A public, verifiable register
Append-only and independently re-checkable by design — don't trust us, verify us. The public log is being stood up so our own behaviour is as inspectable as the doctrine we ask of you.
Trust · who stands behind the Seal
A notary is only credible if failing is expensive for it. So our commitments are deliberately explicit, external, and verifiable — the kind a CISO, auditor or DPO can point to. TSP is operated today by LexiCo AS (Norway, EU/EEA) as operator and licensee — not the owner of the standard and not a certification authority. Independent governance of the register and mark is planned, and flagged below as not yet in place.
Neutrality by determinism
TSP attests cryptographic integrity: recompute the hash, verify the signature, check the chain, confirm the time. That is facts and physics, not judgement. The proof of neutrality is reproducibility — anyone recomputes the verdict and gets the same answer, needing to trust neither us nor a model. AI is never in the authority core; it can only be the subject we log.
Credible commitment
"The whole company is at stake" reassures no one in particular. These make the loss explicit, external, and checkable.
Append-only and independently re-checkable by design — don't trust us, verify us. The public log is being stood up so our own behaviour is as inspectable as the doctrine we ask of you.
A public promise. If we rubber-stamped for money the mark would be worthless — so our incentive is structurally locked to rigour.
We attest evidence integrity — never truth, legality or compliance. It is both an honesty binding and our liability shield.
Neutrality cannot stay one person. A governance transition — independent oversight of the register and the mark — is the plan, openly flagged as not yet in place.
Contractual limits and liability insurance — literal money to lose — sized to the responsibility and added as revenue and buyers require it.
A licence the state can revoke is the strongest external bond. We are on the path to qualified timestamps and seals (below), supervised by Nkom.
eIDAS / QTSP status — stated plainly
eIDAS qualified timestamps (Art 42) and qualified seals (Art 35) carry a legal presumption of the integrity of the data and of the time and origin it is bound to — and explicitly not that the content is true or lawful. That is exactly our doesNotMean boundary, written into EU law.
Evidence survives us
A one-person bus-factor is a risk to you, not just to us. So the canonical register is backed by a public transparency log a customer can re-verify independently — and a continuity posture so the evidence, and its verifiability, outlast us.