ArchiveSign Addendum

Last updated: April 5, 2026 DRAFT — PENDING ATTORNEY REVIEW

This ArchiveSign Addendum ("Addendum") applies only to the extent Customer enables, accesses, purchases, or uses H33's long-term archival signing services, including document signing, timestamp authority services, certificate issuance, signature maintenance, key escrow, and signature verification (collectively, "Archival Signing Services"). Capitalized terms not defined here have the meanings in the Terms.

1. Scope of Archival Signing Services

1.1 Services Included

Archival Signing Services may include: (a) post-quantum document signing using SLH-DSA (SPHINCS+) and/or ML-DSA (Dilithium) algorithms; (b) RFC 3161 trusted timestamping from H33's Timestamp Authority ("TSA"); (c) certificate issuance from H33's post-quantum Certificate Authority ("CA"); (d) signature maintenance including re-timestamping and algorithm upgrade; (e) key escrow with threshold cryptography; and (f) long-term signature verification.

1.2 Supported Formats

Archival Signing Services support the following signature formats: PAdES-LTA (ETSI EN 319 132), CAdES-A (ETSI EN 319 122), XAdES-A, JAdES (ETSI TS 119 182), ASiC-E (ETSI EN 319 162), and H33 Native detached signatures.

2. Timestamp Authority Operational Commitment

2.1 TSA Continuity

H33 commits to operating its RFC 3161 Timestamp Authority for a minimum of fifty (50) years from the effective date of Customer's Order Form, or to providing at least ten (10) years' advance written notice before discontinuing the TSA, together with a documented transition plan to a successor TSA that inherits H33's historical timestamp records.

2.2 TSA Availability

H33 will use commercially reasonable efforts to maintain TSA availability at 99.999% uptime (measured monthly). TSA downtime does not affect the validity of previously issued timestamps.

2.3 TSA Key Renewal

H33 will renew the TSA signing key at intervals not exceeding three (3) years. Key renewal procedures will be formally documented and reviewed by an independent auditor.

3. Algorithm Monitoring and Notification

3.1 Monitoring Obligation

H33 will continuously monitor the cryptographic health of every algorithm used in Archival Signing Services, including monitoring NIST publications, academic cryptanalysis, and industry security advisories.

3.2 Customer Notification

H33 will notify Customer in writing when any algorithm used in Customer's archived signatures approaches the end of its recommended security lifetime, with at least five (5) years' notice where cryptographic analysis permits, and at least one (1) year's notice in all cases.

3.3 Recommended Actions

Notifications under Section 3.2 will include recommended remediation actions (re-timestamping or algorithm upgrade) and estimated costs.

4. Signature Maintenance

4.1 Re-Timestamping

H33 will provide re-timestamping services to extend signature verifiability as algorithms age. Re-timestamping adds a new timestamp layer without modifying the original signature or document.

4.2 Managed Re-Timestamping (Enterprise Plan)

Under the Enterprise Plan, H33 will automatically re-timestamp Customer's archived documents on a schedule calibrated to maintain the security margin of the signature chain, without requiring Customer action.

4.3 Algorithm Upgrade

When an algorithm is deprecated, H33 will provide upgrade services to create a new signature using current best-practice algorithms, cryptographically linked to the original signature for provenance continuity. The original signature is preserved in the archive for historical reference.

5. Certificate Authority

5.1 Certificate Issuance

H33's CA issues post-quantum certificates binding signing public keys to Customer identities. Certificates are signed using ML-DSA or SLH-DSA algorithms.

5.2 Revocation

H33 will maintain certificate revocation capabilities for the duration of the TSA operational commitment. Revocation status is embedded in signatures at signing time as a snapshot.

5.3 Key Transparency Log

H33 will operate a publicly accessible, append-only key transparency log containing all signing public keys issued through the CA. The log is cryptographically auditable by independent third parties.

6. Key Escrow

6.1 Escrow Arrangements

Customer may designate escrow agents for archival signing keys. Key escrow uses threshold cryptography: the private key is split into shares requiring a configurable threshold (minimum 2 of N, where N is between 2 and 5) for reconstruction.

6.2 Reconstruction Conditions

Key reconstruction requires the threshold number of escrow agent shares and may only be performed under conditions specified in the escrow arrangement (e.g., signing entity ceases to exist, court order, regulatory requirement).

6.3 Emergency Key Escrow (Operational Continuity)

In the event H33 ceases operations, all escrowed private key material will be transferred to the designated escrow agents, and all archived signature records and verification infrastructure will be transferred to a successor designated in H33's operational continuity plan. Enterprise Customers are named beneficiaries of the operational continuity plan.

7. Verification Software and Independent Verifiability

7.1 Open-Source Verification

H33 will maintain a publicly accessible, open-source version of its signature verification software for as long as it operates the Archival Signing Services.

7.2 Software Escrow

H33 will provide the verification software source code in escrow to a designated third party. In the event H33 ceases operations, the escrowed software will be released to enable independent verification.

7.3 Backward Compatibility

H33 will maintain verification capability for every signature format version and every algorithm combination it has ever issued, for the duration of the TSA operational commitment.

8. Document and Signature Retention

8.1 Signature Record Retention

H33 retains signature records (including timestamp tokens, certificate chain snapshots, and audit history) for the duration of the TSA operational commitment or the Customer's contract period, whichever is longer.

8.2 Document Content

H33 does not retain copies of signed document content unless Customer explicitly opts in to managed document storage. Document content submitted for signing is processed transiently and not persisted beyond the signing operation.

8.3 Deletion

Customer may request deletion of document content from H33's systems at any time. Deletion of document content does not affect the validity of the signature record, which is retained per Section 8.1.

9. Pricing and Billing

9.1 Per-Signature Pricing

Archival Signing Services are priced per signature at the rates shown in Documentation, pricing pages, or the applicable Order Form. Pricing reflects the long-term infrastructure commitment embedded in each signature.

9.2 Managed and Enterprise Plans

Managed and Enterprise Plans are billed monthly and include the services described in the applicable plan documentation.

9.3 Non-Refundable

Signature fees are non-refundable once a signature has been issued, except where required by law or due to a verified platform error.

10. Disclaimers and Limitations

10.1 No Legal Advice

H33 does not provide legal advice regarding the legal validity of electronic signatures in any jurisdiction. Customer is responsible for determining whether Archival Signing Services satisfy Customer's legal, regulatory, or contractual requirements.

10.2 Algorithm Longevity

H33 does not guarantee that any cryptographic algorithm will remain secure for any specific period. H33's algorithm health assessments are based on current cryptographic knowledge and are subject to change as cryptanalysis evolves.

10.3 Third-Party Trust Programs

Inclusion of H33's CA root in third-party trust programs (including the Adobe Approved Trust List, Microsoft Trusted Root Program, and similar programs) is subject to the policies and decisions of those third parties. H33 does not guarantee inclusion or continued inclusion in any third-party trust program.

11. No Expansion of Liability

This Addendum does not expand H33's liability or Customer remedies beyond the Terms, and the Terms' limitations of liability apply. Notwithstanding the foregoing, H33's aggregate liability for claims arising under this Addendum will not exceed the greater of (a) the amounts paid by Customer for Archival Signing Services during the twelve (12) months preceding the claim, or (b) the limitation set forth in the Terms.