Trusted Time Stamping

Secure Time Stamp Authority (TSA)

ADSS TSA Server provides independent and irrefutable proof of time for transactions, documents and digital signatures. It can be used to create legal weight evidence that business transactions occurred at a defined moment in time, that e-documents existed at a particular time and that they have not been subsequently altered. It can also independently prove when a digital signature was applied by the signer so that its validity can be verified in the long-term, even after expiry or revocation of signer’s digital credentials.

ADSS TSA complies with the IETF RFC 3161 specifications and can be used for internal TSA needs or it can be used to provide infrastructure-class commercial TSA services to multiple external parties. It offers a number of advantages for managed service providers in the authentication, logging/reporting and token management features.

Key points:

  • RFC 3161 compliant TSA services
  • Supports Microsoft Authenticode timestamps
  • Security management is CWA 14167-1 certified allowing Qualified TSA service to be provided
  • Complies with ETSI TS 101 861 V1.2.1 (2002-03) Time Stamping Profile
  • Meets the ETSI standard TS 102 023 V1.2.1 (2003-01) Time Stamp Authority Policy Requirements
  • Hardware Security Module (HSM) based signing
  • RSA signing with keys of 1024, 2048, 4096 bits
  • ECDSA signing with keys of 192, 224, 256, 384, 521 bits
  • Hash algorithm choice including SHA-1, SHA-2 (SHA-256, SHA-384 and SHA-512). RipeMD is also supported for backward compatibility
  • Time drift monitoring, alerting and service stop features
  • Supports the selection of acceptable hash algorithms
  • Timestamp Token logging, transaction logging and archiving
  • High availability, resilience and high throughput capability
  • User authentication and access control
  • Summary and detailed management reporting
  • Used by many governments as part of national TSA Service, banks & major enterprises

ADSS server architecture

ADSS Server is a powerful server application providing multiple e-Trust services as shown in the diagram below. Although it's a single product, its service modules are licensed individually and branded accordingly. Your investment in ADSS Server is therefore future-protected as you can license new service modules over time as your e-Trust business needs grow. Multiple ADSS service modules may be installed on the same ADSS Server instance, saving on hardware, software and management costs. All of the ADSS Service modules use the same GUI layout and style thereby making training simple for administrators. Ascertia tracks the latest industry standards and is committed to adding new service modules as required by our customers.

ADSS Signing Server ADSS LTANS Evidence Server PDF Sign&Seal
3rd Party Apps
(e.g. Adobe® Acrobat, Microsoft Office, Microsoft Code Signtool, OpenSSL etc.)
Core ADSS Server modules Trust Manager | Key Manager | Secure Logging | HSM & DB Manager | Reporting | Client Manger | Dual Control CRL Manager | Access Control | System Integrity Checker | Auto Archiver
PKI services (each separately licensed) e-Trust Services (each separately licensed) Base Modules of ADSS Server (available by default)

The above diagram shows a range of client applications (relying party application) using the ADSS TSA Service module. Due to the wide acceptance of RFC 3161 standard, there are large number of TSA-enabled applications, including Adobe Acrobat, Microsoft Office, Microsoft Code Signtool, OpenSSL etc. Click on any of the ADSS service modules to jump to the relevant product page.

The power of ADSS Server is that all of this functionality is available from one unified product, which minimises training costs, provides a single platform for management control and logging, and lowers the total cost of hardware and software ownership.

Request Info


Sales Inquiries:
+44 (0)800 772 0 442


Years of Digital Signature