[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Time Stamp: tsa field in TSTInfo
Michael,
I am not sure about what you want to say. The core time stamp information
(TSTInfo) needs to be signed by the tsa in order to have a proof of
existence value otherwise is valueless and that information TSTInfo should
not be trusted.
If you are saying that some other authority interprets an originally signed
time stamp token and extends its trust to its users by adding it to its own
structures, then the later authority should verify the signed token and thus
discovering in the process the identity of the former tsa. If that authority
wished to include information about time-stamp's origin into its structures
it could just retrieve that information from signature verification process
and simply add it together with the TSTInfo, as a new field.
Did I manage to understand you?
Juan Luis
------------------------------------------------------------------------
-------------
Juan Luis López <jluis@fnmt.es>
Project Engineer
http://www.fnmt.es/pkits
Fábrica Nacional de Moneda y Timbre tel: [+34] 91 506 48 40
C/ Juan de Mariana, 17 fax: [+34] 91 506 48
51
E-28045 Madrid, SPAIN
-----Mensaje original-----
De: Michael Zolotarev <mzolotarev@baltimore.com.au>
Para: 'Robert Zuccherato' <robert.zuccherato@entrust.com>; 'Juan Luis Lopez'
<jluis@fnmt.es>
CC: 'ietf-pkix@imc.org' <ietf-pkix@imc.org>
Fecha: jueves 8 de abril de 1999 2:28
Asunto: RE: Time Stamp: tsa field in TSTInfo
>The core time stamp information can be used indirectly, as a field inside
>some third party WhateverService (WS) structure. Even (!) if this WS
>structure gets signed/ enveloped, the signer is not going to be the TSA.
>DCS as it stands now may serve as an example.
>
>So, having tsa inside the TSTInfo may come as a useful thing - the WS
>clients may still want to know the TimeStamp's origin.
>
>Michael Zolotarev
>Technical Architect
>Baltimore Technologies Limited (Australia)
>