Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


  • The TSA service must be compliant with RFC3161 specification.

  • The TSA service must use HTTP(S) with POST for transportation.

  • The TSA service must support SHA-256 or stronger hash functions in requests

  • The certificate that is used for time-stamping signatures must have the id-kp-timeStamping value in the Extended Key Usage ExtendedKeyUsage field.

  • The TSA service must not require the usage of reqPolicy field in requests.

  • The TSA service must use at least 2048-bit RSA key and SHA-256 (or stronger) hash function for response signatures.

  • TSA service must maintain its accuracy within 1 second of UTC.