From 058a90880ae5118118bea1af7093123d5f291209 Mon Sep 17 00:00:00 2001 From: Thomas Fossati Date: Tue, 10 Sep 2024 12:43:50 +0200 Subject: [PATCH] Update draft-birkholz-cose-tsa-tst-header-parameter.md Co-authored-by: Henk Birkholz --- draft-birkholz-cose-tsa-tst-header-parameter.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/draft-birkholz-cose-tsa-tst-header-parameter.md b/draft-birkholz-cose-tsa-tst-header-parameter.md index 990ff23..3b2d5ba 100644 --- a/draft-birkholz-cose-tsa-tst-header-parameter.md +++ b/draft-birkholz-cose-tsa-tst-header-parameter.md @@ -74,7 +74,7 @@ This is common for accountability and auditability of issued documents. Once a document is registered at a Transparency Service's append-only log, its log entry cannot be changed. In certain cases, the registration policy of a Transparency Service may add a trustworthy timestamp to the signed document. This is done to lock the signature to a specific point in time. -To achieve this, the Transparency Service acquires a TST from a TSA when its registration policy is met, bundles it alongside the signed document, and then registers it. +To achieve this, the Transparency Service acquires a TST from a TSA, bundles it alongside the signed document, and then registers it. A relying party that wants to ascertain the authenticity of a document at a certain time does not have to trust the Transparency Service's clock, which may have been maliciously altered or can simply be inaccurate. This usage scenario motivates the "COSE then Timestamp" mode described in {{sec-cose-then-timestamp}}.