What makes an evidence file legally robust
A legally robust evidence file must satisfy four criteria: authenticity (proving the documents are what they claim to be), integrity (proving they have not been altered), provenance (establishing their origin), and temporality (proving when they existed and in what form). Qualified timestamps directly address integrity and temporality, while digital signatures and electronic seals address authenticity and provenance. Together, these four elements create an evidence dossier that meets the standards of court proceedings in any EU jurisdiction.
Structuring the evidence dossier
Begin with a cover page that lists all documents in the dossier, their reference numbers, creation dates, and the hash values of each timestamp token. Then organise documents chronologically, with each document accompanied by: (1) the original file, (2) its RFC 3161 timestamp token (.tsr file), (3) the verification certificate showing the TSA's chain of trust, and (4) a brief annotation explaining the document's relevance. Include the TSA's trust list entry (from the EU Trusted List) to demonstrate that the QTSP was qualified at the time of timestamping.
Generating and storing timestamp tokens
For each key document, compute its SHA-256 hash before timestamping — document this hash alongside the file. Request a timestamp from your QTSP via their RFC 3161-compliant API. Store the returned .tsr token in an immutable storage location (WORM storage, blockchain-anchored archive, or a trusted archiving service). Never modify the original document after timestamping — any modification invalidates the timestamp. If a document must be corrected, create a new version, timestamp it separately, and document the relationship between versions.
Verification and peer review
Before submitting the evidence file, verify every timestamp token using an independent verification tool. The OpenSSL command `openssl ts -verify -in document.tsr -data original.pdf -CAfile tsa-chain.pem` provides programmatic verification. Engage a technical expert to certify the verification results — courts increasingly expect expert testimony on electronic evidence integrity. In France, a huissier de justice (bailiff) can certify the digital evidence; in Germany, a Sachverständiger (expert witness); in the UK, a digital forensics expert. Include their report in the dossier.
Chain of custody documentation
Equally important as the timestamps themselves is documenting the chain of custody: who had access to the documents, in what systems they were stored, and how they were transmitted to the opposing party or the court. Include system access logs (timestamped), file transfer records, and a signed attestation from the custodian. If documents were stored in a cloud system, include the provider's audit log export. This chain of custody narrative, combined with the cryptographic timestamp evidence, creates a bulletproof evidential package.