The Trust and Evidence Layer

Preservation is not the same as storage. Storage keeps files available. A trust and evidence layer helps keep records explainable and defensible years later, with evidence records, time evidence, renewal and, where the use case requires it, qualified preservation. This is the layer that turns long-term archiving from file retention into evidentially robust preservation.

Qualified Trust Service Provider for Qualified Preservation, positioned within a broad Electronic Archiving offering.

four-layer trust and evidence architecture diagram.

Why "trust" and "evidence"

Most archive products talk about retention, security and audit logs. These matter of course, but they do not by themselves answer the harder question: What happens when a record is challenged years later?

At that point, the issue is not only whether the file still exists. The issue is whether the organisation can still explain where it came from, what happened to it, what cryptographic evidence supports it, and why that evidence can still be relied on. That is where the Trust and Evidence layer matters.

For some use cases, that layer includes qualified preservation under the eIDAS framework. For others, it means bringing evidence records, time evidence, renewal, validation context and governance together in a way that remains auditable over time. In both cases, the archive needs more than durable storage.

For compliance leads

What the regulatory framework expects, where qualified status matters, and why evidential assurance becomes material in areas such as

AMLR

EHDS

DORA

NIS2

National trust frameworks

For architects

What the trust and evidence layer looks like in technical terms:

Evidence records

Augmentation

Long-term validation context

OAIS/E-ARK packaging

Operational boundaries

The trust services framework under eIDAS

eIDAS (Regulation EU 910/2014, as amended by Regulation EU 2024/1183) sets the European framework for Trust Services. In practice, it defines which digital trust functions can be delivered as regulated services, under which legal framework, and with which supervisory and conformity expectations.

Trust services include qualified electronic signatures (QES), qualified electronic seals (QESl), qualified time-stamps, qualified electronic registered delivery and, in the updated framework, qualified electronic archiving. For archiving and preservation, two elements matter most.

Qualified preservation of qualified electronic signatures and seals.

Under Article 34 and Article 40 eIDAS, a qualified trust service provider can preserve the trustworthiness of qualified signatures and seals beyond the original technological validity period. ETSI TS 119 511 sets out the policy and security requirements for providers operating that service.

Qualified electronic archiving.

The amended eIDAS framework also recognises qualified electronic archiving as a trust service for electronic data and documents more broadly. For buyers, the practical point is that long-term archiving is moving further into a formal trust-services context, not away from it.

When a service is delivered by a Qualified Trust Service Provider listed on the relevant trust lists, it sits inside a supervised framework with accredited assessment, published scope and cross-border recognition under eIDAS. That is materially different from a vendor simply describing its archive as secure or compliant.

This is why qualified status matters. It is not a styling choice. It is part of a defined legal and supervisory framework.

The evidence record approach

The technical mechanism behind long-term evidential preservation is the evidence-record model. In standards terms, it sits behind IETF RFC 4998 and RFC 6283 and connects closely to ETSI preservation specifications such as ETSI TS 119 511 and ETSI TS 119 512.

At a high level, evidence-record-based preservation combines three things:

Hash-based integrity evidence

The preserved object is hashed, so the preservation process can prove integrity without changing the underlying object.

Trusted time evidence

A trusted time-stamp anchors the existence of that hash at a defined point in time.

Renewal over time

As certificates expire and cryptographic assumptions age, the preservation service can extend the evidence chain with newer time evidence rather than relying forever on the original cryptographic context.

Together, those elements give an archive something that plain storage does not: a verifiable chain that can still be explained later.

A useful way to describe the preservation patterns is through three recurring profiles:

PDS (Preservation of Digital Signatures)

Used where the validity of a digital signature or seal needs to remain explainable over time.

PGD (Preservation of General Data)

Used where general data, signed or unsigned, still needs durable proof of integrity and existence.

AUG (Augmentation)

Used to renew and strengthen evidence over time as the cryptographic landscape changes.

Docbyte’s trust architecture is built around an ERS model and related verification and validation flows, rather than treating evidence as a loose add-on around storage.

Augmentation: how preservation survives time

The simplest way to understand augmentation is to look at the failure mode it prevents.

Imagine a record archived in 2025 with the then-current cryptographic evidence around it. Ten or fifteen years later, the key question is no longer only whether the record is still there. The question is whether the original signature, certificate chain, time evidence and validation context can still be relied on in the same way.

Without augmentation, the archive may still have the file and the original evidence, but the evidential position can weaken as certificates expire, algorithms age and validation ecosystems move on.

With augmentation, the archive extends the evidence chain over time. New trusted time evidence is layered on top of the existing chain, so the preserved record is not left stranded in the original technological moment. The earlier chain remains anchored, while the newest layer reflects the current preservation state.

This is the practical answer to long retention in a world where technology changes. It is also why preservation is different from keeping a file in durable storage.

For organisations with five-year, ten-year or multi-decade retention requirements, augmentation is one of the mechanisms that helps keep evidential assurance workable over time.

2025

Original Archive

2030

Renewal 1

2035

Renewal 2

2040

Renewal 3

2045

Document still explainable

Timeline arrow head

The QTSP advantage

Qualified preservation is not only a technical pattern. It is a regulated trust service. That means qualified status matters.

For an archive buyer, that matters in three concrete ways:

Qualified legal effect

A qualified trust service benefits from the legal effects attached to that service under eIDAS. A non-qualified service does not carry the same qualified status.

Cross-border recognition

Qualified trust services are recognised across EU Member States within the eIDAS framework. For organisations operating across borders, that matters.

Supervisory discipline

A QTSP sits inside a framework of accredited conformity assessment, defined scope, published trust-list information and ongoing supervision. Customers are not relying only on vendor assertions.

A standard archive product can implement strong controls. It does not become a qualified trust service unless it operates within that trust-services framework. That distinction matters when evidential assurance, regulatory scrutiny or cross-border legal weight are part of the buying case.

What this looks like in Docbyte Vault

Docbyte Vault brings the trust and evidence layer together as a coherent preservation model rather than a collection of disconnected controls.

ERS-based trust architecture

Vault’s architecture includes an Evidence Record Service that manages evidence records and related verification and validation flows around preserved objects.

Time evidence and renewal

Vault’s preservation model combines timestamp-based evidence with renewal over time, so evidential assurance does not depend indefinitely on the original cryptographic state.

Validation context preservation

Where signed or sealed objects are in scope, the preservation model keeps the context needed to explain the original validity assessment later, rather than forcing a fresh assessment based only on today’s trust anchors.

Wallet-related evidence handling

For wallet-based onboarding and attestation use cases, the preservation model should retain the presentation, attestation, time evidence and verification context together, rather than preserving only a derived PDF, screenshot or extracted field set.

OAIS/E-ARK packaging

Vault uses SIP, AIP and DIP as operational concepts, with OAIS/E-ARK-style packaging and preservation metadata helping keep the archive explainable and portable.

Standards-based framing

Relevant references in the trust and archive model include ETSI TS 119 511, ETSI TS 119 512, CEN TS 18170:2025, OAIS / ISO 14721, ISO 14641, ISO 15801, ISO 27001 and EN 319 401, depending on scope and assurance level.

Where this matters: the regulatory landscape

The trust and evidence layer becomes visible when a regulator, auditor, investigator or court asks for proof. Several current and emerging frameworks push organisations in that direction.

AMLR (Regulation EU 2024/1624, applies from 10 July 2027)

Article 77 sets a five-year retention baseline with deletion expectations, while Article 22 increases the relevance of wallet- and attestation-based onboarding evidence. This pushes archive design beyond simple document storage.

EHDS (Regulation EU 2025/327)

Health-data records need to remain trustworthy, retrievable and well-governed across long retention horizons and cross-border scenarios. The archive becomes part of the evidential surface.

eIDAS 2.0 (Regulation EU 2024/1183)

Extends and strengthens the trust-services framework around qualified preservation and qualified electronic archiving.

DORA (Regulation EU 2022/2554, applies since 17 January 2025)

Raises expectations around ICT risk management, incident traceability and retained evidence in financial environments.

NIS2 (Directive EU 2022/2555)

Raises expectations around incident documentation, governance and auditability for essential and important entities.

Belgian Digital Act

National digital-trust and evidential frameworks increase attention on qualified archiving and strong preservation controls for some Belgian use cases.

ICH GCP, FDA 21 CFR Part 11, EMA Annex 11

Long retention horizons in life sciences make stronger preservation and evidence controls commercially and operationally important.

In each case, the same question comes back: can the organisation still explain, retrieve and defend the record years later?

Frequently asked questions

An archive stores files and applies retention rules. A qualified preservation service focuses on maintaining the evidential value of preserved records over time, using mechanisms such as evidence records, trusted time evidence and renewal. An archive without qualified preservation can still retain data, but it does not carry the same qualified legal status or evidential posture.

Because qualified preservation is a regulated trust service under eIDAS. A non-qualified provider may implement similar technical controls, but it does not deliver the same qualified status, recognised legal effect or supervisory framework.

Augmentation is the renewal of preservation evidence over time. It adds new trusted time evidence on top of the existing chain so preserved records are not left dependent only on ageing certificates, algorithms or validation contexts. It matters because evidential assurance has to survive technical change, not only retention periods.

With wallet-based onboarding, the relevant evidence is often no longer only a copy of a document. It can include wallet presentations, attestations, time evidence and validation context. If that evidence needs to remain explainable years later, the archive should preserve the full evidence package and its context, not only a derived PDF or screenshot.

Yes. Qualified trust-service status should be verifiable through the relevant trust-list entry and accompanying trust documentation. The EU Trusted List is publicly searchable.

Make the trust and evidence layer part of your archive

If your records need to remain defensible years from now, the trust and evidence layer should be designed explicitly, not left implicit. Talk to Docbyte to assess where your current archive stands against ETSI TS 119 511, qualified preservation and long-term evidential assurance.