Hi all,
After a conversation with rgdd, I was trying to understand what kind of
temporal guarantees a Sigsum entry can provide. For instance, I need
something akin (but slightly less strict) to a timestamping authority:
something that can attest that a certain signature was included on a
specific date, or at least definitely not afterwards.
This would allow me to enforce expirations over signed artifacts: if an
artifact was included after a certain threshold (e.g., 30 days after
signing), I could consider it expired, knowing that the corresponding
signature couldn’t have been forward-dated.
A naive way to achieve this without Sigsum would be to submit the
content to a timestamping authority (TSA), then include the TSA’s signed
timestamp within the content to be signed. However, this approach
introduces a single point of failure (a trusted third party) and adds
unnecessary format complexity.
Since inclusion proofs from a Sigsum server already include a cosigned
checkpoint with a timestamp, I was wondering whether similar guarantees
could be derived from these components. My concern is that if I simply
trusted the timestamp in the checkpoint, the logic wouldn’t hold: anyone
could request a new inclusion proof at a later time, which would include
a newer checkpoint timestamp and an updated tree head.
One immutable element between proofs is the leaf index, which correlates
monotonically with inclusion order, though not directly with wall-clock
time.
A possible workaround would be to require proofs where the tree size in
the checkpoint is at most N leaves ahead of the included leaf (say <
10), ensuring some temporal proximity between signing and inclusion.
However, this approach would prevent me from obtaining new proofs for
old signatures, for instance, after witness rotation, unless there was
an archive of checkpoints (and the same for witnesses)?
Summarizing: is there a way to use the Sigsum log server and the
witnesses to attest that an inclusion happened at a specific timestamp?
Thank you,
Cheers,
Giulio
