ISO/IEC TR 29149:2012 信息技术 安全技术 提供和运用时间标记业务的最佳规范

标准编号：ISO/IEC TR 29149:2012

中文名称：信息技术 安全技术 提供和运用时间标记业务的最佳规范

英文名称：Information technology — Security techniques — Best practices for the provision and use of time-stamping services

发布日期：2012-03

标准范围

ISO/IEC TR 29149:2012解释了如何提供和使用时间戳服务，以便时间戳令牌在与其他机制一起用于提供及时性、数据完整性和不可否认性服务时是有效的。它定义了:时间戳请求者应该如何使用时间戳令牌生成服务；TSA（时间戳机构）应如何提供有质量保证的服务；基于良好实践，TSA应如何值得信任；在TST（时间戳令牌）生成和TST更新中应该使用哪些算法和参数，以便在TST可以被验证为有效的时间段期间TST抵抗；时间戳验证者应该如何使用时间戳令牌验证服务，无论是在验证单个TST时，还是在验证续订TST序列时。

ISO/IEC TR 29149:2012 explains how to provide and use time-stamping services so that time-stamp tokens are effective when used to provide timeliness, data integrity, and non-repudiation services in conjunction with other mechanisms. It defines:

• how time-stamp requesters should use time-stamp token generation services;


• how TSAs (time-stamping authorities) should provide a service of guaranteed quality;


• how TSAs should deserve trust based on good practices;


• which algorithms and parameters should be used in TST (time-stamp token) generation and TST renewal, so that TSTs resist during the time period during which the TSTs can be verified as being valid;


• how time-stamp verifiers should use the time-stamp token verification services, both when validating individual TSTs, and when validating sequences of renewal TSTs.

标准预览图