-Title: Public Trusted Timestamping services for you
+Title: Public Trusted Timestamping services for everyone
Tags: english, sikkerhet
Date: 2014-03-25 12:50
3161</a>. The mechanism is simple. Create a hash of the file in
question, send it to a trusted third party which add a time stamp to
the hash and sign the result with its private key, and send back the
-signed hash + timestamp. Anyone with the document and the signature
-can then verify that the document matches the signature by creating
-their own hash and checking the signature using the trusted third
-party public key. There are several commercial services around
-providing such timestamping. A quick search for
+signed hash + timestamp. Both email, FTP and HTTP can be used to
+request such signature, depending on what is provided by the service
+used. Anyone with the document and the signature can then verify that
+the document matches the signature by creating their own hash and
+checking the signature using the trusted third party public key.
+There are several commercial services around providing such
+timestamping. A quick search for
"<a href="https://duckduckgo.com/?q=rfc+3161+service">rfc 3161
service</a>" pointed me to at least
<a href="https://www.digistamp.com/technical/how-a-digital-time-stamp-works/">DigiStamp</a>,
timestamp services available for everyone. I've been looking for one
for a while now. But yesterday I found one over at
<a href="https://www.pki.dfn.de/zeitstempeldienst/">Deutches
-Forschungsnetz</a>mentioned in
-<ahref="http://www.d-mueller.de/blog/dealing-with-trusted-timestamps-in-php-rfc-3161/">a
-blog by David Müller</a>. I then found a good recipe on how to use
-over at the
-<a href="http://www.rz.uni-greifswald.de/support/dfn-pki-zertifikate/zeitstempeldienst.html">University
-of Greifswald</a>. The OpenSSL library contain both server and tools
-to use and set up your own signing service. See the ts(1SSL),
-tsget(1SSL) manual pages for more details. The following shell script
-demonstrate how to extract a signed timestamp for any file on the disk
-in a Debian environment:
+Forschungsnetz</a> mentioned in
+<a href="http://www.d-mueller.de/blog/dealing-with-trusted-timestamps-in-php-rfc-3161/">a
+blog by David Müller</a>. I then found
+<a href="http://www.rz.uni-greifswald.de/support/dfn-pki-zertifikate/zeitstempeldienst.html">a
+good recipe on how to use the service</a> over at the University of
+Greifswald.</p>
+
+<p><a href="http://www.openssl.org/">The OpenSSL library</a> contain
+both server and tools to use and set up your own signing service. See
+the ts(1SSL), tsget(1SSL) manual pages for more details. The
+following shell script demonstrate how to extract a signed timestamp
+for any file on the disk in a Debian environment:</p>
<p><blockquote><pre>
#!/bin/sh
projects / homepage.git / blobdiff