On Mon, Oct 5, 2009 at 8:42 AM, Alex Pankratov <a...@poneyhot.org> wrote: > Does anyone know what's the state of affairs in this area ? > > This is probably slightly off-topic, but I can't think of > a better place to ask about this sort of thing. > > I have spent a couple of days looking around the Internet, > and things appear to be .. erm .. hectic and disorganized. > > There is for example timestamp.verisign.com, but there is > no documentation or description of it whatsoever. Even the > website itself is broken. However it is used by Microsoft's > code signing tool that embeds Verisign's timestamp into > Authenticode signature of signed executable files. > > There is also a way to timestamp signed PDFs, but the there > appears to be nothing _trusted_ about available Trusted > Timestamping Authorities. Just a bunch of random companies > that call themselves that way and provide no indication why > they should actually be *trusted*. No audit practicies, not > even a simple description of their backend setup. The same > goes for the companies providing timestamping services for > arbitrary documents, either using online interfaces or a > downloadable software. > > There are also Digital Poststamps, which is a very strange > version of a timestamping service, because their providers > insist on NOT releasing the actual timestamp to the customer > and then charging for each timestamp verification request. > > I guess my main confusion at the moment is why large CAs of > Verisign's size not offering any standalone timestamping > services. > > Any thoughts or comments ?
I have no useful comments other than to point you to a timestamping service you may or may not have seen (I didn't see you mention it: http://www.itconsult.co.uk/stamper/stampinf.htm), form what I've noticed (just in passing) this seems to be the most popular stamping service. > Thanks, > Alex -- noon silky http://www.mirios.com.au/ http://skillsforvilla.tumblr.com/ --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com