The Trust and Evidence Layer
Preservation is not the same as storage. Storage keeps files available. A trust and evidence layer helps keep records explainable and defensible years later, with evidence records, time evidence, renewal and, where the use case requires it, qualified preservation. This is the layer that turns long-term archiving from file retention into evidentially robust preservation.
Qualified Trust Service Provider for Qualified Preservation, positioned within a broad Electronic Archiving offering.
Why "trust" and "evidence"
Most archive products talk about retention, security and audit logs. These matter of course, but they do not by themselves answer the harder question: What happens when a record is challenged years later?
At that point, the issue is not only whether the file still exists. The issue is whether the organisation can still explain where it came from, what happened to it, what cryptographic evidence supports it, and why that evidence can still be relied on. That is where the Trust and Evidence layer matters.
For some use cases, that layer includes qualified preservation under the eIDAS framework. For others, it means bringing evidence records, time evidence, renewal, validation context and governance together in a way that remains auditable over time. In both cases, the archive needs more than durable storage.
For compliance leads
What the regulatory framework expects, where qualified status matters, and why evidential assurance becomes material in areas such as
AMLR
EHDS
DORA
NIS2
National trust frameworks
For architects
What the trust and evidence layer looks like in technical terms:
Evidence records
Augmentation
Long-term validation context
OAIS/E-ARK packaging
Operational boundaries
The trust services framework under eIDAS
eIDAS (Regulation EU 910/2014, as amended by Regulation EU 2024/1183) sets the European framework for Trust Services. In practice, it defines which digital trust functions can be delivered as regulated services, under which legal framework, and with which supervisory and conformity expectations.
Trust services include qualified electronic signatures (QES), qualified electronic seals (QESl), qualified time-stamps, qualified electronic registered delivery and, in the updated framework, qualified electronic archiving. For archiving and preservation, two elements matter most.
Qualified preservation of qualified electronic signatures and seals.
Under Article 34 and Article 40 eIDAS, a qualified trust service provider can preserve the trustworthiness of qualified signatures and seals beyond the original technological validity period. ETSI TS 119 511 sets out the policy and security requirements for providers operating that service.
Qualified electronic archiving.
The amended eIDAS framework also recognises qualified electronic archiving as a trust service for electronic data and documents more broadly. For buyers, the practical point is that long-term archiving is moving further into a formal trust-services context, not away from it.
When a service is delivered by a Qualified Trust Service Provider listed on the relevant trust lists, it sits inside a supervised framework with accredited assessment, published scope and cross-border recognition under eIDAS. That is materially different from a vendor simply describing its archive as secure or compliant.
This is why qualified status matters. It is not a styling choice. It is part of a defined legal and supervisory framework.
The evidence record approach
The technical mechanism behind long-term evidential preservation is the evidence-record model. In standards terms, it sits behind IETF RFC 4998 and RFC 6283 and connects closely to ETSI preservation specifications such as ETSI TS 119 511 and ETSI TS 119 512.
At a high level, evidence-record-based preservation combines three things:
Hash-based integrity evidence
The preserved object is hashed, so the preservation process can prove integrity without changing the underlying object.
Trusted time evidence
A trusted time-stamp anchors the existence of that hash at a defined point in time.
Renewal over time
As certificates expire and cryptographic assumptions age, the preservation service can extend the evidence chain with newer time evidence rather than relying forever on the original cryptographic context.
Together, those elements give an archive something that plain storage does not: a verifiable chain that can still be explained later.
A useful way to describe the preservation patterns is through three recurring profiles:
PDS (Preservation of Digital Signatures)
Used where the validity of a digital signature or seal needs to remain explainable over time.
PGD (Preservation of General Data)
Used where general data, signed or unsigned, still needs durable proof of integrity and existence.
AUG (Augmentation)
Used to renew and strengthen evidence over time as the cryptographic landscape changes.
Docbyte’s trust architecture is built around an ERS model and related verification and validation flows, rather than treating evidence as a loose add-on around storage.
Augmentation: how preservation survives time
The simplest way to understand augmentation is to look at the failure mode it prevents.
Imagine a record archived in 2025 with the then-current cryptographic evidence around it. Ten or fifteen years later, the key question is no longer only whether the record is still there. The question is whether the original signature, certificate chain, time evidence and validation context can still be relied on in the same way.
Without augmentation, the archive may still have the file and the original evidence, but the evidential position can weaken as certificates expire, algorithms age and validation ecosystems move on.
With augmentation, the archive extends the evidence chain over time. New trusted time evidence is layered on top of the existing chain, so the preserved record is not left stranded in the original technological moment. The earlier chain remains anchored, while the newest layer reflects the current preservation state.
This is the practical answer to long retention in a world where technology changes. It is also why preservation is different from keeping a file in durable storage.
For organisations with five-year, ten-year or multi-decade retention requirements, augmentation is one of the mechanisms that helps keep evidential assurance workable over time.
Original Archive
- hash
- timestamp
- source evidence
Renewal 1
- new timestamp
- metadata augmentation
Renewal 2
- AI/context layer
- migration proof
Renewal 3
- updated standards
- verification chain
Document still explainable
- original evidence preserved
- every augmentation linked
- chain of custody intact
The QTSP advantage
Qualified preservation is not only a technical pattern. It is a regulated trust service. That means qualified status matters.
For an archive buyer, that matters in three concrete ways:
Qualified legal effect
A qualified trust service benefits from the legal effects attached to that service under eIDAS. A non-qualified service does not carry the same qualified status.
Cross-border recognition
Qualified trust services are recognised across EU Member States within the eIDAS framework. For organisations operating across borders, that matters.
Supervisory discipline
A QTSP sits inside a framework of accredited conformity assessment, defined scope, published trust-list information and ongoing supervision. Customers are not relying only on vendor assertions.
A standard archive product can implement strong controls. It does not become a qualified trust service unless it operates within that trust-services framework. That distinction matters when evidential assurance, regulatory scrutiny or cross-border legal weight are part of the buying case.
What this looks like in Docbyte Vault
Docbyte Vault brings the trust and evidence layer together as a coherent preservation model rather than a collection of disconnected controls.
ERS-based trust architecture
Vault’s architecture includes an Evidence Record Service that manages evidence records and related verification and validation flows around preserved objects.
Time evidence and renewal
Vault’s preservation model combines timestamp-based evidence with renewal over time, so evidential assurance does not depend indefinitely on the original cryptographic state.
Validation context preservation
Where signed or sealed objects are in scope, the preservation model keeps the context needed to explain the original validity assessment later, rather than forcing a fresh assessment based only on today’s trust anchors.
Wallet-related evidence handling
For wallet-based onboarding and attestation use cases, the preservation model should retain the presentation, attestation, time evidence and verification context together, rather than preserving only a derived PDF, screenshot or extracted field set.
OAIS/E-ARK packaging
Vault uses SIP, AIP and DIP as operational concepts, with OAIS/E-ARK-style packaging and preservation metadata helping keep the archive explainable and portable.
Standards-based framing
Relevant references in the trust and archive model include ETSI TS 119 511, ETSI TS 119 512, CEN TS 18170:2025, OAIS / ISO 14721, ISO 14641, ISO 15801, ISO 27001 and EN 319 401, depending on scope and assurance level.
Where this matters: the regulatory landscape
The trust and evidence layer becomes visible when a regulator, auditor, investigator or court asks for proof. Several current and emerging frameworks push organisations in that direction.
AMLR (Regulation EU 2024/1624, applies from 10 July 2027)
Article 77 sets a five-year retention baseline with deletion expectations, while Article 22 increases the relevance of wallet- and attestation-based onboarding evidence. This pushes archive design beyond simple document storage.
EHDS (Regulation EU 2025/327)
Health-data records need to remain trustworthy, retrievable and well-governed across long retention horizons and cross-border scenarios. The archive becomes part of the evidential surface.
eIDAS 2.0 (Regulation EU 2024/1183)
Extends and strengthens the trust-services framework around qualified preservation and qualified electronic archiving.
DORA (Regulation EU 2022/2554, applies since 17 January 2025)
Raises expectations around ICT risk management, incident traceability and retained evidence in financial environments.
NIS2 (Directive EU 2022/2555)
Raises expectations around incident documentation, governance and auditability for essential and important entities.
Belgian Digital Act
National digital-trust and evidential frameworks increase attention on qualified archiving and strong preservation controls for some Belgian use cases.
ICH GCP, FDA 21 CFR Part 11, EMA Annex 11
Long retention horizons in life sciences make stronger preservation and evidence controls commercially and operationally important.
In each case, the same question comes back: can the organisation still explain, retrieve and defend the record years later?
Frequently asked questions
What is the difference between an archive and a qualified preservation service?
An archive stores files and applies retention rules. A qualified preservation service focuses on maintaining the evidential value of preserved records over time, using mechanisms such as evidence records, trusted time evidence and renewal. An archive without qualified preservation can still retain data, but it does not carry the same qualified legal status or evidential posture.
Why does long-term preservation need a Qualified Trust Service Provider?
Because qualified preservation is a regulated trust service under eIDAS. A non-qualified provider may implement similar technical controls, but it does not deliver the same qualified status, recognised legal effect or supervisory framework.
What is augmentation, and why does it matter?
Augmentation is the renewal of preservation evidence over time. It adds new trusted time evidence on top of the existing chain so preserved records are not left dependent only on ageing certificates, algorithms or validation contexts. It matters because evidential assurance has to survive technical change, not only retention periods.
How does this apply to EUDI Wallet onboarding?
With wallet-based onboarding, the relevant evidence is often no longer only a copy of a document. It can include wallet presentations, attestations, time evidence and validation context. If that evidence needs to remain explainable years later, the archive should preserve the full evidence package and its context, not only a derived PDF or screenshot.
Can I verify Docbyte's qualified status independently?
Yes. Qualified trust-service status should be verifiable through the relevant trust-list entry and accompanying trust documentation. The EU Trusted List is publicly searchable.
Make the trust and evidence layer part of your archive
If your records need to remain defensible years from now, the trust and evidence layer should be designed explicitly, not left implicit. Talk to Docbyte to assess where your current archive stands against ETSI TS 119 511, qualified preservation and long-term evidential assurance.