[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [dss] Timestamping
Nick,
> -----Original Message-----
> From: Nick Pope [mailto:pope@secstan.com]
> Sent: Tuesday, March 25, 2003 8:49 PM
> To: Gregor Karlinger; 'Trevor Perrin'
> Cc: dss@lists.oasis-open.org
> Subject: RE: [dss] Timestamping
>
>
> Gregor,
>
> I realised that I over simplified the situation. There are three
> situations:
>
> a] A time-mark is included within the signed data as an
> indication/affirmation from the signatory of the signing time
>
> b] A time-stamp is included within the signed data, applied
> against one or all the signed objects, as an affirmation from
> an independent party of the time at which the signed data
> existed, which is on or before the signing time.
>
> c] A time-stamp is applied over the signature as an
> affirmation from an independent party that the signature was
> created on or after the signing time. If the signing time is
^^^^^^^^^^^
I think this should read "on or before", right?
> also included in the signed data (as in [a]) this can be used
> to independently support this signing time and protects
> against later repudiation of the signature.
>
> I think that I have it now matching the options in XAdES.
According to XAdES, I would like to add the following item
d] A time-stamp is applied over
- signature
- revocation information
- time-stamps not signed by the signature
by an archiving service in order to protect against weak algorithms,
and key compromise (see section 7.7.1 of XAdES).
/Gregor
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]