RFC 3161 Timestamps

Overview

RFC 3161 defines a protocol for trusted timestamps from a Time Stamping Authority (TSA). SESHAT integrates with FreeTSA, providing ISO/IEC 18014-2 certified timestamps.

Why TSA Timestamps?

While blockchain provides timestamps, RFC 3161 adds:

Feature	Blockchain	RFC 3161
Standard	Custom	ISO/IEC 18014-2
Legal acceptance	Growing	Established
Verification	On-chain	Offline possible
Independence	Crypto ecosystem	Traditional PKI

Belt and suspenders: Use both for maximum legal protection.

Configuration

ENABLE_TSA=true
TSA_URL=https://freetsa.org/tsr  # Default

How It Works

Hash Prepared

The Merkle root of your bundle is computed.

Request Sent

ASN.1 DER-encoded TimeStampReq sent to TSA.

Token Received

TSA returns signed TimeStampResp (.tsr file).

Stored

TIMESTAMP.tsr included in bundle.

Verification

Verify with OpenSSL:

# Download FreeTSA certificate chain
curl -O https://freetsa.org/files/cacert.pem
curl -O https://freetsa.org/files/tsa.crt

# Verify timestamp
openssl ts -verify \
  -in TIMESTAMP.tsr \
  -data PROOF_CHAIN.json \
  -CAfile cacert.pem \
  -untrusted tsa.crt

Expected output:

Verification: OK

FreeTSA Details

Provider: FreeTSA.org
Standard: RFC 3161 / ISO/IEC 18014-2
Cost: Free
Accuracy: Synchronized to UTC
Certificate: Publicly verifiable

FreeTSA timestamps are legally recognized in most jurisdictions that accept electronic timestamps.

Core Concepts

Security

RFC 3161 Timestamps

Overview

Why TSA Timestamps?

Configuration

How It Works

Verification

FreeTSA Details

Core Concepts

Security

​Overview

​Why TSA Timestamps?

​Configuration

​How It Works

​Verification

​FreeTSA Details

Overview

Why TSA Timestamps?

Configuration

How It Works

Verification

FreeTSA Details