DATA Boreum offers the option of adding a timestamp to a signature as part of the signature creation process. Only qualified electronic time stamps from a qualified certificate authority are conclusive and comply with the IETF RFC3161 and IETF RFC5816 standards. According to the Advanced Electronic Signatures (AdES) standards, a timestamp is embedded in the signature of the signed file. This means that no additional file is created that contains the timestamp, but the signature itself is extended.
Only an embedded signature timestamp (level T) and the subsequent addition of all certificates and revocation information (level LT) are compliant with the specification. If the validity of the signature with timestamp is to be extended again and again, an archive time stamp must be added (level LTA). The certificate authority for qualified electronic timestamps confirms with a qualified timestamp in a legally valid manner that a file existed at the specified time.
DATA Boreum does not request timestamps directly from the timestamp certificate authorities, but uses a Timestamp Service. This Timestamp Service is part of DATA Deneb and must be provided to you by your Governikus operator. If your Governikus operator has a contract with a Timestamp certificate authority, the Timestamp Service will provide a qualified timestamp for your electronic signature.
Configuring the timestamp service
The configuration of the timestamp service is explained in chapter Settings in the “Governikus” tab, see chapter 5.4.