Home > Concepts & Architecture > ADSS TSA Service Overview

ADSS TSA Service Overview

The ADSS TSA Service is an RFC 3161 and RFC 5816 compliant timestamping module that produces timestamp tokens to prove that some data or document existed at a particular moment in time. The ADSS TSA Service works in the following two modes:

Local Timestamp Service

A typical workflow for ADSS TSA Service using an external TSA is as follows:

1. An end user or business application sends a data object to timestamp to the ADSS TSA Service (e.g. patent application, tender submission, invoice, report etc.). The end user’s data may already have been signed or may be unsigned.
2. The ADSS TSA Service forwards the timestamp request to an external TSA over HTTP based on the TSA policy being used. As explained in the ADSS TSA Service section, it is possible to set up multiple TSAs each with their own TSA policies.
3. The ADSS TSA Service receives the timestamp response back from the external TSA.
4. The ADSS TSA Service relays this timestamp response to the end customer

The ADSS TSA service can be used in proxy mode forwarding requests to an appliance TSA server.  In this scenario it still provides value in managing the Timestamp Protocol (TSP) transactions and recording these for management information reporting purposes.  The data can be exported so that billing systems can be fed with usage data. 

ADSS TSA Service Deployment

In the example below, the ADSS TSA Service is deployed as a local service in a high availability, load-balanced configuration.  A secondary independent time source (Meinberg LANTIME GPS NTP Server) is used to provide a trusted time for comparison with the TSA server's internal system clock.