RFC 3161 (rfc3161) - Page 2 of 26


Internet X



Alternative Format: Original Text Document



RFC 3161               Time-Stamp Protocol (TSP)             August 2001


   The key words "MUST", "MUST NOT", "REQUIRED", "SHOULD", "SHOULD NOT",
   "SHALL", "RECOMMENDED", "MAY", and "OPTIONAL" in this document (in
   uppercase, as shown) are to be interpreted as described in [RFC 2119].

   In order to associate a datum with a particular point in time, a Time
   Stamp Authority (TSA) may need to be used.  This Trusted Third Party
   provides a "proof-of-existence" for this particular datum at an
   instant in time.

   The TSA's role is to time-stamp a datum to establish evidence
   indicating that a datum existed before a particular time.  This can
   then be used, for example, to verify that a digital signature was
   applied to a message before the corresponding certificate was revoked
   thus allowing a revoked public key certificate to be used for
   verifying signatures created prior to the time of revocation.  This
   is an important public key infrastructure operation.  The TSA can
   also be used to indicate the time of submission when a deadline is
   critical, or to indicate the time of transaction for entries in a
   log.  An exhaustive list of possible uses of a TSA is beyond the
   scope of this document.

   This standard does not establish overall security requirements for
   TSA operation, just like other PKIX standards do not establish such
   requirements for CA operation.  Rather, it is anticipated that a TSA
   will make known to prospective clients the policies it implements to
   ensure accurate time-stamp generation, and clients will make use of
   the services of a TSA only if they are satisfied that these policies
   meet their needs.

2. The TSA

   The TSA is a TTP that creates time-stamp tokens in order to indicate
   that a datum existed at a particular point in time.

   For the remainder of this document a "valid request" shall mean one
   that can be decoded correctly, is of the form specified in Section
   2.4, and is from a supported TSA subscriber.

2.1. Requirements of the TSA

   The TSA is REQUIRED:

   1.    to use a trustworthy source of time.

   2.    to include a trustworthy time value for each time-stamp token.

   3.    to include a unique integer for each newly generated time-stamp
         token.



Adams, et al.               Standards Track