Can I sign with an invalid signature card?

Signature cards with a qualified electronic certificate are legally required to be valid for a limited period only.

Once the validity has expired, you may continue to use the card for signing and sending VPS messages. The technical functionality of the signature card is not affected by the expiry of the certificate. From version 2.3.0 and beyond, the software has a function that verifies the validity of signature cards, issuing a warning for expired cards. This warning does not affect the functionality of the signature card in any way.

The postbox software on your local PC only creates the signature for the message without checking its validity. The legal validity of the signature is only checked after the message has been sent and arrived on the intermediary server of VPS at DEHSt. This server is the central server through which all incoming messages pass. The verification of a VPS message signed with an invalid electronic certificate results in a "negative" verification protocol for the writer certificate, as the public certificate of the signatory is no longer publicised by the trust centre after it expired and can no longer be accessed following the prescribed protocol.

The recipient will still be able to receive and decrypt the message as usual. The protocol found under the Verification Protocol, however, will show that the message is not legally valid. Such messages in your inbox carry a red symbol instead of a green tick (messages in red).