Re: Timestamping Standards.

[Denis Pinkas <Denis.Pinkas@xxxxxxxx>]

> Hi all,  in the Timestamping services drafts there might want to be a
> mention of the only standards regarding timestamping currently on the books
> today, because the may change some of the focus in this effort.
> 
> They provide for a requirements to provably timestamp within three (3)
> seconds of UTC and these are of course the NASD OATS requirements. NASD for
> thos that are unaware is the NAtional Association of Securities Dealers and
> any solution that is proffered as a timestamping one for commercial purposes
> should ought to fulfill the only mandate on the books today. To get more of
> this try the OATS pages at the www.nasdr.com site.
> 
> I suggest that to satisfy OATS, several use-specific assumptions have to be
> made like the timestamping system itself has some provable connection to a
> "reliable" source of time, and the audit model to prove that the time
> setting instance at the client end was accomplished appropriately, and that
> these assumptions should be spelled out i detail in the Draft
> 
> Any comments?

Todd,

The draft says:

" 2.1. Requirements of the TSA

The TSA is REQUIRED:

     1.  to provide a trustworthy source of time."

To this respect there is no need to *prove* anything else. Any
additional information from the TSA may be carried back in the
security policy.

Denis

 
> Todd Glassey