The present document specifies policy and security requirements relating to the operation and management practices of TSPs issuing time-stamps.
These policy requirements are applicable to TSPs issuing time-stamps. Such time-stamps can be used in support of digital signatures or for any application requiring to prove that a datum existed before a particular time.
The present document can be used by independent bodies as the basis for confirming that a TSP can be trusted for issuing time-stamps.
The present document does not specify protocols used to access the TSUs.
NOTE 1: A time-stamping protocol is defined in IETF RFC 3161 including optional update in IETF RFC 5816 and profiled in ETSI EN 319 422.
The present document does not specify how the requirements identified can be assessed by an independent party, including requirements for information to be made available to such independent assessors, or requirements on such assessors.
NOTE 2: See ETSI EN 319 403-1 for guidance on assessment of TSP's processes and services.
NOTE 3: The present document references ETSI EN 319 401 for general policy requirements common to all classes of TSP's services.