Skip to main content
Jiri+Peterka
Participant
June 24, 2026
Question

What is the exact meaning of the new "last checked" date info on EUTL Source of Trust message, that is appearing in newest Reader versions (2026.001.21662+)

  • June 24, 2026
  • 2 replies
  • 85 views

Product: Adobe Acrobat Reader (Continuous track)
Versions observed: 2026.001.21662 → 2026.001.21677 (English UI)

Description:

Starting with version 2026.001.21662, the signature/seal validation panel shows an additional date appended to the existing trust-source message:

Source of Trust obtained from EU Trusted List last checked on 2026-06-05

In prior versions, this message did not include a date — it simply stated that trust was obtained from the EU Trusted List (EUTL).

Testing performed:

  1. Verified two independent qualified signatures/seals, based on certificates issued under different national Trusted Lists:
    • Czech Republic (CZ)
    • Belgium (BE)
    Both show the identical date: 2026-06-05.
  2. Compared this date against official EU trust-list metadata:
    • EU LOTL (https://ec.europa.eu/tools/lotl/eu-lotl.xml) — ListIssueDateTime: 22 May 2026; NextUpdate: 18 Nov 2026.
    • Czech national TL (https://tsl.gov.cz/publ/TSL_CZ.xtsl) — issue date: 16 June 2026.
    Neither matches 2026-06-05.
  3. Performed a manual trust-list refresh via Edit > Preferences > Trust Manager > Load trusted certificates from an Adobe EUTL server > Update Now. The "last checked" date did not change.
  4. Upgraded the application from 2026.001.21662 to 2026.001.21677 (released 2026-06-17). The date still shows 2026-06-05, unchanged.

Question:

What does this date actually represent? Candidates considered and apparently ruled out by the above tests:

  • It is not the ListIssueDateTime of the EU LOTL.
  • It is not the issue date of the relevant national Trusted List.
  • It does not reflect a live/manual "Update Now" check (date unchanged after refresh).
  • It does not appear tied 1:1 to the installed product build (date unchanged across two subsequent releases).

The most likely remaining explanation is that this date reflects when Adobe's own internal EUTL bundle (the subset of LOTL data Adobe redistributes to Acrobat/Reader) was last regenerated/published on Adobe's side — independent of both the official LOTL update cycle and the Acrobat/Reader release cycle. Could Adobe confirm:

a) The exact meaning/source of this timestamp, and
b) Whether there is (or will be) documentation describing this new UI element, including the build in which it was introduced.

    2 replies

    Amal Jaiswal
    Community Manager
    Community Manager
    June 29, 2026

    Hi ​@Jiri+Peterka 

    Hope you are doing well and thanks for reaching out.
     

    This date reflects when Adobe's own internal EUTL bundle (the subset of LOTL data Adobe redistributes to Acrobat/Reader) was last regenerated/published on Adobe's side, independent of both the official LOTL update cycle and the Acrobat/Reader release cycle.

     

    Based on some regulatory concerns raised by European Forum of Supervisory Authority, Acrobat update “26.001.21662 Planned update, Jun 09, 2026” and onwards have started to display the timestamp when last EUTL bundle was updated on Adobe servers. This has been done to mitigate the scenarios where an old copy of EUTL could result in signatures being classified as not trusted or vice versa.

    Hope this information will help.

     

    ~Amal

    Jiri+Peterka
    Participant
    June 29, 2026

    Thank you for your reply.

    I also noticed several other changes in Reader behavior when validating digital signatures. Mainly: if trust can be obtained both from EUTL and AATL, Reader newly uses only AATL. This means that it fails to discover (from EUTL) that a certificate is qualified (it only sees that the private key resides on a  QSCD). Therefore Reader does not detect that the signature is a QES.  I include a picture of such a qualified certificate, as viewed by Reader. 

    BTW, if trust can be obtained only from EUTL, than Reader correctly detects a qualified certificate and a QES (of course I updated both trust sources in Trust Manager :).

     

    Also: in the Czech version of Reader, you changed the previously corrrect translation of “Qualified Electronic Signature” from “Kvalifikovaný elektronický podpis” into “Prověřený elektronický podpis” (also on the Czech versions of the Adobe Help web). This is incorrect and will be very confusing and misleading for the users, as it differs significantly from the official Czech terminology. Please correct it as soon as possible 🙏

    P.S. I appreciate that you corrected the previously wrong Czech translation of “seal” as “razítko” into the correct “pečeť”. 👍

    Amal Jaiswal
    Community Manager
    Community Manager
    July 3, 2026

    @Jiri+Peterka  We have logged the ticket with the engineering team. The fix will be available in the future updates.

    ~Amal

    craig42son
    Participant
    June 24, 2026

    Hello,

    In technical terms, digital signature validation relies on a local cache of root certificates. Rather than indicating when the specific PDF document or its signature was checked, this date represents the fresh status of your application's security definitions. If this timestamp is recent, it ensures that Adobe is evaluating the document's qualified e-signature against the most up-to-date, legally recognized list of EU trust providers, eliminating ambiguities over whether a newly accredited or recently revoked certificate authority is being accurately recognized.


    Best Regards
    TPT portal

    Jiri+Peterka
    Participant
    June 24, 2026

    Thank you for your reply. Actually the timestamp (“last checked” = 2026-06-05) is not recent - the EUTL and relevant national TLs were updated after that date. So the info that Reader is working with may not be the most up-to-date. As a user I probably am not able to force Reader to update this info - the app directs me (though a provided link) to consult the EUTL myself, probably “manually” :-)

    Best Regards
    Jiri