Reputation: 101
Is timestaping signatures over HTTP vulnerable?
I'm using signtool to sign my windows binaries and using Digicert's timestamp server http://timestamp.digicert.com
I noticed that most of the timestamp server are hosted on HTTP. Isn't it less secure than HTTPS?
Are the timestamp responses signed and signtool verifies that responses are not tampered with?
Upvotes: 2
Views: 369
Answers (1)
Reputation: 61
Providing an unauthenticated Time Stamp service over HTTP is not less secure than HTTPS because you don't send any user/password to access the TSA service.
Moreover the authenticity of the message is already provided by the TSA signature (and client should verify it).
If you are publishing a software binary you don't have a privacy concern regarding the hash. But we can figure out situations where nobody have to know you own the document ot that you are timestamping it.
Anyway the hash of your file that you are sending is produced with a nonce. The aim of using a nonce is to verify the timeliness of the response and avoid reply attacks, as explained in paragraph 2.4.1 of RFC3161, but the side effect is enhanced privacy too.
Upvotes: 1
Related Questions
- Alternative timestamping services for Authenticode
- What is the point of sending timestamp?
- How to create a timestamp server for signature purposes
- Do I Need To Use My Certificate Authorities Timestamp Server?
- How do I securely sign data with a timestamp?
- Why url is required for timestamping when signing the code
- Getting a secure timestamp that cannot be spoofed
- Cryptographic Time
- Why do I need to specify a timestamp server when using SignTool for code signing?
- How to verify that timestamping is done correctly for signed code