You are here: Home > National
All posts from

cca.gov.in : Time Stamping Services Guidelines for Certifying Authorities CA

Organisation : Controller of Certifying Authorities
Facility : Time Stamping Service
Website : http://www.cca.gov.in/cca/?q=timestamping.html
Download Guidelines : https://www.statusin.in/uploads/34553-TIMESTAMPINGGUIDELINES.pdf

Sponsored Links:
Want to ask a question / comment on this post?
Go to bottom of this page.

Time Stamping Services Guidelines for Certifying Authorities (CA) :

Introduction :
** This is a guidelines for implementation of Time Stamping Services by Certifying Authorities (CA) In support of the IT Act of 2000, the Government of India established the CCA.

Related : DigiLocker Government of India eSign Online Electronic Signature Service : www.statusin.in/34548.html

** Licensed Certifying Authorities (CAs) are required to operate Time Stamping Services. The CAs are also allowed to issue a Time stamping certificate to external entities for their time stamping service provided that the CA shall operate as per the requirements mentioned in section 9 .

Sponsored Links:

Time Stamp Certificate :
** The Time Stamping certificates shall be issued by an Intermediate CA. An intermediate CA with sub-CA must necessarily issue time stamping certificates only through its intermediate CA. If intermediate CA is having no sub-CA, a time stamping CA shall be created to issue time stamping certificates.

Time Stamp Requirements :
Time stamp token:
** Time stamp tokens shall be in compliance with RFC 3161.
** Each time stamp token shall have a unique identifier.

** The time included in the time-stamp token shall be synchronized with Standard Time Source within the accuracy defined in this policy and, if present, within the accuracy defined in the time-stamp token itself. The accuracy is defined to be ± 1 second.

** In compliance with RFC 3161, the time-stamp token shall include a representation (e.g., hash value) of the datum being time-stamped as provided by the time stamp requestor/subscriber.

** The time-stamp token shall be signed using a key generated exclusively for this purpose. The relying parties shall be able to ascertain this by the presence of a critical extended key usage extension of id-kp-timestamping {1 3 6 1 5 5 7 3 8}.

Time Stamping services Clock :
** The time values the Time Stamping services uses in the time-stamp token shall be traceable to a Standard Time Source in India.

** The Time Stamping services clocks shall be protected against threats which could result in an undetected change to the clock that takes it outside its calibration. Examples of threats include tampering by unauthorized personnel, radio or electrical shocks.

** The CA shall provide a capability to detect the Time Stamping services clock being out accuracy specified in this guidelines. When the Time Stamping services clock is detected as being out of the accuracy specified in this guidelines, the event shall be audited and time-stamp tokens shall not be issued. Furthermore, this non-issuance shall be audited.

Note :
** The National Physical Laboratory, India (NPLI), is responsible for maintenance and development of the Indian Standard Time (IST) . NPLI maintains the time scale of Indian Standard Time (IST) with the help of a commercial cesium atomic clock. The time scale maintained by NPL is designated as UTC.

Audit logging Procedures :
** Audit log files shall be generated for all events relating to the security of the Time Stamping services. Where possible, the security audit logs shall be automatically collected.

** Where this is not possible, a logbook, paper form, or other physical mechanism shall be used. All security audit logs, both electronic and non-electronic, shall be retained and made available during compliance audits.

** The security audit logs for each auditable event defined in this section shall be maintained in accordance with Section below.

Types of Event Recorded :
All security auditing capabilities of the operating system and the applications required shall be enabled. As a result, most of the events identified in the table shall be automatically recorded.

At a minimum, each audit record shall include the following (either recorded automatically or manually for each auditable event):
1. The type of event,
2. The date and time the event occurred,
3. Success or failure where appropriate, and
4. The identity of the entity and/or operator that caused the event.

Frequency of Processing Audit Logs :
** Frequency of Time Stamping Services audit log processing shall be in accordance with the requirements set for the CAs in Section 5.4.2 of the [CCACP].

Retention Period for Audit Logs :
** See Section 5.2.1.

Protection of Audit Logs :
** Protection of Time Stamping Services audit log shall be in accordance with the requirements set for the CAs in Section 5.4.4 of the [CCACP].

Audit Log Backup Procedures :
** Audit logs and audit summaries shall be archived per Section 5.2.1.

Audit Collection System (internal vs. external) :
** Time Stamping Services audit collection requirements shall be in accordance with the requirements set for the CAs in Section 5.4.6 of the [CCACP].


Leave a Reply

How to add comment : 1) Type your comment below. 2) Type your name. 3) Post comment.

www.statusin.in © 2021 Contact Us   Privacy Policy   Site Map
Status Check, Procedures, Facilities