TL;DR: PAdES signatures let organisations package source files inside PDF containers while preserving long-term authenticity through embedded certificates, timestamps, and archive evidence, according to Cybertrust Japan. The governance issue is not only signing documents, but ensuring migrated content remains verifiable across file types, system changes, and long retention periods.
NHIMG editorial — based on content published by Cybertrust Japan: Word and Excel too can be archived as evidence using PDF as a container and PAdES signatures
By the numbers:
- Only 38% have automated certificate lifecycle management in place.
- Average time to detect a compromised machine identity: 214 days.
- NHIs outnumber human identities by 25x to 50x in modern enterprises.
Questions worth separating out
Q: How should organisations use PDF signing for migrated documents?
A: Use PDF signing when the organisation needs a durable evidence container, not just a readable copy.
Q: When does a signed PDF stop being trustworthy?
A: A signed PDF loses practical trust value when the signature can no longer be validated against preserved certificate status, timestamp evidence, or archival data.
Q: What do teams get wrong about embedding files inside PDFs?
A: They often treat attachment-based PDFs as a convenience feature instead of a controlled record format.
Practitioner guidance
- Classify signed PDFs as governed evidence objects Assign ownership for signed PDF containers, the embedded files they hold, and the validation evidence they depend on.
- Choose the signature profile by retention horizon Use a basic signing profile for short-lived exchange, B-LT where later validation is expected, and archival signing where the record must remain provable across long legal or operational retention windows.
- Standardise attachment rules for source files Define which file types can be embedded, what becomes the authoritative version after packaging, and how users will identify the embedded source versus a rendered copy.
What's in the full article
Cybertrust Japan's full blog post covers the implementation detail this post intentionally leaves for the source:
- How the attachment-based PDF workflow is assembled in practice for Word, Excel, JPEG, and HTML source files.
- How PAdES B-T, B-LT, and B-LTA differ when long-term verification is required across retention windows.
- How the iTrust remote signing service fits into the cloud API workflow for adding signatures.
- How JIIMA guidance shapes the portability and preservation design for migrated data.
👉 Read Cybertrust Japan's explanation of PAdES signatures for PDF-based data migration →
PAdES signatures and PDF containers: what changes for migration?
Explore further
PDF container signing is an evidence-governance pattern, not a formatting trick. The real value of PAdES is that it lets a record survive application churn while preserving proof of integrity. That is the same basic problem identity teams face when credentials, certificates, or approvals outlive the system that issued them. The implication is that governance has to follow the artefact, not the originating application.
A few things that frame the scale:
- NHIs outnumber human identities by 25x to 50x in modern enterprises, according to Ultimate Guide to NHIs , What are Non-Human Identities.
- Only 5.7% of organisations have full visibility into their service accounts, which is why evidence preservation should be designed as a lifecycle control, not a file-format afterthought.
A question worth separating out:
Q: Who is accountable for long-term validation of signed documents?
A: Accountability should sit with the records, PKI, and platform owners together, because long-term verification depends on all three. If any one team owns the signature in isolation, the organisation usually misses retention, revocation, and archive validation dependencies that determine whether the record remains provable.
👉 Read our full editorial: PAdES signatures change data migration and document trust