For Adobe Reader and Adobe Pro

Please, add the option "Add Verification Information" to a digital signature using current time without adding any timestamp to the signature. The validation shall use current time (from the user computer) instead of signature signing-time.

This could be implemented by just adding the option "Add Verification Information" when the setting Verification time > Verify Signatures Using > Current Time in the Signature Verification Preferences.

This is useful for adding verification information at current time to documents already signed by another party without adding a Time Stamp Authority (TSA) digital time-stamp embedded to the signature, but if necessary, it may add a TSA non-signature-embedded digital time-stamp with a time before the verification time and never after.

The objective is to add a time-stamp to a document signed by other party, and then add verification information at a time after the TSA time-stamp time to comply with verification information freshness requirements set by European regulations.

The option shall be able to add the verification information of the digital signature after a TSA non-signature-embedded digital time-stamp has been added to the document and before adding any verification information.

This is a valid approach as European regulations and standards state that suspension of a qualified digital certificate once lifted, the certificate and the signatures created with such certificate during suspension become valid again. Hence, if a certificate is valid at a particular time, then it has been valid any time before.

Adding verification information together with a Time Stamp Authority (TSA) digital time-stamp embedded to the signature is not acceptable as the resulting document will have a time-stamp with a time after the time-stamped time of other time-stamps previously added to the document after it has been signed. The resulting signature then, will be rejected by validation servers because it would fail to pass the constraint of having the time-stamps in the correct order as it is assumed that the time-stamp embedded to the signature should have a time before any TSA digital time-stamps added to the document after it has been signed.

Article 1 and the annex of COMMISSION IMPLEMENTING DECISION (EU) 2015/1506 of 8 September 2015 establishes that Member States of the European Union must recognize advanced electronic signatures that comply with the ETSI TS 103 standard. 172 v.2.2.2. Other electronic signatures may not be accepted as valid evidence by themselves.

According to clause 8 of ETSI TS 103 172 v.2.2.2 (PAdES profile), the implementation of a digital signatures claiming conformance to the LT-Conformance Level or LT-Conformance Level (clause 9) shall follow specifications in ETSI TS 119 172-4 V1.1.1 (PAdES Part 4) clause 4.

REQ-4.2-03 c) ii) from ETSI TS 119 172-4 V1.1.1 (PAdES Part 4) clause 4 states the following:

"The RevocationFreshnessConstraints defined in ETSI TS 119 172-1 [3], clause A.4.2.1, table A.2 rows (m)2.2 shall be used with a maximum value of 0, ensuring that the revocation information is only accepted if it has been issued after the best signature time."

Clause A.4.2.1, table A.2 rows (m)2.2 from ETSI TS 119 172-1 V1.1.1 (page 34) states:

"m)2.2. RevocationFreshnessConstraints: This constraint
indicates time requirements on revocation information. The
constraints may indicate the maximum accepted difference between
the issuance date of the revocation status information of a
certificate and the time of validation (see [i.4]) or require the SVA to
only accept revocation information issued a certain time after the
signature has been created".

"m)2.2. RevocationFreshnessConstraints: This constraint indicates time requirements on revocation information. The constraints may indicate the maximum accepted difference between the issuance date of the revocation status information of a certificate and the time of validation (see [i.4]) or require the SVA to only accept revocation information issued a certain time after the signature has been created."

More info can be found at https://ec.europa.eu/digital-building-blocks/DSS/webapp-demo/doc/dss-documentation.html#RevocationFreshness.

COMMISSION IMPLEMENTING DECISION (EU) 2015/1506 of 8 September 2015: https://eur-lex.europa.eu/legal-content/EN/ALL/?uri=CELEX:32015D1506
ETSI TS 103 172: ETSI TS 103 172 v.2.2.2: https://www.etsi.org/deliver/etsi_ts/103100_103199/103172/02.02.02_60/ts_103172v020202p.pdf
ETSI TS 119 172-4: ETSI TS 119 172-4 v.1.1.1: https://www.etsi.org/deliver/etsi_ts/119100_119199/11917204/01.01.01_60/ts_11917204v010101p.pdf
ETSI TS 119 172-1: ETSI TS 119 172-1 v.1.1.1: https://www.etsi.org/deliver/etsi_ts/119100_119199/11917201/01.01.01_60/ts_11917201v010101p.pdf