What does a time stamp do?
E-signature certificates have an expiration date, they are valid for a certain amount of time, e.g., 2 or 3 years. This means that after the expiration date, you can’t sign any documents and your previously created signatures without a time stamp are not valid anymore. Looks quite simple, right? Well, here’s a thought through a simple example.
Let’s say, your e-signature certificate expires tomorrow. You sign a document today. The next day comes and… if someone asks for a written proof, how would you prove that this document is valid? How would you prove you signed it yesterday, not today already when the certificate has expired? That’s where a time stamp comes in. It is used to record data on the signature to prove that it was created at the time when the certificate was still valid. If there’s no timestamp, then there is no way to know when the signature was created, and it can be assumed that it could have been made at any moment of time, possibly after the certificate had been expired or revoked.
Simply put, time stamps are used to specify time till when signature was created. Time stamp is the only way to prove that signature was created when signer’s certificate was still valid.
Time stamp in eIDAS regulation
From a technical sense, eIDAS defines electronic time stamp as “data in electronic form which binds other data in electronic form to a particular time establishing evidence that the latter data existed at that time”.
An electronic time stamp is qualified when it binds the date and time to data in such a way that there is no possibility to change date undetectably, it is based on an accurate time source and it is signed using an advanced electronic signature or an advanced electronic seal of the qualified trust service provider.
Just as an electronic signature, an electronic time stamp shouldn’t be denied legal effect just because it is in an electronic form. A qualified time stamp issued in the EU is valid and recognised in all other Member States.