RFC 3161 Explained Simply — How Trusted Timestamping Works
RFC 3161 is an international standard that defines how to create a trusted timestamp — a cryptographic proof that a digital file existed at a specific point in time. Published by the Internet Engineering Task Force (IETF), it specifies a protocol where a Timestamp Authority (TSA) receives a file's fingerprint, attaches a certified date, and signs it cryptographically. The result is a tamper-proof token that anyone can verify independently. ProofStamper uses RFC 3161 to generate free certified timestamps.
RFC 3161 sounds intimidating — like something only cryptographers care about. In reality, it's a straightforward system that solves a simple problem: how do you prove that a file existed before a certain date, in a way that nobody can dispute? This guide explains the standard in plain language, step by step, with no prerequisite knowledge. By the end, you'll understand exactly what happens when you timestamp a file.
What problem does RFC 3161 solve?
Digital files have a fundamental trust problem: their metadata (creation date, modification date) can be changed by anyone at any time. If you claim a file existed on January 15th, there's no built-in way to prove it — the date on your computer is under your control.
This matters in real situations:
- A freelancer delivers work and the client claims it was late
- A photographer discovers someone copied their image and claims they created it first
- A company needs to prove a compliance document was in place before an audit date
- A researcher needs to establish priority on a discovery
In all these cases, you need a trusted third party to confirm the date — someone who has no stake in the outcome and whose clock you can't manipulate. That's exactly what RFC 3161 provides: a standardized protocol for getting an independent, cryptographically signed timestamp from a Timestamp Authority.
How RFC 3161 works — step by step
1. Hash the file
Your device calculates a cryptographic hash of the file using SHA-256. A hash is a fixed-length string of characters (like a fingerprint) that is unique to the exact content of the file. Even changing a single comma would produce a completely different hash. Crucially, the hash reveals nothing about the file's content — it's a one-way mathematical function.
2. Send the hash to a Timestamp Authority (TSA)
The hash — not the file — is sent to a Timestamp Authority. The TSA is an independent server operated by a trusted organization. It has no knowledge of your file's content, only its fingerprint.
3. The TSA creates a timestamp token
The TSA takes the hash, attaches the current date and time from its own trusted clock, and digitally signs the entire package using its private cryptographic key. This produces a Timestamp Token — a small file (.tsr format) containing the original hash, the exact UTC date and time, the TSA's digital signature, and the TSA's certificate.
4. You receive the proof
You now have a cryptographic proof that the hash (and therefore your file) existed at the certified date. This proof is tamper-proof, independently verifiable, and self-contained — it doesn't depend on any platform or service to remain valid.
project-proposal-v3.pdf → SHA-256: 7d2f3c8a91b4e6f5... (64 characters)
The entire process is zero-knowledge by design: the Timestamp Authority never sees, stores, or has access to your file. It only receives a mathematical fingerprint that reveals nothing about the content.
What's inside a timestamp token?
A .tsr (Timestamp Response) file is a binary file encoded in ASN.1/DER format. Here's a simplified breakdown of what it contains:
- Version
- The protocol version (usually 1)
- Policy OID
- The timestamping policy of the TSA
- Message Imprint
- The hash algorithm used + the hash value you submitted
- Serial Number
- A unique identifier for this specific timestamp
- Generation Time
- The exact UTC date and time the timestamp was created
- Accuracy
- The precision of the TSA's clock (typically within 1 second)
- Nonce
- A random number to prevent replay attacks (optional)
- TSA Certificate
- The TSA's digital certificate, containing the public key needed for verification
You don't need to understand ASN.1 encoding to use RFC 3161. Tools like ProofStamper and OpenSSL handle the parsing for you. But knowing what's inside the token helps you understand why it's trustworthy: every element is cryptographically bound together, so changing any part invalidates the whole proof.
How to verify an RFC 3161 timestamp
Verification is what gives RFC 3161 its legal strength. Anyone can verify a timestamp — you don't need the original timestamping tool or service.
Using ProofStamper (easiest)
Go to the verification page on ProofStamper. Upload your original file and the .tsr token (or your Proof Pack ZIP). The tool recalculates the file's hash, checks it against the hash in the token, and verifies the TSA's digital signature. If everything matches, the timestamp is confirmed valid.
Using OpenSSL (for technical users)
You can verify the timestamp entirely offline using OpenSSL, a free, open-source cryptographic toolkit. The process involves extracting the TSA's certificate from the token, verifying the TSA's signature against the certificate chain, and recalculating the file's hash.
This independence is a key feature: your proof remains valid even if ProofStamper or any other service ceases to exist.
Why courts trust RFC 3161
It's an international standard
RFC 3161 was published by the IETF (Internet Engineering Task Force), the same organization that defines core internet protocols like HTTP and TCP/IP. It's not proprietary technology — it's an open, peer-reviewed standard maintained by the global engineering community.
It's recognized by eIDAS
In the European Union, the eIDAS regulation (Article 41) explicitly defines electronic timestamps and gives them legal effect. An RFC 3161 timestamp qualifies as an electronic timestamp under eIDAS, which means it cannot be denied legal admissibility solely because it's electronic.
The proof is independently verifiable
Unlike platform-dependent audit trails (which require trusting the platform), an RFC 3161 timestamp can be verified by anyone using open-source tools. This independence is what makes it compelling evidence.
Cryptographic integrity is mathematically guaranteed
The digital signature binding the hash and the date is based on public-key cryptography. Forging a valid timestamp would require breaking the TSA's private key — a task that is computationally infeasible with current technology.
RFC 3161 vs other timestamping methods
| Method | Standard | Independence | Verifiability | Speed | Cost | Privacy |
|---|---|---|---|---|---|---|
| RFC 3161 (e.g., ProofStamper) | International (IETF) | ✅ Independent TSA | ✅ Anyone, with open tools | Seconds | Free to low | ✅ Zero-knowledge |
| Blockchain timestamp | Varies | ✅ Decentralized | ✅ Via blockchain explorer | Minutes to hours | $1-10 | ⚠️ Hash may be public |
| Email "self-send" | None | ❌ Same provider | ❌ Provider-dependent | Seconds | Free | ❌ Provider sees content |
| Notary / lawyer | Local law | ✅ Licensed professional | ✅ Signed attestation | Days to weeks | $50-200+ | ❌ Sees document |
| Cloud storage upload date | None | ❌ Provider-controlled | ❌ Provider can modify | Seconds | Free | ❌ Provider sees file |
| Soleau envelope (France) | French law (INPI) | ✅ Government authority | ✅ Official record | 3-4 weeks | €15 | ❌ Physical copy mailed |
RFC 3161 is the only method that is simultaneously free, instant, internationally standardized, independently verifiable, and zero-knowledge. Each other method has trade-offs.
Key terms glossary
- Hash (SHA-256)
- A mathematical function that converts any file into a fixed-length string of characters. It's one-way (you can't reconstruct the file from the hash) and collision-resistant. SHA-256 produces a 256-bit (64-character hexadecimal) output.
- Timestamp Authority (TSA)
- An independent server that issues certified timestamps. It receives a hash, attaches the current date and time, and signs the result. ProofStamper uses FreeTSA, a free, community-operated TSA based in Germany.
- Timestamp Token (.tsr)
- The cryptographic proof file produced by the TSA. It contains the hash, the certified date, and the TSA's digital signature. This is the evidence you keep.
- Digital Signature
- A cryptographic mechanism that proves a message (or token) was created by a specific entity (the TSA) and has not been altered. Based on public-key cryptography.
- eIDAS
- The EU regulation (No 910/2014) on electronic identification and trust services. Article 41 defines electronic timestamps and their legal effect.
- IETF
- The Internet Engineering Task Force, the international organization that develops and publishes internet standards (RFCs). RFC 3161 was published in 2001 and updated by RFC 5816.
- Proof Pack
- ProofStamper's term for the ZIP archive containing your PDF certificate and .tsr cryptographic token. It's a complete, self-contained proof of existence.
Frequently asked questions
- When was RFC 3161 published?
- RFC 3161 ("Internet X.509 Public Key Infrastructure — Time-Stamp Protocol") was published by the IETF in August 2001. It was later updated by RFC 5816 in 2010, which added support for newer signature algorithms. The standard has been stable and widely adopted for over two decades.
- Is RFC 3161 free to use?
- The standard itself is open and free — anyone can implement it. Whether the timestamping service is free depends on the TSA. ProofStamper uses FreeTSA (freetsa.org), a free, community-operated Timestamp Authority. Many commercial TSAs also exist, typically charging per timestamp.
- Can an RFC 3161 timestamp be faked?
- Forging a valid RFC 3161 timestamp would require either compromising the TSA's private key or breaking the underlying cryptographic algorithms — both of which are computationally infeasible with current technology.
- What's the difference between RFC 3161 and a blockchain timestamp?
- Both prove that data existed at a point in time. RFC 3161 relies on a trusted third party (the TSA), while blockchain timestamps rely on a decentralized network. RFC 3161 is faster (seconds vs. minutes/hours), standardized (recognized by eIDAS), and zero-knowledge. Blockchain offers decentralization but may publicly expose the hash.
- Does RFC 3161 prove who created the file?
- No. RFC 3161 proves that a file existed at a specific date — not who created it. Establishing authorship requires additional evidence. However, in many disputes, proving the date of existence is sufficient.
- What hash algorithms does RFC 3161 support?
- RFC 3161 is algorithm-agnostic, but SHA-256 is the most commonly used algorithm today. Older implementations used SHA-1, which is now considered deprecated for security-sensitive applications. ProofStamper uses SHA-256 exclusively.