Time Stamp
It is a service that provides guarantee and reliability to any event that occurs in the digital world.
What is it?
The Time Stamp is the Brazilian legal time (BLT) applied to a certain event that took place in the digital world.
E.g.: An electronic contract was digitally signed on 10/10/2021 at 10:00 am by José da Silva. Then a time stamp was generated thus associating the electronic contract, José da Silva's digital certificate and the Brazilian legal date and time, which at that time was 10/10/2021 at 10:01:37 a.m.
the date and time can be easily tampered with or generated with some inconsistency, since it is usually extracted from a computer. Thus, the Brazilian legal date and time is used to eliminate this timely doubt. The example above is crystal clear and we can see that the contract was digitally signed by José da Silva and that it took place before 10:01:37 a.m. of 10/10/2021.
Where does the BLT come from
The Brazilian Legal Time is provided by the NO - National Observatory, a body linked to MCTI (Ministry of Science, Technology and Innovation) and responsible for generating the BLT in the country.
Time Stamp
The Time Stamp is the Brazilian legal time (BLT) applied to a certain event that occurred in the digital world.
Or over the phone:
+55 (11) 5906-7200
Who can generate the Time Stamp?
A TSA - Time Stamp Authority, whose legal responsibility is to disseminate the BLT. The TSA must be approved by the National Observatory to be able to use the BLT in its time stamps. On the QualiSign Portal, time stamps are generated by ACT-QualiSign, a company that is part of the QualiSoft group
How does it work?
Sample Time Stamp applied to a digital signature:
1 - Client accesses the QualiSign Portal and digitally signs an electronic document;
2 - After the digital signature, the QualiSign Portal asks ACT QualiSign for a time stamp;
3 - The ACT QualiSign issues a Time Stamp with the Brazilian Legal Time of that moment;
4 - The QualiSign Portal receives the Time Stamp and applies it to the digital signature that has just been made.
Benefits
It guarantees to be a reliable source of information about the date and time, since ACT QualiSign is approved by the NO - National Observatory and provides the country's official and legal time.
The time stamp generates technical and legal evidence that a particular event occurred prior to its issuance, which serves as future proof for any necessary expertise or audit
There is no doubt about the moment, that is, the hour, minute and seconds that the time stamp was generated.
It eliminates the need for expenses related to the control and registration of documents in the physical environment (paper). It contributes to the dematerialization and streamlining of processes.
The technical application of the Time Stamp gives reliability and integrity to the content of the referenced electronic document.
Applicability
The time stamp can be used for any record of electronic transactions, digital signatures or any event held in electronic media whose timing is essential for the business.
Digital signature of contracts, powers of attorney, agreements, insurance policies, collections and any other electronic document. It can also be applied to electronic notifications that require proof of delivery, formal response or an "agreed".
Features
The application can request time stamps from the QualiSign Portal through integration via web services or via http
The Time Stamp is present in the following QualiSign Portal services: Digital Signature, Valid E-mail and Digital Acceptance.
With the consumption range system, you have progressive advantages as your consumption of time stamps increases. This method makes it possible to choose the consumption range according to one's expectation of use, establishing a better cost-benefit ratio of the service.
By using a QualiSign Portal parameter, you decide whether you wish to use the Time stamp in the digital signature of your electronic documents.
Why hire the QualiSign Portal?
A technical team with 19 years of experience in technology for the secure processing of electronic transactions
Datacenter with replication, and mirrored architecture, 24/7 availability with SLA 99%.
A qualified support team ready to assist and offer support in streamlining integration and use.
All QualiSign Portal services are available for hiring in a quick and simple manner.
Legal Basis
Created by D. Pedro I in 1827, it has been responsible for maintaining, for more than a century and a half, with the highest technical accuracy, the Brazilian Legal Hour that is currently available through the internet with access to synchronization to its atomic clocks.
"Art.6 - It is the competence of the National Observatory, a research unit of the Ministry of Science and Technology, to generate the Brazilian Legal Time, as well as to disseminate it through the media, observing the provisions of current legislation and treaties, agreements and international acts to which Brazil is a party."
It should be clarified that ReTemp/BLT (Time Stamp Network certified to the Brazilian Legal Time) is currently the only existing national solution that guarantees the inviolability of the chronological record for the issuance of a document or the execution of a financial transaction in electronic media.
Any document and/or digital signature that includes a time stamp, adding legal value pursuant to the legislation, will only be valid whether the date/time is referenced to a ASS - Authentication and Synchronization System that produces a certificate confirming traceability to the Brazilian Legal Time, allowing it to be audited and inquired by interested parties at any time (Source: National Observatory).
A Time Certificate Authority (TSA) is an entity on which users of Time Stamp services rely, in order to issue Time Stamps. A TSA has overall responsibility for providing the Time stamp, a set of attributes provided by the reliable part of time that, associated with a digital signature, confers proof of its existence in a certain period. (Source: ITI)
Questions
A Time Stamp is used to specify the time when the digital or electronic signature is made. This is necessary to properly validate the signature.
If the Signature Time Stamp is present, the application that validates (checks) the signature, will confirm that the certificates involved in validating the signature were valid upon the signature. If there is no Time Stamp for the signature, the validity of the certificate is checked as soon as the signature is validated, which is not always acceptable.
E.g.:
Certificate is valid as of January 1, 2008
Certificate is valid by December 31, 2010
Signature is made on July 4, 2009
Signature is checked on April 30, 2012
With Time Stamp: signature is ok (signature was made during the validity period of the certificate).
No Time Stamp: signature is not valid (certificate is expired at the time of signature verification).
Time stamp should be used if the signature is used (to prove the authenticity of the document or the originating data author), in the long term, that is, more than one or more days.
A time stamp is not required when, for example, you send a short-signed note to a colleague and this note must be read and deleted on the same day it was written.
Of course, a Time Stamp cannot be used when it is not supported by digital signature technologies or when the Time Stamp Authority (TSA) is not available.
On the other hand, the Time Stamp is mandatory when you create signed documents for a wide distribution or for long-term storage and for archival purposes. The Time Stamp is also used when signing executable modules for software applications.
Time Stamp, also called TSP protocol (Timestamp protocol) is set by RFC 3161 and is part of the PKI or ICP (Public Key Infrastructure), based on X.509 certificates
As such, the Time Stamp can be used when signing data using PKCS # 7 (CMS), signing PDF documents and signing XML documents using XAdES
The Time Stamp is not used in S/MIME (despite the fact that it is based on PKI technology).
The Time Stamp is not available in OpenPGP, as it is not based on X.509 certificates. MS Authenticode (the technology used to sign applications and libraries on Windows) also uses Time Stamp, however this Time Stamp is different from the TSP set by RFC 3161.
A Time Certification Authority (TSA) is an entity that users of Time Stamp services trust to issue Time Stamps. TSA has overall responsibility for providing the Time Stamp, a set of attributes provided by the reliable part of time that, associated with a digital signature, confers proof of its existence in a certain period.
In practice, a document is produced and its content is encrypted. Then, it receives the attributes year, month, day, hour, minute and second, attested in the form of the signature made with a digital certificate, thus serving to prove its authenticity. TSA attests not only to the timing of a transaction, but also its content.
In practice, a document is produced and its content is encrypted. Then, it receives the attributes year, month, day, hour, minute and second, attested in the form of the signature made with a digital certificate, thus serving to prove its authenticity. TSA attests not only to the timing of a transaction, but also its content.
Note: The TSA Digital Certificate is not a common certificate. They are issued by Certification Authorities. These certificates must be properly validated and are issued and used only for Time Stamp
The Time Stamp tells the entity to validate the signature when the signature was made. As you know, the certificate is not everlasting. It has a validity period, that is, the certificate can only be used for its purpose, for some period of time
If you use the expired certificate to sign the data, that signature will not be accepted as valid. If the signature validator finds a Time Stamp, it will know when the signature was made and will check that the certificate was valid at the time.
If there is no date and time, no one knows, then, when the signature was made, and it is assumed that it could be done at any time, possibly after the certificate has expired
There are two possible outcomes with this situation: either the signature is claimed to be invalid, or it is assumed that the signature was made at the time of validation. In the second case, if the signature certificate is expired, at the time of signature validation, the signature will not be accepted as valid either. And if the signature is expected to be validated somewhere in the future, then it is likely that this problem will occur sooner or later
Like any signature, a Time Stamp (issued by a TSA) can become invalid if the certificate used to generate the Time Stamp is revoked (claimed as invalid by the issuing CA)
QualiSign Portal Time Stamps are issued by the QualiSoft Time Stamp Authority (TSA-QualiSoft). TSA-QualiSoft's Time Stamps use the ReTemp / BLT, (Time Stamp Network Certified to Brazilian Legal Time) from the National Observatory - ON, a service that makes it possible to obtain data / time to be used in digital documents, authentic, secure and auditable in accordance with current security standards (IOPS-Internet Official Protocol Standards, RFC 3161), ensuring that:
a) The issued time stamps are certified to the Brazilian Legal Hour, thanks to the use of certificates in accordance with the International Telecommunications Union (ITU-T) X.509 standard and equipment meeting the FIPS-140-1 level 2 and FIPS- standards. 140-1 level 3 of the NIST (National Institute of Standards and Technology) in the USA. FIPS (Federal Information Processing Standard) is the name under which these standards are published;
In the event of a fraudulent attempt to change the date / time, the Stamps stop working immediately, only returning to normal condition after being certified again by the Secondary Synchronizer of the National Observatory - ON;
b) Time stamps are secure by using, on the equipment of the National Observatory - ON, digital certificates of asymmetric cryptography issued by ICP-BRASIL (Brazilian Public Key Infrastructure)
c) Time stamps are auditable, as attribute certificates according to the X .509 standard are used
