Support timestamp responses during both signing and verification?

[woodruffw]

Sigstore has an RFC 3161 TSA now, and signers can request a TSR from it while signing.

During signing, this would probably look like:

1. Doing signing as normal;
2. Submitting a timestamp request (probably the digest of the signature) to Sigstore's TSA (or a custom TSA), and retrieving the TSR
3. Uploading the TSR to Rekor

and then, for verification:

1. Checking if a TSR is present ({input}.tsr);
2. If present, verifying it against the TSA's public material;
3. Confirming that the TSR was entered into Rekor during the certificate's validity period

(I think I got that right, but I might be missing a few details.)

cc @di for thoughts on whether we should support this.

[woodruffw]

CC @tnytown this is a good one to take a stab at as well!

[woodruffw]

Some relevant docs here: https://github.com/sigstore/timestamp-authority

[woodruffw]

xref sigstore/root-signing#466: this is probably blocked for us on the fact that the TSA's cert chain isn't included in the TUF repo yet.

Edit: Scheduled for v7 of the TUF root: sigstore/root-signing#616

[woodruffw]

Should be unblocked now.

Triage: this might be worth scheduling for the 2.0, although nobody is currently assigned to it.

[haydentherapper]

Hey @woodruffw, just wondering, are there any major blockers for this? Is there python support for rfc3161 timestamping?

[woodruffw]

Hey @woodruffw, just wondering, are there any major blockers for this? Is there python support for rfc3161 timestamping?

I don't know of a good client implementation, unfortunately 😞 -- there are a few public ones, but most seem pretty small:

• https://github.com/pyauth/tsp-client
• https://github.com/trbs/rfc3161ng

(tsp-client looks promising, but I haven't looked closely at it yet.)

Another option here would be to add TSR/RFC 3161 support to Cryptography, or potentially reuse the existing PKCS#7/CMS support (since, IIRC, RFC 3161 boils down to a CMS envelope anyways).