Re: [SignServer-develop] About timestamp response

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

On 03/08/2016 01:57 PM, Martin Kannel wrote:
> Hi signserver users!

Hi Martin,

> 
> I'd like to ask is there possibility to configure SignServer
> (TimeStampSigner) so, that timestamp responses contain always the
> extension "qcStatements" with the value "esi4-qtstStatement-1"? If yes,
> then how?
> 
> (I saw only ACCEPTEDEXTENSION parameter in the manual, but that's not it?)

Maybe not exactly what you want but I think the idea with
ACCEPTEDEXTENSIONS would be that if the request contains an extension
with that OID it would be included (copied) to the response.

> 
> That kind of requirement may be raised when applying ETSI EN 319 422
> V1.0.0 standard (see chapter 9.1):
> "When a time-stamp token is a qualified electronic time-stamp as per
> Regulation (EU) No 910/2014 [i.3], it should contain one instance of the
> qcStatements extension with the syntax as defined in IETF RFC 3739
> [i.5], clause 3.2.6. If the qcStatements extension is present, it shall
> contain one instance of the statement "esi4-qtstStatement-1" defined in
> annex B."
> 

If the qcStatements OID is included in ACCEPTEDEXTENSION and the request
contains it then I think it would be included.

I haven't looked into those documents yet but if I understand what you
have sent the TSA should add the extension itself and not take it from
the request, right?

BR,
Markus

> I'm using signserver-ce-3.7.0.
> 
> Thanks and
> Cheers!
> 

-- 
Kind regards,
Markus Kilås
PKI Specialist

PrimeKey Solutions AB

Lundagatan 16
SE-171 63 Solna
Sweden

Phone: +46 70 424 94 85
Email: mar...@pr...

https://www.primekey.se