Go to main content
Certyneo
Lifecycle infographic

The 7 stages of an electronically signed document

From drafting to probative sealing through signature, here are the 7 stages every document goes through on Certyneo. For each: average duration, audit-trail event logged, and the technical reason it exists.

The full flow in 7 stages

Each stage emits (or not) an event in the eIDAS audit trail. The 6 mandatory stages are common to every eIDAS-compliant solution; revocation is optional (used for terminated employment contracts and post-signature lease cancellations).

  1. Stage 1

    Document drafting

    The document is created (Word, PDF, Markdown) before any platform interaction. No event logged — this stage is external to the signature system.

    5 minMandatory
  2. Stage 2

    Platform preparation

    Upload the PDF, place signature fields, designate signers, pick the eIDAS level (SES / AES / QES). First event logged: 'envelope.created'.

    2 minMandatory📜 Audit-trail event
  3. Stage 3

    Send to signers

    The signer receives an email with a secure link (time-limited JWT token). The 'envelope.sent' event is logged with timestamp and the sender's IP.

    30 sMandatory📜 Audit-trail event
  4. Stage 4

    Signature by the recipient

    Identification (SMS code, ID scan, or QES certificate), document reading, signature. The 'envelope.signed' event logs IP, geolocation, timestamp, identification method.

    3 minMandatory📜 Audit-trail event
  5. Stage 5

    Cryptographic sealing

    SHA-256 hash of the signed document, hash signing with the Certyneo HSM key, integration of the RFC 3161 qualified timestamp. The document becomes cryptographically immutable. Event: 'envelope.sealed'.

    1 sMandatory📜 Audit-trail event
  6. Stage 6

    Probative archival

    The signed PDF + audit trail + signature certificate are archived per AFNOR Z42-013 for 10 years. Event: 'envelope.archived'.

    autoMandatory📜 Audit-trail event
  7. Stage 7

    Revocation (optional)

    For some documents (terminated employment contracts, cancelled leases), a revocation can be logged without modifying the sealed document. The 'envelope.revoked' event adds an audit layer without breaking the original probative chain.

    n/aOptional📜 Audit-trail event

What the lifecycle preserves

Throughout the cycle, 4 cryptographic properties remain verifiable — this is what makes electronic signatures enforceable in court.

  • Legal proof (Civil Code 1366): who signed, when, from where.
  • Bit-for-bit document integrity (SHA-256 hash + HSM signature).
  • Signer identity (logged method + eIDAS level).
  • Qualified timestamp (RFC 3161) with a recognised authority.

Methodology

The 7 stages described match the Certyneo internal pipeline, compliant with the 2014 eIDAS regulation (EU 910/2014) and the ETSI EN 319 102-1 standard for creating electronic signatures. Average durations are measured across 1,200+ customer companies between January 2024 and April 2026.

Go further

Start your first signature cycle

The 7 stages above take under 8 minutes on average on Certyneo.