Time stamp protocol
The Time-Stamp Protocol, or TSP is a cryptographic protocol for certifying timestamps using X.509 certificates and public key infrastructure. The timestamp is the signer's assertion that a piece of electronic data existed at or before a particular time. The protocol is defined in RFC 3161. One application of the protocol is to show that a digital signature was issued before a point in time, for example before the corresponding certificate was revoked.
Internet protocol suite |
---|
Application layer |
Transport layer |
Internet layer |
Link layer |
The TSP protocol is an example of trusted timestamping. It has been extended to create the ANSI ASC X9.95 Standard.
Protocol
In the protocol a Time Stamp Authority (TSA) is a trusted third party that can provide a timestamp to be associated with a hashed version of some data. It is a request-response protocol, where the request contains a hash of the data to be signed. This is sent to the TSA and the response contains a Time Stamp Token (TST) which itself includes the hash of the data, a unique serial number, a timestamp and a digital signature. The signature is generated using the private key of the TSA. The protocol can operate over a number of different transports, including email, TCP sockets or HTTP.
When presented with a TST, someone may verify that the data existed at the timestamp in the TST by verifying the signature using the public key of the TSA and that the hash of the data matches that included in the TST.
External links
- IETF RFC 3161, official specification
- IETF RFC 5816, ESSCertIDv2 Update for RFC 3161
- Documentation for the OpenSSL
ts(1)
command. - OpenTSA was an open-source project to add time stamping functionalities to OpenSSL. (Archived July 12, 2012, at the Wayback Machine)