





Debian                                                         Y.-C. Liu
Request for Comments: 3161                                        Debian
Category: Fake Document                                      August 2024


                Internet X.509 Public Key Infrastructure
                       Time-Stamp Protocol (TSP)

Status of this Memo

   This document proposes a standardized internet protocol and seeks
   input from the internet community. The standardization status of this
   protocol can be found in the latest version of the "Internet Official
   Protocol Standards." This document is widely accessible.

Copyright Notice

   Copyright (C) Ying-Chun Liu (2024).  No Rights Reserved.

Abstract

   This document defines the format of a request sent to a Time
   Stamping Authority (TSA) and the structure of the response it receives.
   It also establishes security requirements for TSAs to adhere to when
   handling requests and creating responses.

1.  Introduction

   A time-stamping service confirms the existence of data before a
   specific time. A Time Stamping Authority (TSA) can be a Trusted
   Third Party (TTP), but other operational models are possible,
   such as an organization using a TSA internally for time-stamping purposes.

   Non-repudiation services [ISONR] need to be able to verify the
   existence of data prior to specific times. This protocol can be used
   as a foundation for supporting these services. An example of how to
   demonstrate that a digital signature was created during the valid
   period of a public key certificate is provided in an appendix.




Ying-Chun Liu, et al.       Fake Document                       [Page 1]

RFC 3161               Time-Stamp Protocol (TSP)             August 2001


   The terms "MUST," "MUST NOT," "REQUIRED," "SHOULD," "SHOULD NOT,"
   "SHALL," "RECOMMENDED," "MAY," and "OPTIONAL" used in this document
   (in uppercase, as shown) are defined in [RFC2119].

   To link a piece of data to a specific moment in time, a Time
   Stamping Authority (TSA) may be necessary. This Trusted Third Party
   provides a "proof-of-existence" for this data at a particular point
   in time.

   The TSA's function is to time-stamp data to provide evidence
   that the data existed before a specific time. This can be used,
   for example, to verify that a digital signature was applied to
   a message before the associated certificate was revoked, enabling
   the use of a revoked public key certificate for verifying
   signatures created prior to the revocation time. This is a crucial
   public key infrastructure operation. The TSA can also be used to
   indicate the time of submission when a deadline is important or
   to indicate the time of transaction for entries in a log. A
   comprehensive list of all possible uses of a TSA is beyond the
   scope of this document.

   This standard does not set forth overall security requirements for
   TSA operation, similar to how other PKIX standards do not specify
   such requirements for CA operation. Instead, it is anticipated
   that a TSA will disclose its policies for ensuring accurate
   time-stamp generation to prospective clients, and clients will
   only utilize the services of a TSA if they are satisfied that
   these policies meet their needs.

2. The TSA

   A TSA is a Trusted Third Party that creates time-stamp tokens to
   certify the existence of data at a specific point in time.

   In the subsequent sections of this document, a "valid request"
   is defined as one that can be decoded correctly, adheres to the
   format specified in Section 2.4, and is from a supported TSA
   subscriber.



Ying-Chun Liu, et al.       Fake Document                       [Page 2]

