Ref.: MS Authenticode and timeStamping Services
Hi all
Reading the draft-ietf-pkix-ipki-part1-06...
4.2.1.14 Extended key usage field
...
The following key usage purposes are defined by this profile:
id-kp OBJECT IDENTIFIER ::= { id-pkix 3 }
...
id-kp-timeStamping OBJECT IDENTIFIER ::= { id-kp 8 }
-- Binding the hash of an object to a time from an agreed-upon time
-- source. Key usage bits that may be consistent: digitalSignature,
-- nonRepudiation
...I was thinking of a timestamping service, generating a CSR with
the extended key usage field (OID 1.3.6.1.5.5.7.3.8), signing the
CSR and getting a certificate with the necessary 'attributes'.
I have tested the Verisign timestamp service at
http://timestamp.verisign.com/scripts/timstamp.dll
and it works fine with software components signed using
MS Authenticode.
Does anybody out there have some experience building a
timestamp service ?
TIA.
Miguel Angel
+-------------------------------------------------------------------------+
| Administrative requests should be sent to [EMAIL PROTECTED] |
| List service provided by Open Software Associates, http://www.osa.com/ |
+-------------------------------------------------------------------------+
