Home / Security & Standards
RankShield Legal anchors to public standards — NIST post-quantum signatures, RFC 6962 transparency logs, IETF RATS attestation — so its proofs are checkable with open tooling rather than proprietary trust. This page states plainly what we use, what we store, and where the honest edges are.
Certificates store digests, verdicts, public citation metadata, and coverage indicators. Privilege attestations store digests and enumerated methods. Neither stores privileged content, filing substance, or client material — the architecture is proof-without-exposure by design. Where a check depends on an external source (live case-law, your firm's citator), that dependency and its coverage are recorded with the result rather than hidden.
Why composite post-quantum signatures?
Certificates may need to remain verifiable for decades, so they are signed with both ML-DSA (lattice-based) and SLH-DSA (hash-based) — two different mathematical foundations. If cryptanalysis weakens one family, the other still holds. That redundancy matters most for legal records, whose confidentiality and integrity obligations outlast most technology cycles.
Can I verify a record without a RankShield account?
Yes. Verification uses the receipt itself: check the post-quantum signature, then check the RFC 6962 inclusion proof against the public log head. Both steps use open, documented constructions, which is what makes the verification independent rather than a feature of our dashboard.
Is RankShield Legal a law firm or compliance service?
Neither. RankShield is a security vendor. Its outputs are designed to support compliance obligations — court AI certifications, client audit demands, confidentiality duties — by producing verifiable evidence, but it does not give legal advice and it does not make you compliant by itself. Your professional judgment stays in charge.
We'll walk your firm's risk and IT owners through the signing, sealing, and verification path end to end.
Request early access