Time-stamp issue
"Prashant Dambe" <prashant@elock.co.in> Thu, 15 March 2001 09:27 UTC
Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with SMTP id EAA27526 for <pkix-archive@odin.ietf.org>; Thu, 15 Mar 2001 04:27:34 -0500 (EST)
Received: from localhost (daemon@localhost) by above.proper.com (8.9.3/8.9.3) with SMTP id BAA09635; Thu, 15 Mar 2001 01:26:54 -0800 (PST)
Received: by mail.imc.org (bulk_mailer v1.12); Thu, 15 Mar 2001 01:26:41 -0800
Received: from pdcpune.elock.co.in (pdcpune.elock.co.in [196.1.104.8]) by above.proper.com (8.9.3/8.9.3) with ESMTP id BAA09558 for <ietf-pkix@imc.org>; Thu, 15 Mar 2001 01:26:36 -0800 (PST)
Received: from insight (insight.fcpl.co.in [196.1.104.150]) by pdcpune.elock.co.in with SMTP (Microsoft Exchange Internet Mail Service Version 5.5.2650.21) id G395XAM8; Thu, 15 Mar 2001 14:55:44 +0530
Message-ID: <003101c0ad31$fd4898d0$966801c4@insight>
From: Prashant Dambe <prashant@elock.co.in>
To: ietf-pkix@imc.org
Subject: Time-stamp issue
Date: Thu, 15 Mar 2001 14:56:17 +0530
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_NextPart_000_002E_01C0AD60.16F00BF0"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 5.00.2314.1300
X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300
Precedence: bulk
List-Archive: http://www.imc.org/ietf-pkix/mail-archive/
List-ID: <ietf-pkix.imc.org>
List-Unsubscribe: mailto:ietf-pkix-request@imc.org?body=unsubscribe
As specified in the draft-ietf-pkix-time-stamp-13.txt. APPENDIX A - Signature Timestamp attribute using CMS One of the major use of time stamping is to time stamp a digital signature to prove that the digital signature was created before a given time. Should the corresponding public key certificate be revoked this allows to know whether the signature was created before or after the revocation date. A sensible place to store a time stamp is in a [CMS] structure as an unsigned attribute. But what happens in the following scenario. As timestamp token is placed as unsigned attribute, one of the possible attack is that if Time-stamp token it self is replaced with the Time-stamp token of the same signature value inside CMS i.e If the same signature is time-stamped after some later time and Time-stamp in the original CMS is replaced,it not possibled to detect that orignal time-stamp has been replaced. So putting time-stamp as unsigned attribute not works fine in all cases. Thanks Prashant Dambe.
- Re: Time-stamp issue Prashant Dambe
- Time-stamp issue Prashant Dambe
- RE: Time-stamp issue Michael Zolotarev
- Re: Time-stamp issue Joerg Seidel
- Re: Time-stamp issue Jean-Marc Desperrier
- RE: Time-stamp issue Michael Zolotarev
- Re: Time-stamp issue Joerg Seidel