| |
|
 |
Strong evidence for data authentication
|
|
|
|
| |
Public key certificates for the time stamp authority |
| |
| |
The public keys are provided for independent verification of the time stamps
created by the DigiStamp time stamp servers. Each public key is provided
as a standard x.509 certificate. The public keys are used to verify the
digital signature contained in a time stamp. These certificates are commonly
contained within each time stamp and they are also provided here for convenience.
Click here for additional information about what you need to verify a time stamp.
Time Stamp server Root Certificate
The root certificate can be downloaded and added to your software. For
example, import the certificate to your Internet browser or Adobe Acrobat signing tools.
The DigiStamp root certificate:
 DGSca80.cer The certificate's SHA-1 value
is used for confirmation in some software:
9a048ed85eec7c802eeb
bbb7c91792d7aae45136
To review your options for integrating the chain of authority of these
certificates with your enterprise CA then click here. |
 |
| Time Stamp key life cycle |
|
|
The time stamp key-pairs are replaced frequently within the certified hardware
device. The frequency is one year or after one million time stamps are
created with the key-pair. Each event of "rekeying of the TSA key"
results in the cryptographic module creating and signing a new x.509 public
key certificate. The previous time stamp private key is destroyed at the
time of rekeying. The time stamps created with that private key are authenticated
using the x.509 public key certificate. More details are here where we describe that the time stamp private key cannot be extracted
from the certified hardware device. |
|
|
| Repository of Time Stamp public keys |
|
|
You can download these public keys over a SSL connection here. |
 |
Time-stamp public key certificate for current active server "TSA 1" |
| |
- Server's External Audit certificate DGS93.cer
|
|
Time-stamp public key certificate for current active server "TSA 2" |
|
- Server's External Audit certificate DGS91.cer
- Time stamp certificate DGS91.32776.cer put into service on February 17, 2010
|
|
|
|
History of older certificates that have had their signing key destroyed |
|
- Issued by Server's External Audit certificate DGS91.cer:
- DGS91.32775.cer August 25, 2009 - February 17, 2010
- DGS83.32774.cer February 25, 2009 - August 25, 2009
- DGS83.32773.cer August 27, 2008 - February 25, 2009
- DGS83.32772.cer March 5, 2008 - August 27, 2008
- DGS83.32771.cer August 14, 2007 - March 5, 2008
- DGS83.32770.cer November 15, 2006 - August 14, 2007
- DGS83.32769.cer August 22, 2005 - November 15, 2006
|
|
- Issued by Server's External Audit certificate DGS90.cer:
- DGS90.32775.cer May 18, 2009 - Nov 11, 2009
- DGS84.32774.cer Nov 18, 2008 - May 18, 2009
- DGS84.32773.cer May 21, 2007 - Nov 18, 2008
- DGS84.32772.cer Nov 14, 2007 - May 21, 2008
- DGS84.32771.cer Jan 24, 2007 - Nov 14, 2007
- DGS84.32770.cer April 13, 2006 - Jan 24, 2007
- DGS84.32769.cer July 30, 2005 - April 13, 2006
|
|
- Issued by Server's External Audit certificate DGS93.cer:
- DGS93.32772.cer Nov 11, 2009 - May 11, 2010
|
|
- Time stamp certificates older than 2005 and pre-date the external audit process are stored here.
|
|
|
|
Names of the Time-Stamp Servers for the general user community |
|
- The time stamp servers are available to generate production time stamps:
- "TSA1" - https://tsa1.digistamp.com/TSA at IP address 66.18.15.156
- "TSA2" - https://tsa2.digistamp.com/TSA at IP address 67.37.170.130
- The above servers use HTTP authentication to your DigiStamp account. Use
of SSL (https:) is optional.
|
|
TEST Time Stamp servers used in evaluations: |
|
Any time stamps that originated from the TEST environment (means that the time stamp is verified using this certificate chain) are not trusted time stamps. The TEST certificates and time stamp servers do not use the NIST certified hardware and are provided just for testing purposes. |
|
|
|
- Root certificate:
- DGSca70T.cer - began using February 14, 2005
- The organizational unit in the certificate's distinguished name is "test TSA" to signify that the time stamp was created for
testing.
- Audit certificate:
- dgsAudit71T.cer
- This certificate is the same for all of the test server instances. This
certificate is issued by the above root certificate, DGSca70t. This Audit
certificate then issues the certificates for the test servers (see the
diagram on this page in the upper right).
- Time-stamp public key certificates for server "TSA TEST1":
- DGS72T.cer changed on March 17, 2008
- Time-stamp public key certificates for server "TSA TEST2":
- DGS73T.cer changed on March 17, 2008
- Evaluation users can access these servers for testing their software integration
as:
- "TSATEST1" - http://tsatest1.digistamp.com/TSA
- "TSATEST2" - http://tsatest2.digistamp.com/TSA
|
|
|
|
|
|
|
|
|
|
| |
|
|
|
| |
|
Copyright © 1999-2010 DigiStamp, Inc. - All Rights Reserved
SecureTime SM , IP Protector SM , and e-TimeStamp® are service marks
of DigiStamp, Inc.
|
| |
|
|
|
|
