Re: [dss] Time-stamp protocol

[Trevor Perrin <trevp@trevp.net>]

At 01:12 PM 11/8/2004 +0100, Juan Carlos Cruellas wrote:
>Hi,
>
>While starting to write text as requested by ANSI9F,
>I have found something that I would like to comment.
>In the Verification protocol, section 4.2.2,
>when speaking of the response, it says:
>
>"The server MUST return the <dss:SigningTime> optional output,
>as defined in [DSSCore] with its ThirdPartyTimestamp attribute
>set to False."
>
>Well, in the core, section 4.6.5, when explaining contents of
><dss:SigningTime> it is written:
>
>"The <SigningTime> optional output contains an indication of when
>the signature was performed, and a boolean attribute that indicates
>whether this value is attested to by a third-party
>timestamp authority (if true), or only by the signer (if false).  "

Right.  In the Timestamp profile, 'ThirdPartyTimestamp' is set to False 
since the <SigningTime> speaks about the main signature object itself, not 
one performed by a 3rd party.


>I understand that the name of the attribute itself clearly indicates
>that if its value is true is because a third party, which is a time-stamp
>has attested the time...the time-stamp verification protocol puts the
>question: what if the signer itself is a TSA and the signature is
>in fact a time-stamp? Obviously there is not any third party attesting
>the time, but the fact is that the time is actually attested by the
>signer  because the signer IS a TSA...
>
>I would say that the relevant issue is whether this attribute should
>indicate if there is any kind of assertion on the time or whether this
>assertion has been made by a third party (ie, someone which is not the
>signer)....

I think it should indicate the latter (at it currently works).  There's 
*always* an "assertion on the time", the important thing to indicate is 
who's making this assertion.

Trevor