Digital certificates expire after some period of time, such as one year and a document signed with an expired key should not be accepted. However, there are many cases where it is necessary for signed documents to be regarded as legally valid for much longer than the certificate validity; long-term leases and contracts are examples. By registering the contract with a digital time-stamping authority (TSA) at the time it is signed, the signature can be validated even after the key expires. Such a time stamping authority is also called electronic notary.
If all parties to the contract keep a copy of the time-stamp, each can prove that the contract was signed with valid keys. Very important is the fact that the time-stamp can prove the validity of a contract even if a signer’s key gets compromised at some point after the contract was signed.
Aloaha offers a fully RFC 3161 compliant time stamping server. It can be installed on any windows machine with any webserver installed. The webserver must be able to include the Aloaha Time Stamping Interface via ASP, PHP, .net or whatever.
A sample ASP script to show how to include the Aloaha TSA Interface in your webserver can be found on: http://tsa.aloaha.com/tsa.txt
A demo Server is online at http://tsa.aloaha.com. Just configure your softwares TSA address to http://tsa.aloaha.com to test it out. Please note that our demo server is limited to 100 time stamp token/IP. Contact us if you need more!
Further information can be found on http://www.aloaha.com/support-en/timestamping-rfc-3161.php and http://www.aloaha.com/wi-software-en/aloaha-timestamping-server.php
If you wanto to test the Aloaha Time Stamping Authority on your own machine please contact firstname.lastname@example.org. It will be a pleasure for us to install you a demo server.
Please note that if you configure your own IIS to serve timestamps that the credentials of the worker process need the right “to logon as service”
A ready to go and confgured Time Stamping Authority can be installed from http://www.aloaha.com/download/tsa.zip. A license can be requested from email@example.com
On request we have also a RFC3161 compliant Timestamp Webservice available. Please contact firstname.lastname@example.org for further information!