Ascertia Limited
Page 1 of 5
A Quick Guide for ADSS TSA Server
This document aims to provide a quick ‘do this and it works’ guide to evaluating ADSS TSA
Server as an Enterprise or Infrastructure class TSA Server.
TSA Service Overview:
ADSS TSA Server provides a sophisticated RFC3161 compliant timestamp authority with
features that make it suitable for deployment within a managed service environment or within
an enterprise. ADSS Server includes very easy to use security management, detailed
logging, detailed reporting, client authentication options and it also includes role based access
control and optional dual controls for its security operators.
Key Features:
HTTP and HTTP/S interfaces to the TSA using RFC3161 TSP
Ability to set up multiple TSA profiles with their own TSA response signing keys/certificates
Provides multiple policies per logical TSA
Designed for enterprise use, multi-third party use and national or global managed services
Can be used with internal and external trust schemes to minimise external traffic
dependencies
Provides high availability facilities by using two or more servers
Provides a secure browser based management GUI that enforces role-based controls over
operator actions enabling secure remote management. Optionally the use of dual control
can also be configured
Provides optimised internal TSA service to the ADSS signature service for long term
signature creation according to ETSI and PDF standard profiles which require embedded
timestamps
Provides detailed event and transaction logging and reporting to aid help desk queries,
management reporting, auditing as well as legal and regulatory compliance
The TSA service can be configured and managed along with digital signature creation,
verification, validation and certification authority services using the same underlying ADSS
technology and management interface on one or multiple servers
Supports multiple database technologies including MS SQL Server 2000/2005, Oracle 10g
and PostgreSQL (ask about others).
Supports the options of using various PKCS#11 HSMs for secure key management as
well as smartcard based credentials for operator authentication
Provides automated email and SMS alerting to warn specific system operators of key
events occurring on the system
Further Information References:
This document is a quick guide to get a simple configuration of the TSA Service installed,
tested and operational. More detailed information is available in the following documents:
ADSS Server Installation Guide – detailed installation guide
ADSS Server SQL Server 2005 / 2005 Express Installation Guide (also works with 2008)
ADSS Server Oracle 10g Installation Guide (also works with 11g)
ADSS Server Admin Manual – details all the administrative features. The manual is
available online at the following location:
http://www.ascertia.com/helpconsole/ADSS-Admin-Guide/default.aspx
