Introduction The time-stamping protocol defined in RFC 3161 [RFC3161] requires that the Cryptographic Message Syntax (CMS) SignedData [RFC5652]@ used to apply a digital signature on the time-stamp token@ include a signed attribute that identifies the signer's certificate. This identifier only allows SHA-1 [SHA1] to be used as the hash algorithm to generate the identifier value. The mechanism used in [RFC3161] employed ESSCertID from RFC 2634 [ESS]. RFC 5035 [ESSV2] updated ESSCertID with ESSCertIDv2 to allow the use of any hash algorithm. The changes to RFC 3161 [RFC3161] defined in this document allow ESSCertIDv2 to be used to include an identifier of the signing certificate as defined in RFC 5035 [ESSV2].
RFC 5816-2010 history
2010RFC 5816-2010 ESSCertIDv2 Update for RFC 3161 (Updates: 3161)