> Hi Bob, > > Judging from what you wrote you might want to implement a > 'content timestamp', which is added to the authenticated > attributes and contains a timestamp over the encapsulated > content info. This will not give a proof of the signing > time, just the existence of the data at a particular time.
Right. I only need the timestamp to prove the existence of the data at a particular time. The signature testifies to the contents legitimacy. > For implementing this solution you would need the following: > 1., A TSA client that can ask for a timestamp over TCP or > HTTP. Although I do not have it currently I will have it > in 2-3 months. While very useful, this is not crucial to my circumstances. What is crucial to me is the ability to verify a timestamp against its data; if you are unable to write this soon I can perhaps help. > You might want to post your message to openssl-dev, that's a > better forum for discussing this. I will join this list, and ask future questions there. - Bob ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]