Highlighted

Using timestamps for long term validity of documents

New Here ,
Aug 05, 2020

Copy link to clipboard

Copied

Some documents must be kept for a long time, for example, I recently carefully read a land document from 1811. I have seen suggestions that documents should be timestamp at the time the digital signatures are applied, which may make the validity period as great as 10 years. I have also seen suggestions to re-timestamp the documents a while before the timestamps expired, so a document signed in 2020 might need to be re-timestampped in 2029.

I understand Adobe Acrobat will check the validity of all the existing signatures and timestamps, and record the results in a special format before the new timestamp is applied. But what if the person re-timestamping isn't using Adobe Acrobat, but rather, a specially crafted program which adds the exact same data Adobe Acrobat does, but does not first check the validity of the old signatures and timestamps before adding the data. Then the specially crafted program obtains a real time stamp? How could a reader distinguish such a shady procedure from a timestamping done by a genuine copy of Adobe Acrobat?

TOPICS
How to

Views

29

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more

Using timestamps for long term validity of documents

New Here ,
Aug 05, 2020

Copy link to clipboard

Copied

Some documents must be kept for a long time, for example, I recently carefully read a land document from 1811. I have seen suggestions that documents should be timestamp at the time the digital signatures are applied, which may make the validity period as great as 10 years. I have also seen suggestions to re-timestamp the documents a while before the timestamps expired, so a document signed in 2020 might need to be re-timestampped in 2029.

I understand Adobe Acrobat will check the validity of all the existing signatures and timestamps, and record the results in a special format before the new timestamp is applied. But what if the person re-timestamping isn't using Adobe Acrobat, but rather, a specially crafted program which adds the exact same data Adobe Acrobat does, but does not first check the validity of the old signatures and timestamps before adding the data. Then the specially crafted program obtains a real time stamp? How could a reader distinguish such a shady procedure from a timestamping done by a genuine copy of Adobe Acrobat?

TOPICS
How to

Views

30

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Aug 05, 2020 0
Most Valuable Participant ,
Aug 06, 2020

Copy link to clipboard

Copied

By "timestamping" do you mean applying a digital signature? If so, what does it matter if it's done by Acrobat or by any other application, if it's done correctly? Adobe doesn't have the monopoly over PDF files or digital signatures and anyone can create an application that signs and/or validates them. Whether they do so properly or not is a different matter. If they do, though, then I don't see any issue. Also, I don't see the need to re-timestamp a file. If it was once valid then it will remain so, unless changed. Doesn't matter if it was 1 day ago, or 10 years ago.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Aug 06, 2020 0
Geber LATEST
New Here ,
Aug 06, 2020

Copy link to clipboard

Copied

By timestamping I mean that the program that is applying a digital signature generates a hash of most of the document (certain areas, such as the area where the results of the timestamp operation will be placed, are excluded from the hash). The hash is then sent to a trusted timestamp server. The timestamp server returns a timestamp that is digitally signed with the server's private key, and which can be verified with the server's public key. The server's key pair is usually set to expire much longer than ordinary key pairs; the one's I've seen recently expire in 2029.

 

The timestamp provides reliable independent evidence as to when the signature was applied, rather than relying on the time set on the computer where the signature was applied, which could easily be altered. Scenario: a US notary has a public key that is registered with the state where the notary practices. The notary esigned a document in her official capacity on July 4, 2020. In the upcoming November election, the notary is elected to the house of representatives in her state, which is an incompatible office. So she resigns her notary office on December 31, and the key pair is revoked. A time stamped signature examined in Adobe Reader on January 15, 2021 will still be considered valid, but a signature that took the time from the computer clock will be displayed as invalid.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Aug 06, 2020 0