ADSS TSA Service module produces RFC 3161 time stamp tokens for any electronic datum, to prove the existence of the input source data (or secure hash of the data) existed at a specific date and time. ADSS TSA Server satisfies the ETSI TS 101 861 and TS 102 023 requirements for TSA services. The ADSS TSA Service can also process Microsoft Authenticode time stamp requests when using the code signing tool within Microsoft Windows SDK.
There are two different ways in which the ADSS Server TSA Service can be utilized to produce time stamp tokens:
Local TSA - Use the local TSA Service and local time stamp signing keys, OR
External TSA - Forward the time stamp request to another external TSA. In this case the TSA Service acts as a concentrator for time stamp requests, which are being serviced by one or more back-end TSAs.
ADSS TSA Server excels because of its scalability, resilience and support for multiple pre-defined time stamp policies (multiple virtual TSAs). Its support for external trusted time monitoring and ability to alert staff to time synchronisation issues and the attention to detail in security management, including optional dual control of specific features, management reporting and transaction log views of time stamp information, are in advance of anything seen elsewhere, and these aspects are key to minimising operational time and costs.
The optional NTP time monitoring and alerting service describes how an accurate alternate time NTP source can be used to ensure date/time accuracy for the TSA service. The two modes of TSA Service are described further in the ADSS TSA Service Overview section of this help manual. The remaining parts of this section explain how to configure the TSA Service for these two modes.
The following image shows TSA Service sub-modules, details of which are given in the next sections: