Hi all. We're a software development company - we use public code-signing certificates along with external TSA servers for timestamps. Issue is with the external servers throttling access and we've got a fairly high number of files that need signing - our build time takes hours. Is it possible to purchase public TSA server certificates to allow us to set up our own timestamp server but the resulting EXE's etc to still be publicly verifiable? Thanks for any info.
I hope you are well. TSA Server provides independent and irrefutable proof of time for transactions, documents and digital signatures. It can be used to create legal weight evidence that business transactions occurred at a defined moment in time, that e-documents existed at a particular time and that they have not been subsequently altered. It can also independently prove when a digital signature was applied by the signer so that its validity can be verified in the long-term, even after expiry or revocation of signer’s digital credentials.
You can contact GoDaddy about public TSA server certificates.