This is the most fascinating (infascinating? like, infamous/famous distinction? whatever) things about bureaucracies, to me: they sincerely expect everyone to follow their internal rules and procedures, even the people who are completely outside their jurisdiction by any stretch of imagination.
Like, "we require the application of your personal seal to the papers" — "Personal seal?.. we use signatures in this part of the world, you know" — "No, we don't accept signatures, it has to be a seal imprint" so then you just stamp some absolutely random rubber stamp and they accept it because even if they can't actually read Cyrillic, it's a stamp and that's all that matters.
I taught at a German university for a few years. And they way grades were handled was, you had to print a standardized piece of paper for every student with their name, date of examination, and grade, and drop them off at the secretary's office.
The secretary would stamp every such Schein with a rubber stamp. Then the students would pick up their Scheine at the secretary's office and bring it to the examination department themselves (!) to get the grade registered. Only at the very of my time there, they changed the system and I could hand in the grades directly to the examination department.
At any rate, the system was so stupid. It was trivial for students to print a new Schein with a better grade and register that (there must have been a lot of fraud). But the counter argument was 'no, it's very safe because the students do not have a rubber stamp'. Of course, the rubber stamp was just the university logo with something like the faculty name next to it. Trivial to copy (or make a rubber stamp for more enterprising students).
Probably the procedure had been followed since 1573, well before home printers, scanners, phone cameras, or get-your-own-rubber-stamp-for-a-few-bucks internet shops.
This is almost always how these seemingly silly bureaucracy hoops become established. They were created in a prior time where a third party obtaining "magic item Y" with which to authenticate was significantly difficult to near impossible. Then, over time, the world, and technology improve, to the point where anyone, willing to spend $9.99, can have an exact duplicate of "magic authentication item Y" manufactured via any one of 78 different makers. But the bureaucracy continues using the now outdated process because "this is the way it has always been done".
It is largely a real world example of "The Monkeys, Bananas and Ladder Experiment": https://psychologyfor.com/the-monkeys-bananas-and-ladder-exp...
When they could just cut out the middle man and just make fraud itself illegal and not require the magic item at all.
Sometimes it becomes truly ridiculous: I once had to apply for some thing, and was told I need to grab and provide them some certificate from a different government service to prove that I'm actually eligible. Okay, I do that, and then they spend two weeks verifying the certificate by physically mailing and inquiring info about me from that other service and waiting for them to respond (also by physical mail).
My entire career is predicted on the things I did with a stack of university letterhead 40 years ago.
They wanted a government issued identification document with both photograph of the individual as well as their physical address on it.
No such document exists for South Africans, I offered to get attestations from lawyers, police, but nothing was good enough.
Then I had to threaten charging back the credit card to get a refund (as opposed to credit) on the not-insubstantial fee for a service that their verification policies made impossible to be fulfilled by South African entities.
We succeeded with DigiCert, was a bit involved including getting sign off by a certified security consultant that we had appropriate procedures in place to protect the private key, but eventually got through the process.
But generally happy to not be using them these days. I do our domain registrations through Namecheap and can't say I've ever had an issue with them, also had to interact with support on occasion and also no negative experiences there.
