可信时间戳 - 了解格式（RFC3161）

Question

[编辑：我写了一个博客，详细解释了一切：查看此处]

嗨！

我拼命地尝试基于RFC3161为可信时间戳构建服务。我决定在 zeitstempel.dfn.de 上使用免费的可信时间戳服务。

我的问题是如何联系这项服务以获得有效的回复。关于请求格式，RFC告诉：

TimeStampReq ::= SEQUENCE  {
   version                      INTEGER  { v1(1) },
   messageImprint               MessageImprint,
     --a hash algorithm OID and the hash value of the data to be

     --time-stamped
   reqPolicy             TSAPolicyId              OPTIONAL,
   nonce                 INTEGER                  OPTIONAL,
   certReq               BOOLEAN                  DEFAULT FALSE,
   extensions            [0] IMPLICIT Extensions  OPTIONAL  }

.

其中

   MessageImprint ::= SEQUENCE  {
        hashAlgorithm                AlgorithmIdentifier,
        hashedMessage                OCTET STRING  }

.

我找到了一个客户端它帮助了我一点。 不过，我仍然不知道如何构建时间戳服务的请求。

问候！

Answer 1

I'm glad that you find our software helpful. But you refer to our old service. Please visit www.ntp.org.pl - you'll find there the latest version of timestamping client and a lot of other useful free software related to time topic.

I'm not sure what you want to do. Maybe if you give a few more details, I'd be able to help you better. Anyway, I'll give you some hints, where to find some precious information.

Firs of all, you should look at OpenSSL project: http://www.openssl.org/docs/apps/ts.html# There is an example, how to create TSRequest. The request is stored in file, so you can read it's content. Later, you can send request to the server using this: http://www.openssl.org/docs/apps/tsget.html#

Antoher trick you can do is to install some sniffer (for example Wireshark - www.wireshark.org/ ), start our client from www.ntp.org.pl , send request, then find proper packet in wireshark to see what it contains.

Feel free to ask, if you have some additional questions. Please, give some more information about your service.