← Back to features
Feature
PKI / Remote Signing
Full CSC API v2 pipeline with OAuth 2.0 credential authorization, SAD lifecycle, PAdES-LTV timestamp embedding, and SCEP/CMP support.
Overview
DocuTrust's PKI infrastructure supports hardware-backed remote signing via the Cloud Signature Consortium API v2. Notary credentials are issued by a Certificate Authority backed by an HSM. Signing uses a full SAD (Signature Activation Data) lifecycle — authorize, hash, sign, embed — with LTV timestamps from GlobalSign TSA and OCSP/CRL validation built in.
Key capabilities
- CSC API v2 compliant remote signing pipeline
- HSM-backed Certificate Authority for notary credentials
- Full SAD lifecycle — authorize, hash, sign, embed
- LTV timestamp embedding via GlobalSign TSA
- OCSP and CRL validation per signature
Common use cases
- Notaries applying a legally valid digital signature to PDFs
- Platform operators managing PKI certificate issuance
- Integrators connecting to CSC-compliant signing services
- Compliance with Philippine DICT and BSP digital signature rules
Infra — One of the most adopted capabilities on the DocuTrust platform.