printer friendly version

Bind Digital Certificates to their signing date and time

HID Global has launched an enterprise-grade service that enables users to verify the date and time of their electronically or digitally signed documents, code and other files. The service embeds an irrefutable date and time thereby binding the signer’s Public Key Infrastructure (PKI) digital certificate to the date and time of their signature.

HID Global has met the Internet Engineering Task Force (IETF) standards RFC 3161 requirements for operating as a Timestamping Authority (TSA). The company is also a CA and provider of digital certificate products.

The HID IdenTrust Timestamping-as-a-Service offers a high-availability cloud-based platform for enterprises to embed timestamps to any software application, documents or digital files by creating and embedding a trusted timestamp date and seal. Manipulation of the file breaks this seal and alerts the user that the file is no longer in its original state.

PKI digital certificates are used to create trusted digital identities for many use cases. They are strengthened through industry-standard IETF X.509 verification using a trusted CA signature. The IETF’s PKI Time Stamp Protocol (TSP) goes further to establish the signature’s ‘proof of existence’ at an instant in time. Trusted time stamps combat digital certificate forgery, prevent unauthorised use of revoked certificates, simplify time-based compliance record-keeping, strengthen legal claims and prove long-term signature validity. Application examples include securing antivirus software updates with timestamped signatures.

Users connect to HID’s always-available Timestamping-as-a-Service to begin the process of creating their file’s unique identifying ‘fingerprint’ and combining it with a trusted timestamp. The resulting timestamp token is sent to the client application and recorded with the file’s digital signature(s).

These measures are critical for securing information and digital assets inside or outside the firewall. They enable users to conduct e-commerce, authenticate to regulated and government websites and secure communications between machines, network endpoints, mobile devices, secure virtual servers and IoT devices.

The HID IdenTrust Timestamping-as-a-Service is available for a subscription fee with a contractually guaranteed enterprise-grade service level agreement (SLA).

Find out more here

Share this article:

Further reading: