1、 ETSI TS 102 023 V1.2.2 (2008-10)Technical Specification Electronic Signatures and Infrastructures (ESI);Policy requirements for time-stamping authoritiesETSI ETSI TS 102 023 V1.2.2 (2008-10)2Reference RTS/ESI-000066 Keywords e-commerce, electronic signature, security, time-stamping, trust services
2、ETSI 650 Route des Lucioles F-06921 Sophia Antipolis Cedex - FRANCE Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16 Siret N 348 623 562 00017 - NAF 742 C Association but non lucratif enregistre la Sous-Prfecture de Grasse (06) N 7803/88 Important notice Individual copies of the present document can b
3、e downloaded from: http:/www.etsi.org The present document may be made available in more than one electronic version or in print. In any case of existing or perceived difference in contents between such versions, the reference version is the Portable Document Format (PDF). In case of dispute, the re
4、ference shall be the printing on ETSI printers of the PDF version kept on a specific network drive within ETSI Secretariat. Users of the present document should be aware that the document may be subject to revision or change of status. Information on the current status of this and other ETSI documen
5、ts is available at http:/portal.etsi.org/tb/status/status.asp If you find errors in the present document, please send your comment to one of the following services: http:/portal.etsi.org/chaircor/ETSI_support.asp Copyright Notification No part may be reproduced except as authorized by written permis
6、sion. The copyright and the foregoing restriction extend to reproduction in all media. European Telecommunications Standards Institute 2008. All rights reserved. DECTTM, PLUGTESTSTM, UMTSTM, TIPHONTM, the TIPHON logo and the ETSI logo are Trade Marks of ETSI registered for the benefit of its Members
7、. 3GPPTM is a Trade Mark of ETSI registered for the benefit of its Members and of the 3GPP Organizational Partners. ETSI ETSI TS 102 023 V1.2.2 (2008-10)3Contents Intellectual Property Rights 5g3Foreword . 5g3Introduction 5g31 Scope 6g32 References 6g32.1 Normative references . 7g32.2 Informative re
8、ferences 7g33 Definitions and abbreviations . 8g33.1 Definitions 8g33.2 Abbreviations . 8g34 General concepts 9g34.1 Time-stamping services 9g34.2 Time-Stamping Authority (TSA) . 9g34.3 Subscriber . 9g34.4 Time-stamp policy and TSA practice statement . 9g34.4.1 Purpose . 10g34.4.2 Level of specifici
9、ty . 10g34.4.3 Approach 10g35 Time-stamp Policies . 10g35.1 Overview 10g35.2 Identification 10g35.3 User Community and applicability . 11g35.4 Conformance 11g36 Obligations and liability . 11g36.1 TSA obligations 11g36.1.1 General 11g36.1.2 TSA obligations towards subscribers 11g36.2 Subscriber obli
10、gations 11g36.3 Relying party obligations . 12g36.4 Liability 12g37 Requirements on TSA practices . 12g37.1 Practice and Disclosure Statements 12g37.1.1 TSA Practice statement . 12g37.1.2 TSA disclosure Statement . 13g37.2 Key management life cycle 14g37.2.1 TSA key generation 14g37.2.2 TSU private
11、key protection . 14g37.2.3 TSU public key Distribution . 15g37.2.4 Rekeying TSUs Key . 15g37.2.5 End of TSU key life cycle . 15g37.2.6 Life cycle management of cryptographic module used to sign time-stamps 15g37.3 Time-stamping . 16g37.3.1 Time-stamp token . 16g37.3.2 Clock Synchronization with UTC
12、. 16g37.4 TSA management and operation 17g37.4.1 Security management 17g37.4.2 Asset classification and management . 17g37.4.3 Personnel security . 18g37.4.4 Physical and environmental security. 19g37.4.5 Operations management . 19g37.4.6 System Access Management. 20g3ETSI ETSI TS 102 023 V1.2.2 (20
13、08-10)47.4.7 Trustworthy Systems Deployment and Maintenance . 21g37.4.8 Compromise of TSA Services 21g37.4.9 TSA termination . 22g37.4.10 Compliance with Legal Requirements 22g37.4.11 Recording of information concerning operation of time-stamping service. 23g37.5 Organizational 24g3Annex A (informat
14、ive): Potential liability in the provision of time-stamping services 25g3Annex B (informative): Model TSA disclosure statement 26g3B.1 Introduction 26g3B.2 The TSA disclosure statement structure . 27g3Annex C (informative): Coordinated Universal Time (UTC). 28g3Annex D (informative): Long term verif
15、ication of time-stamp tokens 29g3Annex E (informative): Possible for implementation architectures - time-stamping service 30g3E.1 Managed time-stamping service . 30g3E.2 Selective Alternative Quality . 31g3Annex F (informative): Bibliography . 32g3History 33g3ETSI ETSI TS 102 023 V1.2.2 (2008-10)5In
16、tellectual Property Rights IPRs essential or potentially essential to the present document may have been declared to ETSI. The information pertaining to these essential IPRs, if any, is publicly available for ETSI members and non-members, and can be found in ETSI SR 000 314: “Intellectual Property R
17、ights (IPRs); Essential, or potentially Essential, IPRs notified to ETSI in respect of ETSI standards“, which is available from the ETSI Secretariat. Latest updates are available on the ETSI Web server (http:/webapp.etsi.org/IPR/home.asp). Pursuant to the ETSI IPR Policy, no investigation, including
18、 IPR searches, has been carried out by ETSI. No guarantee can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web server) which are, or may be, or may become, essential to the present document. Foreword This Technical Specification (TS) has be
19、en produced by ETSI Technical Committee Electronic Signatures and Infrastructures (ESI). Introduction In creating reliable and manageable digital evidence it becomes necessary to have an agreed upon method of associating time data to transaction so that they might be compared to each other at some l
20、ater time. The quality of this evidence is based in the process of creating and managing the data structure that represent the events and the quality of the parametric data points that anchor them to the real world. In this instance this being the time data and how it was applied. In addition, in or
21、der to verify an electronic signature, it may be necessary to prove that the digital signature from the signer was applied when the signers certificate was valid. This is necessary in two circumstances: 1) during the validity period of the signers certificate, should the signers private key be compr
22、omised and thus revoked for that reason; 2) after the end of the validity period of the signers certificate, since CAs are not mandated to process revocation status information beyond the end of the validity period of the certificates they have issued. Two generic methods exist to solve this problem
23、. One consists to use a time-mark which is an audit record kept in a secure audit trail from a trusted third party which attaches a date to a signature value. This proves that the signature was generated before the date from the time-mark. This method is not the topic of the present document. Anothe
24、r one consists to use a time-stamp which allows to prove that a datum existed before a particular time. This technique allows to prove that the signature was generated before the date contained in the time-stamp token. Policy requirements to cover that case is the primary reason of the present docum
25、ent. However, it should be observed that these policy requirements allow to address other needs. The electronic time stamp is gaining an increasing interest by the business sector and is becoming an important component of electronic signatures, also featured by the ETSI Electronic Signature Format s
26、tandard TS 101 733 i.1, built upon the Time-Stamp protocol from the RFC 3161 i.2. Agreed minimum security and quality requirements are necessary in order to ensure trustworthy validation of long-term electronic signatures. Directive 1999/93/EC i.3 of the European Parliament and of the Council of 13
27、December 1999 on a Community framework for electronic signatures defines certification-service-provider as “an entity or a legal or natural person who issues certificates or provides other services related to electronic signatures“. One example of a certification-service-provider is a time-stamping
28、authority. ETSI ETSI TS 102 023 V1.2.2 (2008-10)61 Scope The present document specifies policy requirements relating to the operation of Time-stamping Authorities (TSAs). The present document defines policy requirements on the operation and management practices of TSAs such that subscribers and rely
29、ing parties may have confidence in the operation of the time-stamping services. These policy requirements are primarily aimed at time-stamping services used in support of qualified electronic signatures (i.e. in line with article 5.1 of the European Directive on a community framework for electronic
30、signatures) but may be applied to any application requiring to prove that a datum existed before a particular time. These policy requirements are based upon the use of public key cryptography, public key certificates and reliable time sources. The present document may be used by independent bodies a
31、s the basis for confirming that a TSA may be trusted for providing time-stamping services. The present document addresses requirements for TSAs issuing time-stamp tokens which are synchronized with Coordinated universal time (UTC) and digitally signed by TSUs. Subscriber and relying parties should c
32、onsult the TSAs practice statement to obtain further details of precisely how this time-stamp policy is implemented by the particular TSA (e.g. protocols used in providing this service). The present document does not specify: protocols used to access the TSUs; NOTE 1: A time-stamping protocol is def
33、ined in RFC 3161 i.2 and profiled in TS 101 861 i.4. how the requirements identified herein may be assessed by an independent body; requirements for information to be made available to such independent bodies; requirements on such independent bodies. NOTE 2: See CEN Workshop Agreement 14172-2 6. 2 R
34、eferences References are either specific (identified by date of publication and/or edition number or version number) or non-specific. For a specific reference, subsequent revisions do not apply. Non-specific reference may be made only to a complete document or a part thereof and only in the followin
35、g cases: - if it is accepted that it will be possible to use all future changes of the referenced document for the purposes of the referring document; - for informative references. Referenced documents which are not found to be publicly available in the expected location might be found at http:/docb
36、ox.etsi.org/Reference. For online referenced documents, information sufficient to identify and locate the source shall be provided. Preferably, the primary source of the referenced document should be cited, in order to ensure traceability. Furthermore, the reference should, as far as possible, remai
37、n valid for the expected life of the document. The reference shall include the method of access to the referenced document and the full network address, with the same punctuation and use of upper case and lower case letters. NOTE: While any hyperlinks included in this clause were valid at the time o
38、f publication ETSI cannot guarantee their long term validity. ETSI ETSI TS 102 023 V1.2.2 (2008-10)72.1 Normative references The following referenced documents are indispensable for the application of the present document. For dated references, only the edition cited applies. For non-specific refere
39、nces, the latest edition of the referenced document (including any amendments) applies. 1 ITU-R Recommendation TF.460-5 (1997): “Standard-frequency and time-signal emissions“. 2 ITU-R Recommendation TF.536-1 (1998): “Time scale notations“. 3 Directive 95/46/EC of the European Parliament and of the C
40、ouncil of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data. 4 FIPS PUB 140-1 (1994): “Security Requirements for Cryptographic Modules“. 5 ISO/IEC 15408 (1999) (parts 1 to 3): “Information technology - Security techn
41、iques - Evaluation criteria for IT security“. 6 CEN Workshop Agreement 14167-2: “Security Requirements for Trustworthy Systems Managing Certificates for Electronic Signatures - Part 2: Cryptographic Module for CSP Signing Operations - Protection Profile (MCSO-PP)“. 7 ISO/IEC 17799: “Information tech
42、nology - Code of practice for information security management“. 8 ITU-R Recommendation TF.460-4: “Standard-frequency and time-signal emissions“. 2.2 Informative references The following referenced documents are not essential to the use of the present document but they assist the user with regard to
43、a particular subject area. For non-specific references, the latest version of the referenced document (including any amendments) applies. i.1 ETSI TS 101 733: “Electronic Signatures and Infrastructures (ESI); CMS Advanced Electronic Signatures (CAdES)“. i.2 IETF RFC 3161 (2001): “Internet X.509 Publ
44、ic Key Infrastructure: Time-Stamp Protocol (TSP)“. i.3 Directive 1999/93/EC of the European Parliament and of the Council of 13 December 1999 on a Community framework for electronic signatures. i.4 ETSI TS 101 861: “Time stamping profile“. i.5 Council Directive 93/13/EEC of 5 April 1993 on unfair te
45、rms in consumer contracts. i.6 BIPM Circular T is available from the BIPM website http:/www.bipm.org/. i.7 Information on TAI is made available every month in the BIPM Circular T from ftp:/62.161.69.5/pub/tai/publication. i.8 The International Earth Rotation Service (IERS) is available from http:/hp
46、iers.obspm.fr/. i.9 The IERS Bulletin C is available from http:/hpiers.obspm.fr/iers/bul/bulc/bulletinc.dat. i.10 ETSI TS 102 176-1: “Electronic Signatures and Infrastructures (ESI); Algorithms and Parameters for Secure Electronic Signatures; Part 1: Hash functions and asymmetric algorithms“. ETSI E
47、TSI TS 102 023 V1.2.2 (2008-10)83 Definitions and abbreviations 3.1 Definitions For the purposes of the present document, the following terms and definitions apply: NOTE: Where a definition is copied from a referenced document this is indicated by inclusion of the reference identifier number at the
48、end of the definition. Coordinated Universal Time (UTC): time scale based on the second as defined in ITU-R Recommendation TF.460-5 1 NOTE: For most practical purposes UTC is equivalent to mean solar time at the prime meridian (0). More specifically, UTC is a compromise between the highly stable ato
49、mic time (Temps Atomique International - TAI) and solar time derived from the irregular Earth rotation (related to the Greenwich mean sidereal time (GMST) by a conventional relationship) (see annex C for more details). relying party: recipient of a time-stamp token who relies on that time-stamp token subscriber: entity requiring the services provided a TSA and which has explicitly or implicitly agreed to its terms and conditions time-stamp policy: named set of rules that indicates the applicability of a ti
