Wednesday, 1 April, 2026
Anthropogenic eutrophication of Lake Titicaca (Bolivia) revealed by carbon and nitrogen stable isotopes fingerprinting
The contribution of stable isotopes of antimony for tracing pollution sources and transfer processes in aquatic environments.
Multi-isotope (Pb, Sb) approach to trace metallic contaminant sources at a historical mining and metallurgical site
Antimony isotope fractionation during Sb(V) and Sb(III) adsorption on secondary Fe-minerals (schwertmannite, ferrihydrite) typical of mine waters
Linkedin
Guides
Collaborer
ISOF Certificates - Level 2
ISOF Certification

Laboratory certificates
level 2

Sign your .isof files with a cryptographically verifiable identity, issued by IsoFind SAS.

Level 1 - included

SHA-256 integrity

SHA-256 · local hash

The .isof file embeds a SHA-256 fingerprint computed at export. Any modification to the content is immediately detectable, without a network connection.

  • Detection of any content alteration
  • 100% offline verification
  • Does not authenticate the issuer
Level 2 - laboratory certificate

IsoFind PKI authenticity

ECDSA P-256 · X.509 certificate

The file is signed with the laboratory's private key, bound to a certificate issued by the IsoFind Issuing CA. Any third party can verify the signer's identity without a network connection.

  • Verifiable integrity and authenticity
  • Public identifier verifiable in the IsoFind PKI
  • ECDSA P-256 signature by IsoFind SAS
  • Offline verification, no third party required
  • Legal and forensic standing
What level 2 guarantees

Four cryptographically
provable properties

Each laboratory certificate is signed by the IsoFind Issuing CA and embedded in the .isof file. Verification depends on no external service.

Content integrity

The SHA-256 fingerprint of the canonical JSON representation is covered by the ECDSA signature. Any modification - even a single digit - invalidates the signature.

Laboratory identity

The X.509 certificate binds an ECDSA P-256 public key to the laboratory's identity, verified by IsoFind SAS prior to issuance.

IsoFind trust chain

The laboratory certificate traces back to the IsoFind Root CA (RSA 4096, offline). Both the Root CA and the Issuing CA are embedded in the IsoFind binary.

Offline verification

Full verification - chain, validity, embedded CRL, ECDSA signature - works without a network connection. Critical for air-gapped environments.

IsoFind PKI infrastructure
CA
IsoFind Root CA

Top of the trust chain. Signs only the Issuing CA. Private key stored offline on an encrypted physical medium, never connected to any network.

RSA 4096 valid until 2046 offline
Signs
CA
IsoFind Issuing CA

Issues laboratory certificates. Private key on a hardware HSM. Publishes a CRL for revocation. Embedded in the IsoFind binary for offline verification.

ECDSA P-256 valid until 2031 HSM CRL
Signs
LAB
Laboratory certificate

Bound to the private key generated locally by the laboratory within IsoFind. The private key never leaves the workstation. The certificate is renewable annually.

ECDSA P-256 1 year, renewable AES-256-GCM local
Pricing

ISOF level 2 certificate

Valid for one year, renewable. Includes identity verification of the laboratory, issuance of an X.509 certificate signed by the IsoFind Issuing CA, and installation support.

  • Laboratory identity verification
  • X.509 ECDSA P-256 certificate signed by IsoFind SAS
  • Public identifier in the IsoFind PKI
  • Integration support within IsoFind (Pro licence required)
  • Renewal on expiry, data preserved
from
80 €
per year, excl. VAT
Rate adjusted to organisation size. Custom quote on request.
Request a certificate
Process

Obtaining your certificate

Four guided steps. Your private key never leaves your machine.

01

Submit your request

Fill in the form below. Processing time: 2 to 5 business days.

02

Generate your CSR

In IsoFind, go to Certificates > New certificate. Your private key stays on your machine, encrypted with AES-256-GCM.

03

Send the CSR

Send the .csr file generated by IsoFind to colin.ferrari@isofind.tech. Your private key never reaches us.

04

Import your certificate

You will receive a .crt file. Import it in IsoFind via Certificates > Import. Your .isof files can now be signed at level 2.

Request form

Request a laboratory certificate

This information is required for the identity verification necessary to issue a legally binding certificate.

After submission, you will be contacted within 2 to 5 business days to confirm your identity and guide you through generating the CSR from IsoFind.
Send request Your data is used solely for identity verification in connection with certificate issuance.

Questions about the certification process or the IsoFind PKI?

colin.ferrari@isofind.tech
  • Foix, FRANCE
Linkedin

All Rights Reserved by IsoFind