Data items
The data items that
TSPOptionSpec
variables
contain.
tspHashAlgorithm
A
string
value
that represents a hash algorithm associated with the TSP.
These
string values are valid:
-
SHA1:
-
The Secure Hash Algorithm that has a 160-bit hash value.
-
SHA256:
-
The Secure Hash Algorithm that has a 256-bit hash value.
-
SHA384:
-
The Secure Hash Algorithm that has a 384-bit hash value.
-
SHA512:
-
The Secure Hash Algorithm that has a 512-bit hash value.
-
RIPEMD160:
-
The RACE Integrity Primitives Evaluation Message Digest that
has a 160-bit message digest algorithm and is not FIPS-compliant.
The
default value is
SHA1
.
tspRevocationCheckStyle
A
string
value
that represents the type of revocation checks performed when verifying
a signature in a PDF document.
These string values are valid:
-
AlwaysCheck:
-
Checks for revocation of all certificates.
-
BestEffort:
-
Checks for revocation of all certificates when possible.
-
CheckIfAvailable:
-
Checks for revocation of all certificates only when revocation
information is available.
-
NoCheck:
-
Does not check for revocation.
The default value is
BestEffort
.
SendNonce
A
boolean
value
that indicates whether a nonce is sent with this TSP request. A
nonce
can
be a timestamp, a visit counter on a web page, or a special marker.
The parameter is intended to limit or prevent the unauthorized replay
or reproduction of a file. A value of
true
indicates
that a nonce is sent with the TSP request and
false
indicates
that nonce is not sent.
tspServerPassword
A
string
value
that represents a password for accessing the TSP server using the
specified user name.
tspServerURL
A
string
value
that represents the URL for the TSP server. If no value is provided,
the timestamp from the local system is applied.
tspServerUserName
A
string
value
that represents a user name for accessing the TSP server.
tspSize
An
int
value
that represents the estimated size of the TSP request in bytes.
Valid values are from
60
to
10240
.
The default value is
4096
.
useExpiredTimestamps
A
boolean
value
that indicates whether to use a timestamp that has expired. A value
of
False
means to not use expired timestamps. The
default is
True
, which means to use expired timestamps
during validation of the certificate.
Datatype specific settings
Properties for configuring time-stamping information applied
to the certified signature.
Time Stamp Server URL
Sets the URL for a TSP server. If no
value is provided, the timestamp from the local system is applied.
Time Stamp Server Username
Sets the user name if necessary
for accessing the TSP server.
Time Stamp Server Password
Sets the password for the user name
if necessary for accessing the TSP server.
Time Stamp Server Hash Algorithm
Sets the hash algorithm used
to digest the request sent to the timestamp provider. The default
value is SHA1. Select one of these values:
-
SHA1:
-
The Secure Hash Algorithm that has a 160-bit hash value.
-
SHA256:
-
The Secure Hash Algorithm that has a 256-bit hash value.
-
SHA384:
-
The Secure Hash Algorithm that has a 384-bit hash value.
-
SHA512:
-
The Secure Hash Algorithm that has a 512-bit hash value.
-
RIPEMD160:
-
The RACE Integrity Primitives Evaluation Message Digest that
has a 160-bit message digest algorithm and is not FIPS-compliant.
Revocation Check Style
Sets the revocation-checking style used for
verifying the trust status of the CRL provider’s certificate from
its observed revocation status. The default value is BestEffort.
Select one of these values:
-
NoCheck:
-
Does not check for revocation.
-
BestEffort:
-
Checks for revocation of all certificates when possible.
-
CheckIfAvailable:
-
Checks for revocation of all certificates only when revocation information
is available.
-
AlwaysCheck:
-
Checks for revocation of all certificates.
Use Expired Timestamps
Select this option to use timestamps
that have expired during the validation of the certificate. When
this option is deselected, expired timestamps are not used. By default,
this option is selected.
Predicted Time Stamp Token Size (In Bytes)
Sets the estimated size,
in bytes, of the TSP response. The size is used to create a signature
hole in the PDF document. This value represents the maximum size
of the timestamp response that the configured TSP could return.
Valid values are from
60
to
10240
.
The default value is
4096
.
Note:
Configuring
an undersized value can cause the operation to fail; however, configuring
an oversized value causes the size to be larger than necessary.
It is recommended that this value is not modified unless that timestamp
server requires a response size to be less than 4096 bytes.
Send Nonce
Select this option to send a nonce with the request.
A
nonce
is a parameter that varies with time. These parameters
can be a timestamp, a visit counter on a web page, or a special
marker. The parameter is intended to limit or prevent the unauthorized
replay or reproduction of a file. When the option deselected, a nonce
is not sent with the request. By default, the option is selected.
|
|
|