|
I’m
hoping to get a little clarification here. Page 6 of the TSP document says “The time stamp token MUST
NOT contain any signatures other than the signature of the TSA”. Does this apply to signed data objects
that appear in the extensions list?
The extensions are obviously part of the token, but it seems rather
restrictive to mandate that if some type of signed extension is used, it MUST
be signed by the TSA. Chris Francis WetStone Technologies, Inc. |