Timestamp Server - Business Needs
Document archiving is an essential component in many business applications. It’s a fundamental requirement that the archive process is trusted, so that it can be proven that the documents have not changed since entering the archive.
All organisations depend upon having archived documents that provide legal weight evidence that agreements were signed, transactions were completed, reports and financial documents are unchanged. Thus archived documents need to be relied upon for many years even after digital certificates have expired and perhaps even after the original cryptographic algorithms used in the signing process have become weak.
Timestamping & Archiving Products Coverage
Ascertia is an expert provider of digital signature, timestamping and long-term archiving products that can be used for secure archiving and e-notarisation purposes either within an enterprise or by Managed Service Providers on behalf of multiple end-customers.
Archiving solutions can be split into various types:
Using signature and timestamp services to notary-sign a document or a data object or, to maintain privacy the service can notarise just the signature without seeing the whole document content
- Verification & archiving
First verify existing signatures within a document, gather the verification evidence (e.g. OCSP/CRL responses) and then using signature and timestamp services to notary-sign an XML envelope containing the original signed object plus verification data
- Long-term archiving including evidencing
Includes the above services plus an effective management system for long-term storage, retrieval, re-evidencing timestamps to protect against weak algorithms, search, query and retention policy management
Ascertia's ADSS Server is the underlying technology which fulfils the above business requirements. ADSS Server is based on industry accepted protocols for communicating with an e-Trust server, including OASIS Digital Signature Specifications (DSS and DSS-X) for server-side signing and verification, IETF TSP for communicating with a Time Stamping Authority and IETF Long-Term Archive & Notary Service (LTANS) for secure data archiving. In particular for long-term archiving, ADSS Server complies with the XML/SOAP web services Long-Term Archive Protocol (LTAP) and stores evidence information about archived objects in the form of XML Evidence Record Syntax (XMLERS).
The following table shows the products that are appropriate to meet various business needs:
Basic Signing & Timestamping of Data
Proves data existed at a particular time and not changed subsequently. As part of the timestamping process, the data can also be notary signed by the archive authority using ETSI CAdES-A and XAdES-A archive signatures.
For creating timestamped and long-term signatures:
For issuing RFC3161 compliant timestamps:
Human Notary Signature
Human users can sign archive objects, using locally or central held signing keys. User's notary signature can be enhanced to long-term CAdES-A or XAdES-A signature on the server
For enhancing basic signatures to timestamped or long-term signatures:
For creating local signatures by human users:
Long-term Evidence Archiving
Documents of any type are securely archived for long-term using IETF LTANS specifications. Also notary sign and verify existing signatures before archiving, and manage the retention and re-evidencing based on archive policies.
For creating long-term LTANS Evidence Records:
Local language Support
For web applications, ADSS Server expects the browser pages to be created by application developers using local language that is suitable for the business purpose and the end-users. ADSS Go>Sign Professional Applet GUI is fully multi-lingual.