How to add timestamping signature to System.IO.Packaging.Package?
https://stackoverflow.com/questions/1709838
-
19-09-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
There is a way to create packages, add some parts and sign it with a X509Certificate.
I would also like to add a timestamping signature to the package.
If the certificate expires or gets revoked the signature should remain valid if the package parts have been timestamped before the expiration/revokation.
P.S. I'm using the System.IO.Packaging.Package class defined in the WindowsBase.dll assembly.
Solution
The following solution works it you're both the creator and the consumer of the package:
- Use a secure Internet server to get the trusted timestamp.
- Redefine the certificate chain policy to include the timestamp validation in the certificate chain.
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
