Overview of Signature Levels
Digital signatures under the ETSI eIDAS framework are categorized into progressive levels of assurance and longevity. Each level builds on the previous one, adding components necessary for legal evidence, audit trails, and long-term preservation.
Virifi’s Solution Proposal supports all signature levels as required by the CBJ PKI framework and eIDAS standard.
Level B – Basic Signature
What it includes:
Signed data
Certificate used for signing
Signature value
Purpose:
Basic integrity and authenticity check. No time-based validity.
Use Cases:
Short-term approvals, internal workflows, API authentication.
Level B-T – Signature with Trusted Timestamp
What it includes:
Everything in Level B
Timestamp from a Trusted Service Provider (TSP)
Purpose:
Links the signature to a secure, verifiable time to prevent backdating.
Use Cases:
Legal documents, cross-organization exchange.
Level LT – Long-Term Validation
What it includes:
Everything in Level B-T
Validation data (OCSP/CRL responses, cert chain)
Purpose:
Ensures the signature can be validated even after the certificate expires or is revoked.
Use Cases:
Contracts, compliance records, financial transactions.
Level LTA – Long-Term Archival
What it includes:
Everything in Level LT
Additional timestamp(s) applied over time (archive timestamps)
Purpose:
Guarantees the integrity and validity of the signature over decades, even if cryptographic algorithms become obsolete.
Use Cases:
Regulated archival, government filings, judicial evidence.
Support in Virifi’s Solution Proposal
All levels (B through LTA) are:
Fully supported in PAdES, XAdES, JAdES, and CAdES formats
Backed by the CBJ TSA (Time Stamping Authority)
Managed automatically by the validation engine and signature creation APIs