[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [dss] Validation semantics of time-stamping
Nick, To be precise TS 101 733 does not itself make any statement about the validity of the signature at the time of the timestamp, nor is there any conformance requirements to do so. It just provides timestamped of the signature and relevant available data like the certificates, CRL or OCSP data. So it can be used to verify that a signature was not invalid at a certain time, if all that information is available. It does not require all the information to be available before creating the timestamp and without all the information you cannot be sure that the signature is valid. So the same applies to XAdES. JR -----Original Message----- From: Nick Pope [mailto:pope@secstan.com] Sent: 26 July 2004 19:08 To: OASIS DSS TC Subject: [dss] Validation semantics of time-stamping Following on from the issue that I raised at the DSS conference call .... I understand that some implementations of the XAdES / TS 101 733 time-stamping attributes / properties are applying the time-stamp after validation and using this to imply that the signature was valid at the time given in the time-stamp. However, I do not believe that there is any standard way to know whether whether a certain time-stamp is applied only if the signature is known to be valid at that time. So I have a question: - Is there something that can be added to the XAdES profile or some part of DSS to enable a party relying on an old signature to be know if the time-stamp was applied immediately subsequent to successful validation? Nick To unsubscribe from this mailing list (and be removed from the roster of the OASIS TC), go to http://www.oasis-open.org/apps/org/workgroup/dss/members/leave_workgroup.php .
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]