Re: [SignServer-develop] SignServer ( TimeStamp)

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

On 06/16/2015 10:35 AM, Ebtehal Hassan wrote:
> 
> Hello all,
> I want asked about how time stamp was working and how it was put its
> stamp on the document,
> for example when i deploy signserver as PDF Signer & time  stamper what
> exactly appears to me 
> please help me  
> 
> 

Hello Ebtehal,

The process of signing and time-stamping a PDF document could be
described something like this:

1. The PDF document is uploaded to the PDF Signer by the client.

2. After the document has been recieved by the PDF Signer a new PDF is
created with the same content as the original but some space made
available to insert the signature as well as additional attributes.

3. The signature is then created and inserterted into the document.

4. A hash of the signature is created and sent in a request to the
time-stamp authority (TSA). Either an external TSA operated by somebody
else or an internal one in SignServer.

5. The TSA recieves the time-stamp request and produces a time-stamp
token containing the hash, the time-stamp and the signature of it and
returns it to the PDF Signer.

6. The PDF Signer inserts the time-stamp token into the document.

7. The signed & time-stamped PDF document is returned to the client.

Now a PDF reader with support for digital signatures can verify the
signature of the document as well as verify the time-stamp token.

Regards,
Markus

PrimeKey Solutions offers a commercial EJBCA & SignServer support
subscription and training. Please see www.primekey.se or contact
in...@pr... for more information.
https://www.primekey.se/Services/Support/
https://www.primekey.se/Services/Training/