Understanding C2PA trust chains
A trusted C2PA result requires more than a mathematically valid signature. The signing certificate must also chain to a recognized trust source.
Trust tiers
From media signature to recognized trust source
The certificate that signs the C2PA manifest or claim.
An issuer certificate that connects the signing certificate toward a trust source.
A trust anchor or recognized source used to decide public trust status.
Validation traversal
How the extension evaluates the path
| Step | Question | Possible outcome |
|---|---|---|
| Signature | Does the signature validate against the manifest and media? | Invalid if signature or integrity validation fails. |
| Certificate path | Can the signing certificate be linked to an issuer chain? | Signed but untrusted if the signature is valid but public trust is not recognized. |
| Trust source | Does the chain terminate in a recognized C2PA trust source? | Trusted when the evidence and chain are valid and recognized. |
Local-first security
Trust evaluation is designed to support local review. Media files are not uploaded to a C2PA Signer backend for trust-chain inspection.
Status mapping
Why a valid signature can still be untrusted
Signed but untrusted
The signature can be cryptographically valid while the certificate chain is not recognized as public trust.
Trusted
The media has valid C2PA evidence and the signing certificate chains to a recognized trust source.