The long-term validity problem
A qualified timestamp created today uses SHA-256 and RSA-4096. These are secure now, but cryptographic advances may weaken them over decades. If a timestamp's cryptographic primitives become insecure, the evidence it provides may be challenged. Long-term archiving requires proactive measures to maintain evidential value over 10, 20, or even 50+ year periods.
Archive timestamp renewal
The solution is periodic re-timestamping, defined in standards like ETSI TS 101 733 (CAdES) and ETSI TS 103 171. Before an algorithm weakens, you apply a new timestamp — using current, strong algorithms — over the entire existing evidence chain. This creates a nested series of timestamps, each protecting the validity of the previous one.
The LTANS standard
The IETF's Long-Term Archive and Notary Services (LTANS) working group produced RFC 4998 (Evidence Record Syntax) which defines how to build and maintain chains of evidence records that remain verifiable indefinitely. ETSI standards TS 119 511 and TS 119 512 provide EU-specific profiles for long-term preservation services.
Practical implementation
Set up automated monitoring of algorithm deprecation notices from NIST/ENISA. Configure your archiving system to trigger re-timestamping when algorithms approach their recommended end-of-life dates. Store all intermediate timestamp tokens — never discard old timestamps, as they form part of the evidence chain.