need of re-downloading the completed document if you encounter any error referencing your signature's validity.

For more details on this topic, please check the guide provided below:

https://support.docusign.com/s/articles/What-is-Long-Term-Validation-LTV?language=en_US&rsc_301

As always, please don't hesitate in letting me know if I can help with anything else in the meantime and I will lend a hand as soon as possible. 

Please click "Select as Best" below if you found the answer to be a valid solution to your issue! 

Best regards, 

Alejandro R. 

Community Moderator. 

Hi,

Thanks for your quick reply.

You write as "certificate's validity will be kept for years or even decades."

I would like to know exactly how many years it is.

For our use, few years is not enough.

There is no problem for 20 years.

Exactly, how long the ​certificate's validity will be kept?

Best Regards,

 

Hi,

Thank you for following up.

As long as you are using our Advanced Electronic Signatures, your completed PDF will hold the certificate that proves its validity without any need to re-download the document.

Taking this into consideration, there is not a default expiration date set by DocuSign for this type of certificates.

Best regards, 

Alejandro R. 

Community Moderator. 

Hi,

Thanks for your reply. 

The PDF specification signed with eSignature seems to be PAdES (PDF Advanced Electronic Signature Profiles).

Page.9 of PAdES-LTV specification (below link) says

“The life-time of the protection can be further extended beyond the life-of the last document Time-stamp applied by adding further DSS information to validate the previous last document Time-stamp along with a new document Time-stamp.”

https://www.etsi.org/deliver/etsi_ts/102700_102799/10277804/01.01.01_60/ts_10277804v010101p.pdf

Conversely, it seems that the validity period will expire if no extension procedure are taken.

Nevertheless, is it correct that "there is not a default expiration date set by DocuSign for this type of certificates" ?

Or does it mean, "If we do the extension procedure, there is no expiration date" ?

Best Regards,

Hi,

I hope that you are enjoying your day so far!

All of our envelopes are configured to support PAdES, but only envelopes sent using our Advanced Electronic Signature modality will provide you with a certificate that will not require you to re-download the completed document in order to extend its validity.

Since DocuSign is not always the envelope's certificate authority when using AES, DocuSign does not configure any specific expiration date for these envelopes.

The necessity of extending your certificate validity in this context would be specific to your envelope's certificate authority.

For more details on how to work with AES envelopes, please check the guide provided below:

https://www.docusign.com/blog/signing-around-world-digital-signatures

Please feel free to let us know if you have any follow-up questions and we will address them as soon as possible. 

Best regards, 

Alejandro R. 

Community Moderator.  

Hi,

Thanks much.

I understand as follow:

The expiration date depend on each certificate authority.

When I extend certificate validity, the expiration date depend on MY envelope's certificate authority.

(Are these correct?)

Right after download PDF, envelope's certificate authority is the DocuSign, isn't it?

(If I don't extend it,) when is the expiration date of right after downloaded PDF's certificate?

In other words, when should I do the extension procedure of PAdES-LTV?

(This is what I want to know.)

Best Regards,

 

Hi,

In the AES modality, DocuSign is usually not your certificate authority.

If you are currently using our basic electronic signatures you will be required to re-download the document once the certificate expires.

It is also important to note that we do not offer an extension process for our basic electronic signature certificate.

Best regards, 

Alejandro R. 

Community Moderator.  

Specification of the PDF, downloaded from DocuSign, is AES(PAdES), isn't it?

In the sense of AES specifications, it was DocuSign that signed the PDF.

Signature Time-stamp and Document Time-stamp of LTV were applied by DocuSign.

Their Certificate Authority is Entrust.net, isn't it?

When the expiration date of "Document Time-stamp" of LTV of downloaded PDF?

This is not a question about legal interpretation or treatment.

This is only inquires about the technical matters of the downloaded PDF in the term of PAdES-LTV specification.

Hi,

No, not all DocuSign envelopes are AES enabled since within DocuSign AES is a module purchased separately, whereas all DocuSign envelopes are compatible with PAdES no matter whether AES is enabled on the account or not.

For more details on this topic, please refer to the guide below:

https://www.docusign.com/blog/signing-around-world-digital-signatures

Best regards, 

Alejandro R. 

Community Moderator.  

Hi,

Thanks so much.

I have confused PAdES-LTV with AES.

About AES in my country, I will ask a consultant in my country.

Here, I'd like to ask only the technical matter of PAdES-LTV.

In my environment, the PDF (downloaded from eSignature) is signed by DocuSign (in term of PAdES-LTV).

(The Certificate Authority is Entrust.net, isn't it? )

At the present moment, when the expiration date of "Document Time-stamp" in term of PAdES-LTV of downloaded PDF?

Best Regards,

 

Hi,

In our regular Electronic Signature modality, DocuSign is the one signing the certificate, which is issued by entrust.

When it comes to the "date of the last added document timestamp", this makes reference to the last change performed to the completed documents, whether it is a new document being added or a change to a document in the PDF.

As long as the PDF in question has not been tampered with the certificate will not expire, unless it was completed/created prior to the date in which DocuSign enabled PAdES-LTV, in which case the document must be re-downloaded for it to come with the update to the certificate.

Best regards, 

Alejandro R. 

Community Moderator.  

Hi Alejandro,

I'd like to confirm what the statement "In this case, you need to re-download the document to accompany the certificate renewal" mean.

Is it means as follow? :

PDF, completed/created prior to the date in which DocuSign enabled PAdES-LTV, must be re-downloaded for it to come with the update to the certificate.

Or, is it means as follow? : 

The PDF will not expire, by re-downloading the document.

Best Regards,

 

Hi,

The first would be accurate, according to our documentation.

Any document created prior to the date on which we enabled PAdES-LTV must be re-downloaded for PAdES-LTV to come into effect in the PDF

Best regards, 

Alejandro R. 

Community Moderator.  

Hi,

Thanks so much.

I understood about the expiration of certificate.

Best Regards.

 

Reply


Code of Conduct