Hi all,
After a conversation with rgdd, I was trying to understand what kind of temporal guarantees a Sigsum entry can provide. For instance, I need something akin (but slightly less strict) to a timestamping authority: something that can attest that a certain signature was included on a specific date, or at least definitely not afterwards.
This would allow me to enforce expirations over signed artifacts: if an artifact was included after a certain threshold (e.g., 30 days after signing), I could consider it expired, knowing that the corresponding signature couldn’t have been forward-dated.
A naive way to achieve this without Sigsum would be to submit the content to a timestamping authority (TSA), then include the TSA’s signed timestamp within the content to be signed. However, this approach introduces a single point of failure (a trusted third party) and adds unnecessary format complexity.
Since inclusion proofs from a Sigsum server already include a cosigned checkpoint with a timestamp, I was wondering whether similar guarantees could be derived from these components. My concern is that if I simply trusted the timestamp in the checkpoint, the logic wouldn’t hold: anyone could request a new inclusion proof at a later time, which would include a newer checkpoint timestamp and an updated tree head.
One immutable element between proofs is the leaf index, which correlates monotonically with inclusion order, though not directly with wall-clock time.
A possible workaround would be to require proofs where the tree size in the checkpoint is at most N leaves ahead of the included leaf (say < 10), ensuring some temporal proximity between signing and inclusion. However, this approach would prevent me from obtaining new proofs for old signatures, for instance, after witness rotation, unless there was an archive of checkpoints (and the same for witnesses)?
Summarizing: is there a way to use the Sigsum log server and the witnesses to attest that an inclusion happened at a specific timestamp?
Thank you, Cheers, Giulio