2

I have a PDF document intended for long-term (many years, maybe decades) archival which I would like to digitally sign with my personal certificate to ensure its integrity.

As far as I understand, I need to timestamp the signature in order to ensure it remains valid even after certificate expiration.

Let's say I use a trustworthy TSA. From what I understand they sign the timestamp with their own signature.

Now, let's suppose the original TSA goes bankrupt or is compromised and its certificates revoked. Will my document remain readable without warnings?

D.W.
  • 98,420
  • 30
  • 267
  • 572
Petr
  • 121
  • 1

1 Answers1

3

Your best approach would be to secure multiple signatures from different trusted authorities. In case one of the private keys is compromised, the file could still be validated.

This will incur additional costs, but increase resilience to certificate revocation. Or you could also establish a (more costly yet) procedure of periodic certificate revalidation (re-signing).

You need to consider what it is that you want to achieve here: if you want to independently assure the reader of the document's validity, then you need external TSA signing. Otherwise you could supply a document hashing service for internal double-check, which would do to assure you that no document tampering took place outside the document archival facility... but could never assure you of the trustworthiness of the facility itself (and more reason to do otherwise it's that it would be DIY encryption, in violation of Rule #1 of DIY Encryption - "Don't Do It" ).

Check out SeT Laboratory Paper, "TSA Key Compromise or Loss".

LSerni
  • 22,521
  • 4
  • 51
  • 60