SecureBlackbox 16: Can I sign not the document itself, but the time at which the document was created?


This is called "timestamping". A timestamp is usually applied to the signed hash of the data. (The reason is that the timestamp is applied to a certain document and the document must remain unchanged, which is achieved using a digital signing procedure.)

The most popular and widespread standard for timestamping is defined in RFC 3161, and it must be used in conjunction with digital signature standards (CAdES for generic data, PAdES for PDF documents, and XAdES for XML documents). There also exists RFC 5544, which describes how to apply RFC 3161 timestamps to data without signing them.

SecureBlackbox supports RFC 3161 and its use in PDF, PAdES, CAdES, and XAdES.

RFC 5544 is also supported since SecureBlackbox 10.

We appreciate your feedback. If you have any questions, comments, or suggestions about this article please contact our support team at support@nsoftware.com.