SignBox supports three long-term validation levels:
- LTV — Long-Term Validation. Embeds revocation data and certificates for offline verification. Available in PAdES, CAdES, and XAdES.
- LTVLITE — Lightweight Long-Term Validation. Compact LTV for PDFs. PAdES only.
- LTVA — Long-Term Validation with Archival. Extends LTV with document timestamps for maximum preservation. Available in PAdES, CAdES, and XAdES.
These levels embed validation data (revocation information, timestamps) directly into the signed document. The signature remains verifiable even when the original validation services (OCSP, CRL) are no longer available.
Use these levels when:
- Documents must remain legally valid for extended periods (years or decades)
- Signature verification must work offline or without access to OCSP/CRL servers
- Regulatory or compliance requirements mandate long-term validation
- Archival and audit scenarios require proof of validity over time
LTVA is recommended for maximum long-term preservation; it adds document timestamps that can extend validity beyond certificate and algorithm expiry.
For LTV, LTVLITE, and LTVA signatures, you must configure the rootstore on the SignBox Optimizer. The rootstore contains the trust chain certificates needed to validate the signing certificate and build the validation data.
If you use only BES or T levels, rootstore configuration is not required.
- Signature levels — All formats (PAdES, CAdES, XAdES) and levels (BES, T, LTV, LTVLITE, LTVA)
- Rootstore configuration — How to load trust chain certificates
- Signatures — Configuration scope and signature options