Hubbry Logo
PAdESPAdESMain
Open search
PAdES
Community hub
PAdES
logo
7 pages, 0 posts
0 subscribers
Be the first to start a discussion here.
Be the first to start a discussion here.
PAdES
PAdES
PAdES
View on Wikipedia
from Wikipedia

PAdES (PDF Advanced Electronic Signatures) is a set of restrictions and extensions to PDF and ISO 32000-1[1] making it suitable for advanced electronic signatures (AdES). This is published by ETSI as EN 319 142.[2]

Description

[edit]

While PDF and ISO 32000-1 provide a framework for digitally signing their documents, PAdES specifies precise profiles making it compliant with ETSI standards for digital signatures (Advanced Electronic Signature - AES and Qualified Electronic Signature - QES). ETSI (European Technical Standards Institute) has the function of issuing technical standards by delegation in the EU eIDAS Regulation (European Union Regulation on electronic identification and trust services for electronic transactions in the internal market). The eIDAS regulation enhances and repeals the Electronic Signatures Directive 1999/93/EC.[3][4] EIDAS is legally binding and in all EU member states since July 2014 and unlike the Directive it replaces, the eIDAS as a Regulation is directly applicable without implementing or interpreting legislation. Any electronic signature recognised under eIDAS (including ‘click accept’) cannot be denied validity and effectiveness by reason of being electronic. If it is a ‘digital signature’ that is, an electronic signature implementing digital certificates in compliance with the advanced or qualified described in eIDAS (and their implementations developed by ETSI from a technology level) it can support PAdES. AES and QES have a higher evidentiary value than simple or ‘standard’ electronic signatures. QES is recognised the same legal value as a handwritten signature.[3]

PAdES standards travel in the same direction and have the same aims as digital signatures (AES and QES). This means they can be easily verified in any PDF reader and as[5]

  • it is uniquely linked to the signatory (in QES to the identity of the signatory);
  • it is capable of identifying the signatory (‘attribution’);
  • only the signatory has control of the data used for the signature creation[citation needed] (in QES[citation needed] control and custody, as a portable token or ID and authentication where a certificate is downloaded for each use from a cloud ID provider);
  • it can be, in PAdES easily, identified if data attached to the signature has been changed after signing.

PAdES has 4 levels of verification for digital certificate, from the most simple and basic (b-b, indicating a signature was executed with a certificate that was valid on a date) to the most complex (b-LTV) allowing electronically signed documents to remain valid for long periods (long term validity) even if underlying cryptographic algorithms or the other certificates expired.

As PAdES recognizes that digitally-signed documents may be used or archived for many years, and may need to be evidenced in court, once signer certificates have expired (after a few months on b-b) they can be enquired by contacting the certification authority. In b-lt or b-LTV (the most complex) certificates remain valid for a very long term. PAdES allows certificates to be verified even after many decades at any time in the future, in spite of technological and other advances. If in the document itself the validar to confirm that the signature was valid is concept known as long-term validation (LTV).[2]

The PAdES standard, ETSI European Standard (EN) 319 142, introduces a number of adaptations and extensions to PDF to satisfy the Directive's requirements. ETSI will feed these European-specific elements back into ISO for inclusion in the next release of the PDF standard, ISO 32000-2.

PAdES in the context of electronic signatures

[edit]

An electronic signature is a paperless way to sign a document using a unique credential associated with a given person that is logically attached to or associated with the document, carrying an authority equivalent to a handwritten signature. It can be used to authenticate the signer as well as to detect any changes in the document made after it was signed. Electronic signatures are recognized as a catalyst to electronic commerce, notably Internet transactions. Availability of electronic signature techniques has already been a major stimulus to eBusiness and eGovernment. Digital signatures are a secure and legally binding means to implement electronic signatures through three cryptographic algorithms:[5]

  • the key generating algorithm that randomly selects a private key and its corresponding public key
  • the signing algorithm that produces the digital signature from the message and private key
  • the signature verifying algorithm that uses the public key, message and digital signature to confirm the authenticity of the message.

For PDF documents, the signature data is incorporated directly within the signed PDF document, much as an ink signature becomes an integral part of a paper document, allowing the complete self-contained PDF file to be copied, stored and distributed as a simple electronic file. The signature can also have a visual representation as a form field, just as it might on a paper document. A significant advantage of PAdES is that it is being deployed by means of widely available PDF software: it does not require development or customization of specialized software.[2]

PAdES is complementary to two other standards for an implementation of electronic signatures through cryptographically secured digital signatures in compliance to the eIDAS regulation.[4] Like PAdES, they are legally binding in the European Union and suited for applications that do not involve human-readable documents: Cryptographic Message Syntax Advanced Electronic Signatures (CAdES) and XML Advanced Electronic Signatures (XAdES).[6]

[edit]

The EU recognizes three different eIDAS-compliant implementations of advanced electronic signatures through digital signatures: PAdES, XAdES and CAdES.[7]

An electronic signature can carry legal effect and be used as evidence in legal proceedings. A qualified electronic signature shall have the equivalent legal effect of a handwritten signature. If the qualified certificate was issued in one member state it shall be recognized as a qualified electronic signature in all other member states.[8]

PAdES Standard (ETSI EN 319 142)

[edit]

The PAdES ETSI technical specification contains 2 parts:

  • Part 1: Building blocks and PAdES baseline signatures
  • Part 2: Additional PAdES signatures profiles

The PAdES standards can be downloaded from the ETSI download page.

ETSI EN 319 142 replaced[9] previous standards such as ETSI TS 103 172 and ETSI TS 102 778.

See also

[edit]

References

[edit]
[edit]
Revisions and contributorsEdit on WikipediaRead on Wikipedia

PAdES

View on Grokipedia
from Grokipedia
PAdES, or PDF Advanced Electronic Signatures, is a set of technical standards developed by the European Telecommunications Standards Institute (ETSI) that specify the creation and validation of advanced electronic signatures embedded within PDF documents, extending the core PDF format defined in ISO 32000-1 through restrictions and alternative encodings equivalent to those in CAdES (CMS Advanced Electronic Signatures). These standards ensure the authenticity, integrity, and long-term validity of signed PDFs, supporting secure electronic transactions in business and governmental contexts by incorporating (PKI) elements and validation data. Developed under ETSI's Technical Committee for Electronic Signatures and Infrastructures (TC ESI), PAdES aligns closely with the (EU) No 910/2014, which mandates interoperability and legal recognition for qualified electronic signatures across EU member states. Qualified electronic signatures created using PAdES have the equivalent legal effect of a handwritten signature. The standard emphasizes long-term validation to address challenges like certificate expiration or revocation, using components such as the Document Security Store (DSS) for signature attributes and Validation Related Information (VRI) for embedded verification data. PAdES defines baseline profiles with escalating levels of assurance: the B-B (Basic-Basic) level provides core functionality without timestamps; B-T adds a trusted for signing time; B-LT incorporates long-term validation data like information; and B-LTA enables archival validity through document timestamps that protect against future changes. These profiles facilitate interoperability testing via ETSI Plugtests events and support integration with other ETSI standards, including CAdES for general CMS-based signatures and for XML documents, forming a cohesive framework for digital trust services.

Overview

Definition and Scope

PAdES, which stands for PDF Advanced Electronic Signatures, is a set of standards developed by the European Telecommunications Standards Institute (ETSI) for creating and validating advanced electronic signatures embedded within PDF documents. These signatures conform to the requirements outlined in ETSI EN 319 142-1 and ETSI EN 319 142-2, ensuring compatibility with the PDF format as defined in ISO 32000-1. The core purpose of PAdES is to guarantee the long-term validity, integrity, and of electronic signatures in PDF files, thereby fostering trust in electronic transactions for and governmental applications across and beyond. By extending the baseline PDF signature mechanisms in ISO 32000-1 with additional attributes and encoding alternatives—such as those equivalent to CMS Advanced Electronic Signatures (CAdES)—PAdES supports robust verification even after extended periods, protecting against alterations or loss of supporting data. In terms of scope, PAdES is limited to the PDF document format and focuses exclusively on advanced electronic signatures, excluding basic or simple electronic signatures as well as signatures in non-PDF file types. It aligns with the concept of an (AdES), defined under EU Directive 1999/93/EC as an electronic signature uniquely linked to the signatory, capable of identification, created under the signatory's sole control, and detectable of any data changes. Furthermore, PAdES facilitates the creation of Qualified Electronic Signatures (QES) when implemented with qualified certificates and signature creation devices, as required under the Regulation (EU) No 910/2014.

Relation to Electronic Signatures and PDF

PAdES, or PDF Advanced Electronic Signatures, serves as a specialized profile within the broader framework of Advanced Electronic Signatures (AdES), as outlined in the Regulation (EU) No 910/2014, which establishes a of electronic signatures including simple electronic signatures (SES), advanced electronic signatures (AES), and qualified electronic signatures (QES). PAdES aligns with the AES and QES levels by providing standardized constraints that ensure the signature is uniquely linked to the signatory, allows identification of the signer, is created using secure tools under the signer's sole control, and remains under the signer's control during the signing process. This positioning enables PAdES to meet the regulatory requirements for higher-assurance signatures suitable for legal and business transactions across the , while building on the foundational AdES principles to adapt them for PDF-specific use cases. The integration of PAdES with PDF technology leverages the core capabilities defined in ISO 32000-1, the international standard for the Portable Document Format, which specifies mechanisms for embedding digital signatures directly into PDF files via the Signature Dictionary. PAdES extends this by incorporating the from RFC 5652, using DER-encoded SignedData objects to encapsulate the signature, signed attributes, and unsigned attributes in a manner equivalent to CAdES signatures. This CMS-based structure ensures that the embedded signature is self-contained and verifiable, with support for additional elements like signer attributes and certificate chains, all while preserving the PDF's portability and viewer-agnostic rendering. Compared to native PDF signatures under ISO 32000-1, which offer basic cryptographic embedding without mandated validation processes, PAdES introduces rigorous constraints to enhance reliability and compliance. These include requirements for timestamping using RFC 3161-compliant tokens to prove signing time, integration of information such as CRLs or OCSP responses for certificate status checks, and the use of a Document Store (DSS) to archive validation data for long-term verification. Such features promote across diverse PDF software and signing tools, reducing validation failures in cross-border scenarios and ensuring signatures remain valid even after certificate expiration. PAdES distinctly emphasizes the embedding and integrity of electronic signatures within PDF documents, distinguishing it from the format's broader capabilities for , , or multimedia inclusion. By focusing exclusively on signature-related operations—such as creation, validation, and archival—PAdES avoids interference with non-signature PDF functionalities like form filling or page manipulation, thereby maintaining document stability while fulfilling mandates.

Historical Development

Initial Specifications

The PAdES (PDF Advanced Electronic Signature) specifications originated from efforts by the European Telecommunications Standards Institute (ETSI) Technical Committee on Electronic Signatures and Infrastructures (ESI) to address the requirements of the EU Directive 1999/93/EC, which established a framework for electronic signatures to promote trust and interoperability in electronic transactions across member states. Published initially as the ETSI TS 102 778 series between 2009 and 2010, these specifications provided the foundational standards for embedding advanced electronic signatures in PDF documents, ensuring compliance with European legal recognition of qualified electronic signatures while leveraging the widespread adoption of the PDF format. The multi-part structure of ETSI TS 102 778 was designed to offer a comprehensive framework: Part 1 delivers an overview and general guidance on PAdES usage and implementation; Part 2 outlines basic profiles, such as PAdES-BES for electronic with signer authentication and document integrity; Part 3 details enhanced profiles, including PAdES-EPES for signatures bound to explicit policies; Part 4 focuses on long-term validation mechanisms (PAdES-LTV) to maintain signature validity over time; Part 5 addresses profiles for XML content using signatures embedded in PDFs; and Part 6 specifies visual representations of signatures for user-friendly verification. This modular approach allowed for progressive adoption based on specific needs, building directly on PDF signature capabilities defined in ISO 32000-1. Central innovations in these initial specifications involved PDF-specific extensions that adapted CAdES (CMS Advanced Electronic Signatures) principles for PDF environments, enabling the inclusion of trusted timestamps per RFC 3161 and signer attributes such as certificates, revocation status (via OCSP or CRL), signing reasons, and policy identifiers to enhance and cross-border usability. These elements ensured signatures could be validated without relying on real-time access to external authorities, fostering reliable in a pre-eIDAS European context. The standards were primarily driven by the need to support secure transactions and governmental document workflows, where PDF's portability made it ideal for legally binding electronic exchanges.

Updates for eIDAS Compliance

The Regulation () No 910/2014, which entered into force on July 1, 2016, established a harmonized framework for and trust services across the , including requirements for s that must conform to specific technical standards for long-term validity and . This regulation prompted the need for updated PAdES specifications to ensure compliance with advanced and formats, building on prior ETSI work while addressing new mandates for trust service integration. In response, ETSI superseded the earlier ETSI TS 102 778 series—initially published between 2009 and 2010—with the EN 319 142 series in 2016, elevating PAdES from a technical specification to a full European Norm to align directly with eIDAS provisions. In July 2015, ETSI published the precursor ETSI TS 119 142 series, which was withdrawn and replaced by the EN 319 142 series in 2016 as full European Norms. The latest iterations include EN 319 142-1 V1.2.1 (January 2024) for baseline PAdES signatures and EN 319 142-2 V1.2.1 (July 2025) for extended profiles, incorporating refinements for enhanced compatibility with PDF structures and signature validation processes. Key updates in the EN 319 142 series emphasize improved long-term validation capabilities through refined archival mechanisms, deeper integration with trust services for certificate and revocation checking, and stronger alignment with RFC 5126's advanced CMS features to ensure equivalence with CAdES profiles for extended longevity. These changes facilitate more robust handling of timestamps and complete validation data, reducing dependency on external references over time while maintaining compliance with ISO 32000-1 PDF signatures. ETSI maintains the EN 319 142 standards through periodic revisions to counter emerging security threats, such as vulnerabilities from that could undermine current cryptographic algorithms, and to incorporate support for PDF 2.0 as defined in ISO 32000-2, ensuring ongoing adaptability for future-proof electronic signatures.

Standards and Profiles

Baseline Signatures

The ETSI EN 319 142-1 standard specifies the formats for PAdES baseline signatures, which provide the basic features necessary for a wide range of and governmental applications by integrating CMS-based electronic signatures into PDF documents as defined in ISO 32000-1. These profiles, PAdES-BES and PAdES-EPES, incorporate signed and unsigned attributes equivalent to those in CAdES baseline signatures from ETSI EN 319 122-1 to ensure and essential functionality for initial signature verification. The baseline profiles build upon the foundational specifications outlined in the earlier ETSI TS 102 778 series and define four levels: B-B, B-T, B-LT, and B-LTA, with escalating assurance for time-stamping and long-term validation. PAdES-BES, corresponding to the B-B (basic-basic) level and basic profile, mandates the inclusion of the signer's certificate within the SignedData structure to enable verification of the signer's identity. It requires essential signed attributes such as message-digest for content and content-type to identify the signed data as a PDF , while allowing optional unsigned attributes like signer-attributes-v2 for additional signer information, content-time-stamp for signing time evidence, and commitment-type-indication to declare the 's purpose. This profile ensures short-term validity by protecting against immediate alterations but does not incorporate mechanisms for long-term validation, such as status beyond the signature's creation time. The B-T level extends B-B by adding a trusted (signature-time-stamp or content-time-stamp) to prove the signature's existence at a specific point in time. The B-LT level further incorporates revocation data, such as OCSP responses and CRLs, into the Document Security Store (DSS) to verify the status of the signer's certificate and at signing time, enabling long-term validation. The B-LTA level provides archival validity by adding document-time-stamps that cover the entire signed PDF, including prior validation data and timestamps, protecting against future cryptographic obsolescence. PAdES-EPES extends the PAdES-BES profile by requiring the explicit inclusion of the signature-policy-identifier as a signed attribute, which binds the signature to a specific policy through its object identifier (OID). This OID, as structured in ETSI EN 319 122-1 and aligned with CMS Advanced Electronic Signatures formats, uniquely identifies the rules governing the signature's creation and validation, such as community-specific or jurisdictional policies. The attribute includes a hash of the policy document to verify its integrity, enhancing the signature's legal and procedural context without altering the core integrity protections of PAdES-BES. The EPES requirements apply across B-B, B-T, B-LT, and B-LTA levels. To safeguard the underlying PDF against unauthorized changes, all baseline profiles require conformance to the DocMDP transform method in ISO 32000-1, which permits only approved modifications like annotations or form filling, or the UR3 approval signature transform for stricter document approval workflows. These mechanisms embed permissions directly in the PDF's signature dictionary, ensuring that any post-signature alterations invalidate the baseline signature while maintaining compatibility with standard PDF viewers.

Extended and Long-Term Signatures

Extended PAdES signatures, as defined in ETSI EN 319 142-2, build upon baseline profiles to provide additional flexibility for scenarios where strict baseline constraints cannot be met, such as including unsigned attributes before signed ones or supporting external commitments. These extended profiles, including PAdES-E-BES, PAdES-E-EPES, and PAdES-E-LTV, incorporate similar mechanisms for durability, including trusted timestamps and information in the DSS, but with relaxed requirements to ensure verifiability over extended periods. The extended profiles address incremental requirements for long-term validation, such as embedding validation data in the Document Security Store (DSS) to support offline verification without relying on external authorities. Long-term features rely on the inclusion of complete revocation information—OCSP responses confirming certificate validity and CRLs listing revoked certificates—embedded in the DSS. For archive validation, document timestamps per ETSI TS 119 142-3 play a critical role in long-term validation (LTV), where PAdES-DTS profiles apply ETSI.RFC3161-compliant timestamps to the whole document, ensuring its integrity and existence without authenticating the signer. This allows for ongoing augmentation, such as adding new timestamps and updated DSS entries, to maintain validity over decades. Profiles like PAdES-E-LTV combine multiple layers of timestamps—including signature-time-stamps, validation-data timestamps, and archive-time-stamps—to enable post-signature augmentation without invalidating earlier components, as the structure preserves the original signed data while appending new verification elements in the PDF. This approach, aligned with requirements for qualified electronic signatures, facilitates the evolution of the signature container over time, ensuring perpetual verifiability in archival contexts.

Technical Specifications

Signature Creation Process

The creation of a PAdES signature begins with prerequisites centered on cryptographic security and . Signers must utilize certificates issued by a Qualified Trust Service Provider (QTSP) as defined under the Regulation, ensuring the certificate meets requirements for advanced or qualified electronic signatures, including secure key generation and storage. These certificates are typically based on standards and must employ approved algorithms, such as RSA or ECDSA with key lengths of at least 2048 bits for RSA or 256 bits for ECDSA. The core process involves several sequential steps to generate a compliant signature. First, the content of the PDF document is hashed using a secure cryptographic hash function, such as SHA-256 or stronger (e.g., SHA-384 or SHA-512), to produce a digest that represents the document's integrity without embedding the full content in the signature. This hash is then incorporated into a Cryptographic Message Syntax (CMS) SignedData structure per RFC 5652, which encapsulates the signer's private key operation to create the digital signature, including mandatory signed attributes like the message digest, content type (id-data), and a reference to the signer's certificate (e.g., via ESS signing-certificate-v2 attribute). The resulting DER-encoded SignedData object is embedded into the PDF file via a signature dictionary as specified in ISO 32000-1, clause 12.8, under the /Contents key, which may also include optional PDF-specific attributes such as the signer's name (/Name), location (/Location), and signing reason (/Reason) to provide contextual information about the signature act. For profiles requiring a , such as EPES, the CMS structure must include a signature-policy-identifier attribute referencing the applicable policy OID and hash to enforce explicit rules for the signing process. Baseline profiles like , which form the foundation for PAdES, focus on these basic elements without additional policy enforcement. Implementation often leverages specialized PDF libraries integrated with cryptographic providers to handle these operations efficiently. For instance, the library supports PAdES creation through its PdfPKCS7 class for CMS handling and PdfSignatureAppearance for embedding, paired with Java Cryptography Extension (JCE) providers like Bouncy Castle for key operations and hashing. Similarly, enables PAdES-compliant signing via its PDSignature and ExternalSigningSupport classes, allowing external key providers for the signing step while ensuring DER encoding and attribute inclusion. Key constraints ensure the signature's integrity post-creation: the signed PDF must not undergo any modifications that alter the hashed byte range, except for permitted Long-Term Validation (LTV) augmentations such as adding revocation information or timestamps to the Document Security Store (DSS) without invalidating the original signature. Generators must also verify that the signature handler is registered in the PDF's /SigFlags to support proper processing.

Validation and Attributes

Validation of PAdES signatures involves a series of cryptographic and procedural checks to ensure the integrity, authenticity, and validity of the embedded in a PDF document. The process begins with verifying the signature's integrity by computing the hash of the signed content and comparing it to the message digest included in the signed attributes; this confirms that the document has not been altered since signing. Next, the certificate is validated by building the path from the signer's certificate to a trusted root, using certificates embedded in the SignedData structure or referenced in unsigned attributes. Revocation status is then assessed by checking OCSP responses or CRLs for the signer's and authority's certificates, which are typically embedded in the Document Security Store (DSS) for baseline profiles. Finally, any , such as the signature-time-stamp, are validated against a trusted time source to confirm the signing occurred at the claimed time. PAdES signatures incorporate signed and unsigned attributes derived from CMS and CAdES specifications to provide essential metadata. Signed attributes, which are protected by the signer's private key, include the content-type (e.g., application/pdf) to identify the signed data format and the message-digest (e.g., a SHA-256 hash) to enable integrity verification. Additional signed attributes may encompass the signing-certificate, which references the signer's certificate for authenticity checks. Unsigned attributes, not covered by the signature's cryptographic protection, include the signature-time-stamp token for proving the signature's existence at a specific time and complete certificate references (per RFC 5126), which list identifiers for all certificates in the validation chain to facilitate long-term verification without external dependencies. For long-term validation in LT (Long-Term) and LTA (Long-Term with Archive timestamp) profiles, PAdES ensures future-proofing by embedding or referencing all necessary dependencies within the PDF. In the LT profile, certificates, information (e.g., CRLs or OCSP responses), and attribute references are included in the DSS to allow validation without relying on potentially unavailable external sources. The LTA profile extends this by adding a document-time-stamp over the entire DSS content, cryptographically binding all validation material and preventing undetected alterations over extended periods. Error handling in PAdES validation follows ETSI guidelines, categorizing outcomes as VALID, INVALID, or INDETERMINATE to guide verifiers. A is deemed VALID (TOTAL-PASSED) if all cryptographic checks succeed, the certificate chain is trustworthy, and policy constraints are met, confirming full compliance. It is INVALID (TOTAL-FAILED) if fails, the certificate was revoked or expired at signing time, or the format deviates from standards, rendering it unreliable. An INDETERMINATE result occurs when data is insufficient—such as missing proof of existence (POE) or unverifiable —preventing a conclusive assessment, often requiring additional information for resolution.

eIDAS Regulation Compliance

The Regulation, officially Regulation (EU) No 910/2014, provides a harmonized framework for and trust services in the , categorizing electronic signatures into three levels: simple electronic signatures (SES) for basic use cases, advanced electronic signatures (AES) with enhanced security linking the signature to the signer and data, and qualified electronic signatures (QES) offering the highest legal equivalence to handwritten signatures. PAdES, standardized for embedding AES and QES within PDF documents, aligns with by supporting these higher assurance levels through cryptographic mechanisms that ensure document integrity and authenticity in electronic transactions. For qualified electronic signatures (QES) in PAdES, compliance with requires the use of a Qualified Signature Creation Device (QSCD), a certified secure hardware or software component that safeguards the signer's private key and prevents unauthorized access, or equivalent qualified remote signing solutions that maintain equivalent . Furthermore, PAdES QES must rely on qualified certificates issued by a Qualified Trust Service Provider (QTSP), an audited entity authorized under to deliver trust services such as certificate issuance, ensuring verifiable signer identity and compliance with EU-wide standards; AES may use secure certificates but not necessarily qualified ones. The ETSI EN 319 142 series of profiles defines PAdES specifications to fulfill Article 32 requirements for validation, incorporating attributes that provide —preventing the signer from denying their involvement—and clear identifiability of the signer through embedded metadata and certificate validation processes. These profiles establish baseline, extended, and long-term signature levels, embedding timestamps and revocation information to sustain validity against future cryptographic changes. PAdES standards, as updated in ETSI EN 319 142-1 V1.2.1 (January 2024), align with the original Regulation (EU) No 910/2014. Ongoing revisions are anticipated to support eIDAS 2.0 (Regulation (EU) 2024/1183), which entered into force on May 20, 2024, including new validation rules under Article 32a for advanced electronic signatures based on qualified certificates to enhance cross-border , particularly in the European Digital Identity Wallet ecosystem. As of November 2025, eIDAS 2.0 implementation is underway, with implementing acts adopted by November 2024, member state updates by May 2025, and large-scale pilots for EUDI Wallets ongoing ahead of mandatory rollout by 2026.

Admissibility and Recognition

In the , PAdES signatures that qualify as Qualified Electronic Signatures (QES) under the Regulation hold the same legal effect as handwritten signatures, providing full evidentiary weight in judicial proceedings. This equivalence, established by Article 25(2) of Regulation (EU) No 910/2014, ensures that such signatures cannot be denied legal recognition solely on the grounds of their electronic form and are admissible as evidence in courts across all member states for purposes including contracts, regulatory filings, and official administrative documents. PAdES, as defined in ETSI EN 319 142-1, serves as the standardized format for embedding these QES into PDF documents, leveraging qualified certificates and secure signature creation devices to meet requirements for high-assurance electronic authentication. Beyond the , PAdES QES recognition in non-EU jurisdictions often relies on bilateral or multilateral agreements that align with international frameworks such as the UNCITRAL Model Law on Electronic Signatures (2001), which promotes functional equivalence between electronic and handwritten signatures while emphasizing technical reliability. For instance, mutual recognition agreements exist with select third countries, including Ukraine's inclusion in the EU's Trusted Lists for Advanced Electronic Signatures since 2023, allowing PAdES QES to be validated and enforced similarly to domestic signatures. , the ESIGN Act (2000) grants general legal validity to electronic signatures, including those in PDF format like PAdES, provided they demonstrate intent and integrity; however, challenges arise in jurisdictions lacking specific standards for PDF-based signatures, such as certain Asian or African countries where electronic signatures may require additional notarization or face inconsistent court acceptance due to underdeveloped regulatory frameworks. Practical applications highlight PAdES's role in high-stakes EU processes, such as public tenders where platforms like those under the Tenders Electronic Daily (TED) system mandate PAdES QES for bid submissions to ensure tamper-proof authenticity and compliance with directives. Similarly, in notarial acts, PAdES facilitates in countries like , where notaries use it for deeds and wills under national implementations, streamlining cross-border enforceability. To maintain admissibility over extended periods, such as decades-long archival needs in legal or financial contexts, the PAdES Long-Term Archival (LTA) profile is essential, as it embeds validation data (including timestamps and revocation information) to support ongoing verifiability even after certificate expiration, per ETSI specifications. Despite these strengths, PAdES admissibility hinges on rigorous validation at the point of reliance, with courts requiring proof of and signer identity through embedded attributes or external trusted lists. In disputes, forensic tools such as those outlined in ETSI TR 102 923 enable detailed examination of components, including cryptographic hashes and trails, to resolve challenges related to alleged tampering or invalidation over time. Failure to achieve proper long-term validation can undermine evidentiary value, particularly in international cases where differing technical standards complicate cross-jurisdictional enforcement.

Implementation and Applications

Tools and Software Support

Several open-source libraries facilitate the creation and validation of PAdES signatures by providing for embedding digital signatures within PDF documents and handling associated cryptographic operations. The library, an open-source and .NET PDF manipulation tool, supports PAdES signature creation through its high-level , including two-phase signing workflows for preparing documents with signature containers and finalizing them with qualified certificates. It integrates seamlessly with the Bouncy Castle cryptographic library for advanced features like certificate handling and hashing algorithms required for ETSI-compliant signatures. Similarly, , a -based open-source PDF library, enables the creation, signing, and validation of digital signatures in PDFs, with explicit support for PAdES formats including embedding signatures and verifying their integrity using external cryptographic providers like Bouncy Castle. Bouncy Castle itself serves as a foundational FIPS-certified cryptographic for and C#, providing the necessary primitives for PAdES such as CMS/ encoding, timestamping, and long-term validation attributes, often used in conjunction with PDF libraries to ensure compliance with ETSI standards. Commercial tools offer robust, user-friendly support for PAdES, particularly in enterprise environments requiring qualified electronic signatures (QES). provides native PAdES support aligned with PDF 1.7 (introduced in Acrobat 11), in line with ETSI TS 102 778 standards for advanced electronic signatures, including creation, validation, and levels up to B-LTA for long-term archival. DocuSign's eSignature platform incorporates PAdES for PDF documents under regulations, enabling QES through integration with qualified trust service providers (QTSPs) and supporting long-term validation (LTV) formats like PAdES-B-LTV to ensure ongoing verifiability. , as a QTSP, delivers PAdES-compatible platforms for QES, including digital signing services that embed advanced signatures in PDFs with compliance to ETSI EN 319 142 profiles, facilitating secure document workflows across EU member states. Validation of PAdES signatures is supported by ETSI-compliant software and online tools, ensuring adherence to standards for integrity and authenticity checks. The Digital Signature Service (DSS) library, an open-source framework developed by the , implements creation, extension, and validation of PAdES signatures, covering baseline levels and extended profiles while supporting integration with trust services for certificate revocation and verification. Online validators from QTSPs, such as SEFIRA's qualified validation service, allow users to verify PAdES documents remotely, checking signature validity, certificate chains, and compliance with requirements through web-based interfaces. PAdES tools and software generally ensure compatibility across baseline levels B-B (basic), B-T (with timestamps), B-LT (long-term), and B-LTA (archival), with major PDF viewers like Reader and open-source alternatives supporting validation of these levels natively. Recent updates in ETSI EN 319 142-2 (July 2025) enhance compatibility by aligning PAdES profiles with the latest ISO 32000-2 PDF specifications, incorporating improvements for extended signatures and integration with modern cryptographic algorithms, which have been adopted in updated versions of libraries like DSS and commercial tools to maintain .

Practical Use Cases

PAdES signatures are widely applied in governmental processes across the to ensure the authenticity and integrity of electronic documents, particularly in PDF format, aligning with requirements for qualified electronic signatures. For instance, they facilitate the secure electronic filing of tax returns, where public administrations use PAdES to sign and seal declarations, enabling verifiable submissions without physical presence. In proceedings, PAdES supports the submission of legal documents in member states, providing tamper-evident records that maintain evidentiary value over time. In Italy, advanced or qualified electronic signatures are required for certain official documents, such as those in and judicial contexts, which can be implemented using PAdES for PDF formats, to streamline processes while preserving legal admissibility. In environments, PAdES enables efficient signing within supply chains, allowing multiple parties to apply sequential or parallel signatures to PDF agreements such as vendor contracts and procurement documents, reducing delays in . For authentication, PAdES aligns with EU VAT directives by ensuring the origin, integrity, and legibility of electronic invoices through advanced signatures, which helps businesses comply with reporting obligations and combat fraud in cross-border transactions. This format is particularly valuable for in B2B exchanges, where signed PDFs serve as reliable proof in audits. Within healthcare, PAdES secures patient consent forms by embedding qualified signatures with timestamps, ensuring compliance with GDPR for data protection while creating immutable records of . In , it supports compliant wire transfers through signed PDFs that include trails via long-term validation attributes, facilitating KYC processes and reducing risks in agreements or contracts. These applications provide verifiable trails for regulatory oversight, such as in anti-money laundering checks. Handling multi-signer workflows presents challenges in PAdES implementations, such as coordinating sequential signatures without invalidating prior ones, which requires careful management of incremental updates to avoid breaking existing validations. Solutions involve using tools that support parallel signing paths and real-time status tracking, ensuring all parties' contributions remain intact and verifiable. Migration from legacy PDF signatures to PAdES-LTA for archival purposes addresses issues like certificate expiry and obsolescence by adding document timestamps and data post-signing, enabling long-term readability even after 10-20 years; this process often automates certificate renewal and PDF optimization to minimize disruptions in existing archives.

References

  1. https://www.etsi.org/deliver/etsi_en/319100_319199/31914201/01.02.01_60/en_31914201v010201p.pdf
  2. https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:32014R0910
  3. https://www.etsi.org/technologies/digital-signature
  4. https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:31999L0093
  5. https://www.iso.org/standard/51502.html
  6. https://www.etsi.org/deliver/etsi_en/319100_319199/31914202/01.02.01_60/en_31914202v010201p.pdf
  7. https://www.etsi.org/deliver/etsi_ts/102700_102799/10277801/01.01.01_60/ts_10277801v010101p.pdf
  8. https://www.etsi.org/deliver/etsi_ts/102700_102799/10277802/01.02.01_60/ts_10277802v010201p.pdf
  9. https://www.etsi.org/deliver/etsi_ts/102700_102799/10277803/01.01.01_60/ts_10277803v010101p.pdf
  10. https://www.etsi.org/deliver/etsi_ts/102700_102799/10277804/01.01.01_60/ts_10277804v010101p.pdf
  11. https://www.etsi.org/deliver/etsi_ts/102700_102799/10277805/01.01.02_60/ts_10277805v010102p.pdf
  12. https://www.etsi.org/deliver/etsi_ts/102700_102799/10277806/01.01.01_60/ts_10277806v010101p.pdf
  13. https://www.etsi.org/newsroom/news/1111-2016-07-etsi-publishes-european-standards-to-support-eidas-regulation
  14. https://ec.europa.eu/digital-building-blocks/sites/spaces/DIGITAL/pages/467109093/Standards%2Band%2Bspecifications
  15. https://datatracker.ietf.org/doc/html/rfc5126
  16. https://portal.etsi.org/TB-SiteMap/esi/esi-activities
  17. https://www.etsi.org/deliver/etsi_en/319100_319199/31912201/01.02.01_60/en_31912201v010201p.pdf
  18. https://www.etsi.org/deliver/etsi_ts/119100_119199/11914203/01.01.01_60/ts_11914203v010101p.pdf
  19. https://itextpdf.com/solutions/electronic-signatures-pdf
  20. https://www.etsi.org/deliver/etsi_ts/103100_103199/103172/02.02.02_60/ts_103172v020202p.pdf
  21. https://www.etsi.org/deliver/etsi_en/319100_319199/31910201/01.03.01_60/en_31910201v010301p.pdf
  22. https://www.entrust.com/products/hsm/eidas-qscd
  23. https://utimaco.com/service/knowledge-base/digital-signing/what-qualified-trust-service-provider-qtsp
  24. https://ec.europa.eu/digital-building-blocks/wikis/display/DIGITAL/eSignature%2BFAQ
  25. https://eur-lex.europa.eu/eli/reg/2024/1183/oj
  26. https://ec.europa.eu/digital-building-blocks/sites/spaces/EUDIGITALIDENTITYWALLET/pages/915931811/The%2BEuropean%2BDigital%2BIdentity%2BRegulation
  27. https://uncitral.un.org/en/texts/ecommerce/modellaw/electronic_signatures
  28. https://www.dentons.com/en/insights/articles/2024/october/21/navigating-electronic-identification-and-trust-services-in-ukraine
  29. https://www.fdic.gov/resources/supervision-and-examinations/consumer-compliance-examination-manual/documents/10/x-3-1.pdf
  30. https://www.zealid.com/en/blog/how-to-submit-a-public-tender-with-a-qualified-signature
  31. https://cms.law/en/int/expert-guides/e-signatures-in-finance-and-npl-transactions/italy
  32. https://www.etsi.org/deliver/etsi_tr/102900_102999/102923/01.01.01_60/tr_102923v010101p.pdf
  33. https://www.forensicnotes.com/digital-signature-electronic-signature-esignature/
  34. https://kb.itextpdf.com/itext/pades-signing-high-level-api
  35. https://www.bouncycastle.org/
  36. https://www.adobe.com/devnet-docs/acrobatetk/tools/DigSigDC/standards.html
  37. https://www.docusign.com/en-gb/products/electronic-signature/learn/eidas-faq-understanding-eus-latest-electronic-signature-regulation
  38. https://www.globalsign.com/resources/cds-pades-timestamping.pdf
  39. https://ec.europa.eu/digital-building-blocks/DSS/webapp-demo/doc/dss-documentation.html
  40. https://www.sefira.com/en/qtsp/
  41. https://ec.europa.eu/digital-building-blocks/sites/spaces/DIGITAL/pages/880312429/eSignature+FAQ
  42. https://www.certinal.com/blog/pades
  43. https://taxation-customs.ec.europa.eu/document/download/12dc566c-9f43-49d9-a306-b706879104ba_en
  44. https://www.continualengine.com/blog/what-is-pades/
  45. https://www.esignglobal.com/blog/PAdES-for-PDF
Add your contribution
Related Hubs
User Avatar
No comments yet.