C2PA 2.3: Live Video, New Formats, and the Path to ISO

What Is New in C2PA 2.3

On February 9, 2026, the C2PA released Content Credentials 2.3, the latest version of the open standard for content provenance. The full technical specification introduces several significant capabilities:

Live Video Streaming

For the first time, C2PA supports provenance for live broadcast and streaming content. This is a major expansion — previous versions only covered static files. Live video signing opens the door for newsrooms, sports broadcasters, and live event producers to attach verifiable provenance to their streams in real time.

Expanded File Format Support

Version 2.3 adds support for plain text documents, OGG Vorbis audio, large AVI video files, and EXIF Original Preservation Images. This broadens the standard's reach beyond the photo and video formats that dominated earlier versions.

Enhanced Editing History

Users can now see specific details about changes made to content — resizing, markup, redactions, and other edits are recorded with greater granularity. This makes the provenance chain more transparent and useful for verification.

Cloud-Based Trust References

Organizations can now point directly to trusted information sources stored in the cloud, rather than embedding all trust material in the file itself. This reduces file size overhead and enables dynamic trust list updates.

The Road to ISO

The C2PA specification is being standardized as ISO/DIS 22144, titled "Authenticity of Information — Content Credentials." As of early 2026, it is at the Draft International Standard (DIS) stage — meaning it has passed the Committee Draft stage and is undergoing final ballot by ISO member bodies.

ISO standardization matters for several reasons:

Regulatory alignment: The EU AI Act requires machine-readable labeling of AI content. An ISO standard gives regulators a concrete reference point.
Procurement requirements: Government and enterprise procurement processes often require ISO-compliant solutions.
Interoperability: ISO standardization ensures consistent implementation across vendors and geographies.

The W3C is also examining C2PA for adoption at the browser level, which could enable native content credential display without extensions or plugins.

The Growing Ecosystem

The Content Authenticity Initiative has grown to over 6,000 members globally. The ecosystem now spans the full content lifecycle:

Capture: Leica (M11-P, SL3-S), Sony (Alpha series, PXW-Z300 camcorder), Canon (EOS R1, R5 Mark II), and Google (Pixel 10) now sign content at capture.
Creation: Adobe's Content Authenticity web app (public beta) lets any creator attach Content Credentials to their work.
Distribution: TikTok, LinkedIn, and Meta display content credentials on their platforms.
Verification: The Content Credentials Verify tool and the C2PA Conformance Explorer let anyone check provenance.

Government Recognition

In January 2025, the NSA, Australian Signals Directorate, Canadian Centre for Cyber Security, and UK National Cyber Security Centre jointly published a Cybersecurity Information Sheet on Content Credentials, recommending practices for metadata preservation and outlining implementation considerations for organizations. This multi-national government endorsement signals that content provenance is moving from industry initiative to critical infrastructure.

What This Means for sig-share

C2PA 2.3's expansion — especially live video and cloud trust references — validates the direction sig-share is building toward. As the standard matures and gains ISO backing, the case for open verification infrastructure grows stronger:

C2PA defines what to sign. sig-share adds where to log it and how to verify it openly.
ISO standardization creates the foundation. Open transparency logs provide the auditable trust layer on top.
Live video signing creates new verification challenges that benefit from real-time transparency log integration.