0008248: Part 83, section 7.7.1 the timestamp in SignatureProperty of a digital signature cannot be trusted (from D. Ziegler)

ID	Project	Category	View Status	Date Submitted	Last Update

0008248	Part 83: UAFX Offline Engineering	Spec	public	2022-08-25 14:40	2022-10-14 13:20

Reporter	Todd Snide	Assigned To	Todd Snide
Priority	normal	Severity	minor	Reproducibility	have not tried
Status	closed	Resolution	fixed
Product Version	1.00.00 RC3
Target Version	1.00.00 RC3	Fixed in Version	1.00.00 RC3

Summary	0008248: Part 83, section 7.7.1 the timestamp in SignatureProperty of a digital signature cannot be trusted (from D. Ziegler)
Description	In the sentence: According to ISO/IEC 29500-2:2021, each digital signature shall contain in the SignatureProperty element a timestamp indicating the time when the digital signature was created. It needs to be noted that this timestamp cannot really be trusted, since the signer may set it to an arbitrary value.
Tags	No tags attached.

Todd Snide 2022-08-26 16:03 developer ~0017412	The requested note was written in section 7.7.1. Note 1 to entry: Since the timestamp can be set to arbitrary values (within the validity period of the signing certificate) by the signer, it cannot be trusted for security purposes.

Emanuel Kolb 2022-10-14 13:20 manager ~0018045	agreed in the team to close this

Date Modified	Username	Field	Change
2022-08-25 14:40	Todd Snide	New Issue
2022-08-25 14:40	Todd Snide	Status	new => assigned
2022-08-25 14:40	Todd Snide	Assigned To	=> Todd Snide
2022-08-26 16:03	Todd Snide	Status	assigned => resolved
2022-08-26 16:03	Todd Snide	Resolution	open => fixed
2022-08-26 16:03	Todd Snide	Fixed in Version	=> 1.00.00 RC3
2022-08-26 16:03	Todd Snide	Note Added: 0017412
2022-10-14 13:20	Emanuel Kolb	Status	resolved => closed
2022-10-14 13:20	Emanuel Kolb	Note Added: 0018045