The validation service framework is used to validate certificates from one or more issuers. It can be used to have one central point of performing revokation statuses to simplify the integration of external PKIs within an enterprise.
The validation service framework also provides a validation cache that can be used to increase performance for those cases an application does multiple lookups of the same certificate within a short period of time.
Out-of-the-Box, there exists a DefaultValidationService that should satisfy most use cases but it's possible to develop a custom ValidationService, if necessary.
All Validation Services is configured by specifying the org.signserver.validationservice.server.ValidationServiceWorker in the global configuration. Then is the actual ValidationService configured in the worker configuration setting the class path in the property TYPE (not necessary for the DefaultValidationService). The validation service framework is mostly used with X509v3 certificates but other kinds of certificates is supported as well by design.
Another concept in the Validation Service Framework is that the client also can ask the service to check the type of certificate that the certificate might be used for. A certificate type could be IDENTIFICATION or ELECTRONIC SIGNATURE.