@SignOfficial #SignDigitalSovereignInfra $SIGN
The credential went through when it shouldn’t have.
I had the issuer open in one tab. Still listed. Still trusted. Same registry entry sitting inside the Sign's identity layer like nothing had changed. Another tab had the program flow that consumed it. Credential in. Verification passed. No hesitation from the system, just that quiet acceptance that makes you stop questioning it.
I thought maybe I missed an update. Then I blamed propagation lag. Then that familiar doubt,maybe the change I heard about wasn’t real yet. Policy shift, suspension, whatever you want to call the kind of institutional wobble that never lands cleanly in one announcement.
But the registry hadn’t moved.
Sign’s issuer registry was still carrying the institution as trusted. Downstream systems did exactly what they were built to do. They kept accepting credentials signed by that issuer because the trust relationship still resolved as valid. No re-evaluation. No friction. Just inheritance.
Meanwhile the institution itself had already started slipping. Mandate narrowing. Internal freeze. Authority not quite what it was when the registry first recorded it.
That gap is hard to see while everything keeps working.
On Sign, A credential signed yesterday still verifies today. The registry says yes. The system moves forward. And the only place the change really exists is outside the infrastructure, in a version of reality the registry hasn’t caught yet.
So the acceptance goes through anyway.
And nobody can point to the exact moment the issuer stopped being trustworthy and the system kept trusting them anyway.