Support time-stamp protocol (TSP) as per RFC3161



13 years ago
15 days ago


(Reporter: hauser, Unassigned)


Firefox Tracking Flags

(Not tracked)





13 years ago
User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv: Gecko/20060111 Firefox/
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv: Gecko/20060111 Firefox/

PKCS#7 data-structures are used to create detached smime signatures (multipart/signed; protocol="application/pkcs7-signature"; micalg=sha1;)

PKCS#7 also contains a section "unsigned attributes" where a signed RFC 3161 timestamp token (e.g. in java use org.bouncycastle.asn1.tsp.TSTInfo) could be added

Reproducible: Always

Actual Results:  
currently such information most likely is simply ignored, possibly it worse might prevent the signature from validating.

Expected Results:  
besides the signature icon, if also a tsp token is present, a second icon should be shown (clock+stamp?or notary?) and when clicking on this, the certified time plus the certifiers x509 certificate should be shown (e.g. an EPM service as per

Jeroen's extension is a good first step, but it doesn't allow for third party notarization.


13 years ago

Comment 1

13 years ago
today, a multipart/signed; protocol="application/pkcs7-signature" consists of 
2 parts, the content and the detached signature.

Possibly, a third part should be added: _int.upu.www.EPMService.schemas.ReceiptType that is a more elaborate statement by the time-certifier. This could be a third mime-bodypart and might need a third button to view/validate
Assignee: dveditz → nobody
You need to log in before you can comment on or make changes to this bug.