[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [dss] Timestamping
At 04:49 PM 3/25/2003 +0100, Gregor Karlinger wrote: > > -----Original Message----- > > From: Trevor Perrin [mailto:trevp@trevp.net] > > Sent: Tuesday, March 18, 2003 10:38 PM > > To: dss@lists.oasis-open.org > > Subject: [dss] Timestamping > >[...] > > > A time-marked signature is just a signature on some content > > with a signed > > attribute (created by the signer) containing the signing time. > > > > A time-stamped signature contains, as an unsigned attribute, > > a timestamp > > "token", which somehow binds the time and a hash of the time-stamped > > signature's signatureValue, and is created and signed by a > > 3rd party TSA > > (Time Stamp Authority). > >My understanding of those two terms is the following: > >* A signature is time-marked if the signer claims the signing > time and signes this claim together with the actual data. > >* A signature is time-stamped if the time is claimed by a > trusted third party, and this claim is incorporated into > the signature as time stamp token. > >Am I right here? Other opinions? Yes, that's how the document uses those terms. The discussion we've been having on-list is whether the "time stamp token" in your second bullet might just be a time-marked signature on the original signature, or whether it should be a signature on a <TSTInfo> structure which contains the time and the hash. Trevor
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]