Accuracy: Why is 1 second the default? This seems an arbitrary figure. There is no reason why clocks will have this accuracy instead of any other. If you really want 1 s as the default, use the ASN.1 syntax to specify this: accuracy [0] Accuracy DEFAULT seconds:1 I suggest keeping the field optional, but with no default value. If absent, no statement is made about accuracy (2 tokens from the same TSA can still be meaningfully compared). Token: The timestamp token is the most important feature. The request syntax is far less important (it has no security associated with it). Reorder the draft to specify the timestamp token first, giving its syntax and explaining the semantics for each field. In a later section, define a protocol for requesting a timestamp. Serial number: The timestamp token now has a "monotonically increasing" field and a "strictly monotonically increasing field", even though the later has no meaning other than its strict monotonicity and the former is trivial to make strictly monotonic if the issuer desires. Name: The timestamp signer's name (often a large field) is identified in triplicate: in the token as a "hint", in an ESSCertID authenticated attribute, and in signerInfo. Ditch the first, allow (but don't require) the second and require the third. Extensions: Even though no critical extensions are defined you still need to state what an application should do on receiving an unrecognized critical extension. Better still, offer explicit extensibility via a SEQUENCE OF Attribute, instead of Extensions.
<<application/ms-tnef>>