Re: [SignServer-develop] About timestamp response

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Hi Markus!

Thanks for quick reply!

On 08.03.2016 15:31, Markus Kilås wrote:
> On 03/08/2016 01:57 PM, Martin Kannel wrote:
>> I'd like to ask is there possibility to configure SignServer
>> (TimeStampSigner) so, that timestamp responses contain always the
>> extension "qcStatements" with the value "esi4-qtstStatement-1"? If yes,
>> then how?
>>
>> (I saw only ACCEPTEDEXTENSION parameter in the manual, but that's not it?)
> Maybe not exactly what you want but I think the idea with
> ACCEPTEDEXTENSIONS would be that if the request contains an extension
> with that OID it would be included (copied) to the response.
Yes, you're right, that's not what I need, but it's good to know that if 
the request contains an extension with the OID, then it is copied to the 
response.
I'll try to test it.
>> That kind of requirement may be raised when applying ETSI EN 319 422
>> V1.0.0 standard (see chapter 9.1):
>> "When a time-stamp token is a qualified electronic time-stamp as per
>> Regulation (EU) No 910/2014 [i.3], it should contain one instance of the
>> qcStatements extension with the syntax as defined in IETF RFC 3739
>> [i.5], clause 3.2.6. If the qcStatements extension is present, it shall
>> contain one instance of the statement "esi4-qtstStatement-1" defined in
>> annex B."
>>
> If the qcStatements OID is included in ACCEPTEDEXTENSION and the request
> contains it then I think it would be included.
>
> I haven't looked into those documents yet but if I understand what you
> have sent the TSA should add the extension itself and not take it from
> the request, right?
Yes, right.
I understand those documents the same way. The addition of this 
extension should be time-stamp token's (timestampstigner) responsibility.

Any chance it would be implemented in one of the future releases of 
SignServer? :-)

Regards,
Martin

> BR,
> Markus
>