Time Stamping- prevent SSL certificate from expiration
Time Stamping helps SSL Certificate from being revoked though it expires and the warning will not be appeared in browser. It extends trust for code advance than validity period. The code stays fine as long as you can run it. Time stamping ensures that code will not terminate when certificate expires. It validates digital signature. If you miss time stamping, then you have to re-sign your code and re-send out to customers. When time stamping service is taken it shows date and time. You can verify time stamping by using chktrust. Exe utility comes with SDK tools. A warning "Unknown date and time" will appear when the file has NOT been time stamped.
Time-stamping the signature is carried out as follows:
• The signature is sent to the time-stamping authority (TSA).
• TSA imparts a time-stamp to the packaged information and calculates a new hash.
• TSA marks the new hash with its private key making a new package of information.
• The time-stamped package is re-bundled with the original code.
• The time-stamp and combined signature are mixed up.
• TSA applied public key to time stamped signature block with its expiry date's verification.
Thus, Time stamping absolves you from signing the software frequently. This means that you will not require being anxious about resigning code when Digital I D expires. TSA should be reliable, unbiased, brief, self-governing and obtainable 24 hours a day. Time-Stamping Service Provider as the middle level between the TSA and the user, alleviating services and communication.
