What is timestamping and why should I use it?
Timestamping is used to specify time when the digital signature is made. This is needed to properly validate the signature.
If signature timestamp is present, the application which validates (verifies) the signature, will check whether the certificates involved into signature validation were valid at the moment of signing. If there's no timestamp for the signature, certificate validity is checked for the moment of signature validation, which is not always acceptable.
Certificate is valid from: 1st of January, 2008
Certificate is valid to: 31st of December, 2010
Signature is made on: 4th of July, 2009
Signature is verified on: 30th of April, 2012
With timestamp: signature is ok (signature was made during certificate validity period) Without timestamp: signature is not valid (certificate has expired by the moment of signature verification).
Timestamping should be used if the signature is supposed to be used (to proof authenticity of the document author or data originator) in long term, i.e. longer than one or several days.
Timestamping is not necessary when you, for example, send a short signed note to the colleague and this note is expected to be read and disposed of the same day as it has been written. Of course, timestamping can not be used when it's not supported by the signing technologies or when timestamping authority is not available.
On the other hand, timestamping is a must when you create signed documents for wide distribution or for long-term storage and archiving purposes. Timestamping is also used when signing the executable modules of software applications.
In what technologies can timestamping be used?
Timestamping (namely TSP protocol) is defined by RFC 3161 and is part of PKI infrastructure based on X.509 certificates. As such, timestamping can be used when signing any data using PKCS#7, in PDF document signing and in XML document signing using XAdES.
Timestamping is not used in S/MIME (despite the fact that this is PKI-based technology).
Timestamping is not available in OpenPGP as this is not X.509 certificate-based technology.
MS Authenticode (the technology used to sign applications and libraries in Windows) also uses timestamping, however this timestamping is different from TSP protocol defined by RFC 3161. Starting with recent versions, Windows started to support dual-signed files, where the SHA2 signature is timestamped with RFC 3161 timestamps.
How does timestamping work?
Timestamping involves your code as a timestamping client and a timestamping server called Timestamping Authority (TSA). Your code first signs certain data. Next, the hash of the data signature is calculated. This hash is sent to TSA for signing. TSA signs the received hash using TSA certificate and includes current time on the server to this signature. The signature made by TSA is sent back to your code and your code adds this signature to the original signature made over the initial data.
Of course, with SecureBlackbox most of the operations described above are done under the hood.
Note: TSA certificate is not a generic certificate generated somewhere in the garage. TSA certificates are issued by Certificate Authorities. Such certificates must be properly validated and they are issued and used only for timestamping.
Can I timestamp the signature myself?
If you are a widely recognized TSA, then why not? In other words, you should obtain the TSA certificate and have a trusted source of time (usually this is some piece of hardware that takes time from another trusted source such as GPS satellite).
For testing purposes you can create a self-signed TSA certificate and use it for application development and debugging, however such self-signed certificate can be used only in closed infrastructures where it can be accepted by the applications which will validate your signatures.
Where do I find a timestamping server?
TSA services are offered by the companies which issue digital certificates, such as Thawte, VeriSign, Comodo, GlobalSign etc. .
There exist local (national, governmental or private) timestamping authorities, but their usability is limited as they are usually offered as part of some closed infrastructure. For example, if the governmental agency or bank accepts digitally signed documents, it can offer the TSA for use with such documents, but this TSA will be only accepted and validated by this governmental agency or bank.
What happens if I don't timestamp the signature?
The timestamp tells the entity, which validates the signature, when exactly the signature was made.
As you know, the certificate is not eternal. It has certain validity period, i.e. the certificate may only be used for it's purpose during some period of time. If you use the certificate, that has expired, to sign the data, such signature will not be accepted as valid.
If the signature validator finds a timestamp, it will know when the signature was made, and will check if the certificate was valid at that moment of time.
If there's no timestamp, then nobody knows, when the signature was made, and it's assumed that it could be made at any moment of time, possibly after the certificate has expired. There are two possible results from this situation: either the signature is claimed as not valid, or the signature is assumed to be made at the moment of validation. In the second case, if the signing certificate itself has expired by the moment of signature validation, the signature will not be accepted as valid too. And if the signature is expected to be validated somewhere in future, then it's likely that such problem will happen sooner or later.
To summarize: if the signature is not timestamped properly, there's a chance that it will not be accepted as valid.
Can timestamp itself be canceled or become invalid?
If the timestamping certificate becomes revoked (claimed as invalid by the CA that has issued it), there are two cases possible, as per sections 4.1 and 4.2 of RFC 3161:
- If the revocation reason code indicates that the key has not been compromised, but the TSA itself will not be operating in future, then the timestamping certificate it should not be used for timestamping in future (after revocation). Previously made timestamps, however, don't become invalid.
- if the revocation reason code indicates code compromise, then all timestamps, signed with the compromised certificate, become invalid.
Does the timestamp expire?
The timestamp itself doesn't expire. However the timestamp is signed with a certificate, issued for the specific purpose of signing timestamps. This certificate has its own expiration time and validity period, which is usually longer than a validity period of a certificate, issued for SSL/TLS, however not infinite. As soon as the certificate, used to sign a timestamp, expires, the timestamp becomes expired as well. As per section 4.3 of RFC 3161, such timestamp should be re-done or notarized to renew the existing trust in this timestamp.
How do I use timestamping in my projects?
SecureBlackbox lets you both timestamp the document signatures (timestamping is a part of signing operation) and validate the timestamp during signature validation.
In BizCrypto timestamping is done by simply specifying the URL of the timestamping server.
In SecureBlackbox timestamping is done with help of TElFileTSPClient and TElHTTPTSPClient. The first component requires that you send the prepared TSP request to the server and retrieve the reply from the server in your code. You can communicate with the server with any HTTP client component or class. The second component (TElHTTPTSPClient) uses the HTTP client included in SecureBlackbox so you don't need to do extra coding. On the other hand, use of this HTTP client requires a license for HTTPBlackbox client, SSLBlackbox client or more extensive package.
To include timestamping into the signature creation process, you create an instance of one of the above mentioned classes, and assign this instance to the appropriate property of the component used for signing. Optionally you will need to set some supplementary properties of the signing component. That's all – timestamping component will be used by the signing component automatically.
Timestamp validation is done automatically by the components which are used to validate the document signature. You don't need to take extra steps for timestamp validation.