I'm trying to setup signserver because within my business,
I need to sign many documents and the signature must contain a time stamp from a TSA (according to RFC 3161).
Because of commercial TSA are very expensive for the amount of documents I planning to sign,
I'm thinking to setup my own TSA Service (e.g. using signserver).
What I not understood so far:
even if the creation/transmission of a time stam token is protected
using digital signatures (for which i have to setup valid and not self signed certificates)or similar mechanism,
what makes a time stamp token of such a deployment trusted (especially if its my own deployment)?
At the end, independent of how many layers are between my business software and a "clock",
at the end within the code of the Time-Stamping Service, i could place a lot of "my own magic",
or manipulate the clock, ...
Without looking into the software of such a implementation,
nobody could be sure that this service is really RFC compliant just because I say so ?
Are there any mechanism, e.g. a audit,
a Time-Stamping Service provider has to pass, before he gets a certificate (which then signs the created time stamp tokens).
Very for helpfully answers,
Regards: Stefan
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
A document that describes this quite well is ETSI TS 102 023 V1.2.2 (2008-10) "Policy requirements for time-stamping authorities".
For instance see "Conformance", "Obligations and liability" and the "Practise and Disclosure Statements" where one of the points is an assesment by an independent party (ie an audit).
Best regards,
Markus
PrimeKey Solutions
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Hi all,
I'm trying to setup signserver because within my business,
I need to sign many documents and the signature must contain a time stamp from a TSA (according to RFC 3161).
Because of commercial TSA are very expensive for the amount of documents I planning to sign,
I'm thinking to setup my own TSA Service (e.g. using signserver).
What I not understood so far:
even if the creation/transmission of a time stam token is protected
using digital signatures (for which i have to setup valid and not self signed certificates)or similar mechanism,
what makes a time stamp token of such a deployment trusted (especially if its my own deployment)?
At the end, independent of how many layers are between my business software and a "clock",
at the end within the code of the Time-Stamping Service, i could place a lot of "my own magic",
or manipulate the clock, ...
Without looking into the software of such a implementation,
nobody could be sure that this service is really RFC compliant just because I say so ?
Are there any mechanism, e.g. a audit,
a Time-Stamping Service provider has to pass, before he gets a certificate (which then signs the created time stamp tokens).
Very for helpfully answers,
Regards: Stefan
Hi Stefan,
A document that describes this quite well is ETSI TS 102 023 V1.2.2 (2008-10) "Policy requirements for time-stamping authorities".
For instance see "Conformance", "Obligations and liability" and the "Practise and Disclosure Statements" where one of the points is an assesment by an independent party (ie an audit).
Best regards,
Markus
PrimeKey Solutions