Metatime: a timestamp token solution for your documents
Demonstrate when transactions took place or documents were archived with a timestamp solution
Organizations moving topaperless exchanges, whether for internal communications or for relationships with partners or customers, may be required to demonstrate that certain transactions or actions occurred before a given date and time.
The use of a time-stamp token associated with the document provides an element of proof of a digital transaction’s date and anteriority. This includes a signed piece of data with the following elements:
- A data and a time (UTC time)
- A hash value computed using a has function (e.g. SHA 1 or SHA 256)
- The identifier of the time-stamping unit (TSU) which produced the time-stamp token.
How does it work?
The client sends a timestamp request to the platform, which determines a signatory entity, takes a very precise reading of the date and time, signs and returns this information. The protocol used for these communications is commonly called TSP (“Time Stamping Protocol”) and is explained in the RFC 3161.
The signature of the responses is done using cryptographic equipment which must have an interface compliant with the PKCS#11 standard.
The administration of the service is carried out via a graphical interface, allowing authorized operators to manage the entities required to provide the TSP service.
Atos, a global leader in digital transformation and digital security, provides Metatime a timestamping solutions to generate securely timestamp tokens. The solution is sold as a service or as standalone product.
To follow or contact us:
IDnomic Metatime, a timestamping solution allows the parameters of timestamping policies to be defined.
From electronic transactions to archiving, time-stamp tokens may be used in various contexts.
We have a unique body of expertise and an in-depth understanding of corporate security technologies.
Front office server & Back office server
► Linux Platform (e.g. RedHat or SuSE)
► Open source international components delivered with metatime: Apache, Open SSL, PostgreSQL and PHP
► Provided as part of metatime: choice between GPS reference and/or DCF 77 reference
Norms and standards
► IETF RFC 3161
► ETSI TS 101 861 (a profile of RFC 3161)
► X.509 v3 or RFC 5280 for TSU certificates
► PKCS#11 for the interface with the HSM
► HTTP or HTTPS for the delivery of time-stamp tokens
► HTTPS for administration
Related resources and news
Organisations moving to paperless exchanges, whether for internal communications or for relationships with partners or customers, may be required to demonstrate that certain transactions or actions occurred before a given date and time…
In a context where organisations are moving to paperless transactions, it is necessary to electronically sign documents to guarantee their integrity and to be able to bring the proof of acceptance by the signer. The signature has to be verified strictly so as to detect any possible cause for invalidity.