9.9     Timestamp

An electronic signature usually contains the point of time of the signing. The signing software mostly uses the local system time. Since this time can be arbitrarily set by the user it cannot be trusted. An external timestamp of a trusted provider or, in case a legally binding time is requested, a qualified electronic timestamp of an accredited timestamp provider will help. This qualified electronic time stamp is embedded in the signature and contains a trusted point in time. The timestamp says: The timestamp provider acknowledges that the signature file existed at the given time, noted in the signed timestamp file. The timestamp of a certified timestamp provider has an electronic signature that is as well validateable.