## Electronic Signature in a Nutshell: Teh Czech Overstamping Business
The long-term validity of electronic signatures is a complex topic, notably within the Czech Republic, and often surrounded by conflicting advice. A recent discussion on StackExchange highlights this confusion,with varying perspectives on the necessity of “overstamping” signatures.
According to current standards, for long-term verifiability, signatures should include embedded validation and revocation data concerning both the signer’s certificate *and* the timestamp certificate - a requirement for Level B-LTA signatures. Provided that the underlying cryptographic algorithms remain secure, the signature itself remains trustworthy even without continuous restamping. While the risk of malicious time manipulation is considered low,some software or validators may struggle to confirm validity without a continuous chain of timestamps. This doesn’t invalidate the signature, but rather indicates the validator lacks the necessary data for confirmation. Therefore, the decision to overstamp is largely a technical and organizational one, not a legal mandate. Future standardization may provide further clarity.
This issue is particularly relevant when considering the Czech Republic’s “Data Boxes” (Datové schránky),a secure messaging system. Messages sent via Data Box include a delivery note, a ZFO file containing metadata like sender, recipient, and timestamp, sealed with a CAdES electronic seal from the ISDS operator.
The ISDS (Information System of Data Boxes) retains the full delivery note for 90 days, and then a subset of metadata – the ZFO file hash, sender, and recipient – for an extended period. This allows for integrity verification of the delivery note by referencing the original ZFO file within the Data Box interface (“Open ZFO” → “Show delivery note”).
However, Data Box also offers the *option* to restamp ZFO files, “extending the validity of the seal.” The system documentation states the receipt is valid until a specific date, but the file remains verifiable by ISDS even afterward. restamping was initially only available through the ISDS web interface, but in 2025, an API option was added, as detailed in a document released by the ministry of Interior:
The practical benefit of this restamping is questionable. As long as ISDS remains operational, the files are verifiable through their system. Once ISDS ceases to exist, their restamping infrastructure will also become unusable. A more effective approach for long-term verifiability would be to sign the ZFO file with a long-term validity signature (level B-LTA), which is not currently implemented.
For those prioritizing long-term verifiability of delivery notes, creating an independent Level B-LTA archival timestamp is a more robust solution than relying on regular restamping through ISDS, as this can be achieved by any trusted timestamping authority.
Interestingly, the Czech Post, which operates ISDS, actively promotes the need for constant restamping on its website, possibly influencing user behavior. Further practical advice and recommendations on cost-effective and secure practices will be provided in a subsequent article.
