Work at SourceForge, help us to make it a better place! We have an immediate need for a Support Technician in our San Francisco or Denver office.
I'm trying to setup signserver because within my business,
I need to sign many documents and the signature must contain a time stamp from a TSA (according to RFC 3161).
Because of commercial TSA are very expensive for the amount of documents I planning to sign,
I'm thinking to setup my own TSA Service (e.g. using signserver).
What I not understood so far:
even if the creation/transmission of a time stam token is protected
using digital signatures (for which i have to setup valid and not self signed certificates)or similar mechanism,
what makes a time stamp token of such a deployment trusted (especially if its my own deployment)?
At the end, independent of how many layers are between my business software and a "clock",
at the end within the code of the Time-Stamping Service, i could place a lot of "my own magic",
or manipulate the clock, ...
Without looking into the software of such a implementation,
nobody could be sure that this service is really RFC compliant just because I say so ?
Are there any mechanism, e.g. a audit,
a Time-Stamping Service provider has to pass, before he gets a certificate (which then signs the created time stamp tokens).
Very for helpfully answers,
A document that describes this quite well is ETSI TS 102 023 V1.2.2 (2008-10) "Policy requirements for time-stamping authorities".
For instance see "Conformance", "Obligations and liability" and the "Practise and Disclosure Statements" where one of the points is an assesment by an independent party (ie an audit).