enterprise

SignServer implements the Time-Stamp Protocol as specified in RFC 3161 and can be used as the core part of a Time Stamping Authority (TSA).

Using the correct time from a reliable time source is critical for the operation of a TSA. Trusted timestamps prove that data existed before a certain time. For digital signatures, trusted timestamps are important for long-time validity support since these prove that a signature existed before a certain time. A trusted timestamp allows your signature to be validated even if your certificate has expired or even if your key has been compromised (since you can prove that you had your signature before that happened).

To provide proof that the data existed at a particular moment in time, the TSA cryptographically binds the unique fingerprint of the data to the current date and time that is synchronized with a trusted time source. In SignServer, the Time Stamp Signer acquires the current time through its configured TimeSource. The SignServer TimeMonitor application can be used together with a time source to monitor the local time, using the TimeMonitorManager for accepting the status updates, and informing SignServer about its state.

The following sections describe the use of time synchronization using the Network Time Protocol (NTP), the SignServer TimeSource component, and the SignServer TimeMonitor application.