DRAFT Recommendation for Digital Signature Timeliness

Submitted by Paweł Krawczyk on czw., 2008-11-13 17:54

Podpis elektroniczny

URL:

http://csrc.nist.gov/publications/drafts/800-102/Draft_SP800-102.pdf

Establishing the time when a digital signature was generated is often a critical consideration. A signed message that includes the (purported) signing time provides no assurance that the private key was used to sign the message at that time unless the accuracy of the time can be trusted. With the appropriate use of timestamps from a Trusted Timestamp Authority (TTA) and/or verifier-supplied data, the signatory can provide some level of assurance about the time that the message was signed.