David Hook

Yes, as far as I can tell that's correct. I think the idea was also to allow "traditional" timestamps to be migrated into Archive ones and provide a mechanism to...

Hmmm... Um so there's: "Section 4.3 - 2. Search for hash value h in the first list (partialHashtree) of reducedHashtree. If not present, terminate verification process with negative result." For...

Yes, it really is a bit of free for all isn't it. This is starting to feel more like an episode of Survivor than implementing a standard. The only catch...

I don't we have an equivalent to "archiveTimeStamp.getHashAlgorithmInfo().isSecureAt(timeStampToken.getGenerationInstant())" I'd be interested to know what it's based on - usually the problem with hashes algorithms going off isn't about when the...

I've emailed the three authors at the most current addresses I could find.

> @dghgit: > > At section 5.3: > > > All Archive Timestamps within a chain MUST > > use the same hash algorithm and this **algorithm MUST be secure...

Fair enough. When I read things like this I tend to think of a person rather than an API though. How are you doing it? Is the idea to pass...

Okay, these things are often really local policy decisions. I'd suggest for something like this we come up with some properties that can go in java.security. Something along the lines...

Hmmm... Maybe following certificate terminology might be better: ers.accepted.digests: sha1, sha256, sha512 ers.digest.sha1.not_after: 2020-12-31 if it turns out a start date is needed we can just add a "not_before" later,...

I've added the test data. I'm relieved to say it appears we can parse and search all of it correctly.