How QES Validation Works

Validation is not a single pass/fail check. It is a layered trust decision that sits downstream of signature creation.

Simona Stankova
Simona Stankova
Engineering

How QES Validation Works

Creating a qualified electronic signature is only part of the workflow. In many systems, the more operationally important question comes later: can the signed result still be trusted for the purpose the system cares about?

That is the real job of validation.

Validation is not one binary check

Teams often talk about validation as if there is a single yes-or-no answer hidden inside the signed file.

In practice, QES validation is usually layered. It may involve:

  • signature structure checks
  • integrity checks
  • certificate and chain evaluation
  • trust-service context checks
  • workflow-specific acceptance rules

That is why “the signature exists” is never a sufficient model for serious systems.

Structure comes first

The system needs to determine whether the signature is correctly formed for the relevant format.

Depending on the flow, that might mean:

  • XML signature structure in XAdES-related paths
  • PDF signature structure in PAdES workflows
  • cryptographic package integrity in other advanced-signature contexts

If the structure is malformed, the rest of the evaluation is already compromised.

Integrity is not optional

Validation also needs to answer whether the signed content has changed since the signature was applied.

If integrity fails, the result cannot credibly be treated as valid for the intended purpose. This is one of the simplest statements in the whole validation model, and still one of the most important.

Certificate context matters

Validation is not limited to payload inspection. The signer certificate and related chain material also need to be evaluated in a way that fits the workflow.

That means the system may need to determine whether the certificate context is acceptable, not merely present.

Trust context matters too

This is where many oversimplified models break down. Validation is not only about cryptography. It is also about trust-service context.

If the workflow depends on qualified status or trust-service assumptions, the validation model needs to reflect that reality instead of pretending the trust layer does not exist.

The practical takeaway

Good validation does not merely answer, “Can a parser read this signature?”

It answers, “Can this signed result still be trusted by this system, for this workflow, under this trust model?”

That is the level at which validation becomes useful to real products.