What is AATL, and why it matters for e-signatures
AATL (the Adobe Approved Trust List) is a program of vetted certificate authorities whose digital certificates are automatically trusted by Adobe Acrobat and Reader. When a document is sealed with an AATL-backed certificate, anyone who opens the PDF sees a trusted, tamper-evident signature — with no manual configuration. It's what turns "a PDF with a picture of a signature" into a document that can prove who signed and that nothing changed afterward.
The problem AATL solves
Open a signed PDF and you might see a green check that says "Signed and all signatures are valid" — or a yellow warning that says the signer's identity is "unknown." Same file format, very different trust. The difference is almost always whether the signing certificate is on the Adobe Approved Trust List (AATL).
A digital signature is only as trustworthy as the certificate behind it. Anyone can generate a self-signed certificate, but a recipient's software has no reason to trust it — so it shows a warning. AATL fixes this by pre-establishing trust.
What AATL actually is
AATL is a program run by Adobe. Certificate authorities (CAs) apply, pass Adobe's technical and audit requirements, and — once approved — have their root certificates distributed to Adobe Acrobat and Reader. Because those roots ship inside the software, any signature that chains up to an AATL member CA is trusted automatically, on hundreds of millions of installations, without the recipient importing anything.
In practice, an AATL certificate lets a signed PDF assert two things a recipient can verify:
- Integrity — the document has not been altered since it was signed. If a single byte changes, the cryptographic seal breaks and validation fails.
- Authenticity — the signature was applied using a certificate issued by a vetted authority, not something forged on a laptop.
AATL vs. a "typed name" e-signature
It helps to separate two layers:
- The electronic signature is the human act — clicking "I agree," typing a name, or drawing a mark. This captures intent, and under laws like ESIGN and UETA it can be legally binding on its own.
- The digital signature is the cryptography that seals the finished document. AATL governs this layer.
You want both. Intent makes the agreement enforceable; the AATL seal makes the resulting file tamper-evident and independently verifiable — so months later, in an audit or a dispute, the document can defend itself.
What the seal contains
When a document is completed and sealed with an AATL-backed certificate, the PDF embeds a cryptographic signature (typically a PKCS#7 structure) that binds the certificate to a hash of the document's contents. Opening the file in a standards-compliant reader triggers a check:
- Recompute the document hash and compare it to the signed hash. A mismatch means the file was changed.
- Walk the certificate chain up to a trusted AATL root.
- Confirm the certificate was valid at signing time.
If all three pass, the reader shows the signature as valid and trusted.
Why this matters when you choose a signing tool
Plenty of tools will slap an image of a signature onto a PDF. That is not the same as a trusted digital seal. When you're evaluating e-signature software, it's worth asking whether completed documents are sealed with an AATL-certified certificate — because that's what determines whether the file reads as trusted when someone else opens it, long after the deal is done.
PearSign seals every completed document with an AATL-backed digital certificate, so the trust is built in rather than something your recipient has to take on faith.
The short version
AATL is the quiet infrastructure that makes a signed PDF trustworthy by default. You rarely think about it — until you open a contract and see either a reassuring green check or an unsettling yellow warning. That check is AATL doing its job.
FAQ
What does AATL stand for?
AATL stands for the Adobe Approved Trust List — a program run by Adobe that maintains a list of vetted certificate authorities whose digital certificates are automatically trusted in Adobe Acrobat and Reader.
Is an AATL signature legally binding?
The legal binding comes from the electronic signature and the parties' intent to sign, under laws such as the U.S. ESIGN Act and UETA. AATL adds cryptographic trust and tamper-evidence on top, which strengthens the evidentiary value of the signed document but is a separate concept from legal enforceability.
Do recipients need special software to verify an AATL signature?
No. Because AATL root certificates ship inside Adobe Acrobat and Reader, a recipient can open the PDF and see the signature validate as trusted without installing or configuring anything.
How is AATL different from a regular electronic signature?
An electronic signature captures the act and intent of signing. AATL governs the underlying digital certificate that cryptographically seals the finished document so it is tamper-evident and its origin can be verified. Strong signing combines both.
Does PearSign use AATL certificates?
Yes. PearSign seals every completed document with an AATL-backed digital certificate so the signature appears trusted and tamper-evident when the PDF is opened.
Ready to send your first document with PearSign?
AI drafts it, places the fields, and collects every signature — sealed and audit-trailed.
This article is general information about electronic signatures and related standards — not legal advice. For your specific situation, consult qualified counsel in your jurisdiction.