The European Commission is updating the technical version of the trusted list. The upgrade from version 5 to version 6 will take place on 29 April 2026. The news article can be found here. At the same time, on the European side, a last-minute change has led to the decision to also update the trust anchors of LOTL.
The update is scheduled to begin on 14 April 2026. A notice has been published in the Official Journal of the European Union setting out the new LOTL certificates (trusted anchors) that will be introduced as part of the transition to version 6. The notice can be found here.
Related parties have until 29 April, from the date of publication of the notice, to update their information systems where necessary and to implement the new certificates.
We strongly recommend to carry out the updates as soon as possible during the transition period. All base libraries used in information systems must support the TLv6 format by 29 April 2026 at the latest. Please note that, in addition to implementing updates to the information systems, it is also necessary to implement the updated LOTL trust anchors.
If the LOTL signing certificates are not updated, the creation and validation of digital signatures in your information system may fail after 29 April 2026, as the LOTL chain of trust will be broken. For users, this means that all old digital signatures, as well as those created by others, will be displayed as invalid.
What will change:
- The LOTL trust anchors are being updated; the planned start date for the update is 14 April 2026, and a transition period will begin once the certificates have been published.
- On 29 April 2026, Europe will switch to a new version of the trusted list.
Who will be affected:
- All information systems that use the loading of trust lists for the creation and validation of signatures.
- Information systems that use the Digidoc4j library.
- Information systems that use the DSS library.
- Information systems on which the SiGa or SiVa software has been installed.
Who will not be affected:
- Users of the Digidoc4 and RIA DigiDoc applications.
- Integrators of the Libdigidocpp library.
- Users of the signing and validation service of the Information System Authority.
What to do:
- Information systems must ensure that the base libraries in use support the TLv6 format and trust the updated LOTL trust anchors.
- If you are using the Digidoc4j library, please switch to Digidoc4j version 6.1.1 (available here) or version 5.3.3 (available here).
- Users of the Digidoc4j library who have enabled the pivot LOTL mechanism (enabled by default from version 5.0.0) must update their LOTL trust store. Available here.
- If you are using the DSS library, please refer to the official information provided by them.
- If you are using the SiGa software (version 2.11.0 or newer required), the guide can be found here.
- If you are using the SiVa software (version 3.9.0 required), the guide can be found here.
