Last active
April 9, 2025 07:42
-
Star
(368)
You must be signed in to star a gist -
Fork
(69)
You must be signed in to fork a gist
List of free rfc3161 servers.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| https://rfc3161.ai.moda | |
| https://rfc3161.ai.moda/adobe | |
| https://rfc3161.ai.moda/microsoft | |
| https://rfc3161.ai.moda/apple | |
| https://rfc3161.ai.moda/any | |
| http://rfc3161.ai.moda | |
| http://timestamp.digicert.com | |
| http://timestamp.globalsign.com/tsa/r6advanced1 | |
| http://rfc3161timestamp.globalsign.com/advanced | |
| http://timestamp.sectigo.com | |
| http://timestamp.apple.com/ts01 | |
| http://tsa.mesign.com | |
| http://time.certum.pl | |
| https://freetsa.org | |
| http://tsa.startssl.com/rfc3161 | |
| http://dse200.ncipher.com/TSS/HttpTspServer | |
| http://zeitstempel.dfn.de | |
| https://ca.signfiles.com/tsa/get.aspx | |
| http://services.globaltrustfinder.com/adss/tsa | |
| https://tsp.iaik.tugraz.at/tsp/TspRequest | |
| http://timestamp.entrust.net/TSS/RFC3161sha2TS | |
| http://timestamp.acs.microsoft.com |
I created a simple time stamp query http(s) client and sent a simple query to the servers mentioned in your list. Here are the simplified results:
Probably some of these URLs need a path (e.g. freetsa.org should be http(s)://freetsa.org/tsr).
http://timestamp.globalsign.com/tsa/r6advanced1: OK
http://timestamp.digicert.com: OK
http://timestamp.acs.microsoft.com: OK
http://time.certum.pl: OK
http://rfc3161timestamp.globalsign.com/advanced: OK
http://zeitstempel.dfn.de: fail
http://tsa.startssl.com/rfc3161: fail
http://tsa.mesign.com: fail
http://timestamp.sectigo.com: fail
http://timestamp.entrust.net/TSS/RFC3161sha2TS: fail
http://timestamp.apple.com/ts01: fail
https://tsp.iaik.tugraz.at/tsp/TspRequest: fail
https://rfc3161.ai.moda/microsoft: fail
https://rfc3161.ai.moda: fail
https://rfc3161.ai.moda/apple: fail
https://rfc3161.ai.moda/any: fail
https://rfc3161.ai.moda/adobe: fail
https://freetsa.org: fail
http://services.globaltrustfinder.com/adss/tsa: fail
https://ca.signfiles.com/tsa/get.aspx: fail
http://rfc3161.ai.moda: fail
http://dse200.ncipher.com/TSS/HttpTspServer: fail
@HeikoSchlittermann Could you please explain how your client works? Those results seem very wrong to me.
The following have stopped working for years:
http://tsa.startssl.com/rfc3161
http://services.globaltrustfinder.com/adss/tsa
http://dse200.ncipher.com/TSS/HttpTspServer
The following, as mentioned, had the URL wrong:
https://freetsa.org it should be: https://freetsa.org/tsr
The rest is working properly.
So something is wrong with thou simple time stamp client.
rfc3161 timestamping servers – March 2025 update
[#] = LTV (long-term validity) enabled
[*] = increased sigvalue size; if using Adobe Acrobat on Windows, a registry modification may be required in accordance with these instructions
Working
QUALIFIED (EU Trust List)
http://tss.accv.es:8318/tsa [#]
https://timestamp.aped.gov.gr/qtss [*]
http://tsa.baltstamp.lt [#]
http://tsa.belgium.be/connect [#]
http://ts.cartaodecidadao.pt/tsa/server [LTV]
http://ts.quovadisglobal.com/eu [# *]
http://tsa.izenpe.com [#]
http://timestamp.sectigo.com/qualified
TRUSTED (Adobe Trust List)
http://rfc3161.ai.moda (and other URL variants) [*]
http://timestamp.digicert.com
http://timestamp.comodoca.com (and other URL variants) [*]
http://timestamp.entrust.net/TSS/RFC3161sha2TS
http://timestamp.identrust.com
http://ts.quovadisglobal.com/ch [*]
http://timestamp.sectigo.com
http://ts.ssl.com
http://tsa.swisssign.net [*]
https://tsa.wotrus.com
UNTRUSTED
http://timestamp.apple.com/ts01
http://time.certum.pl [*]
https://tsa.cesnet.cz:3162/tsa
http(s)://zeitstempel.dfn.de [*]
http://tsa.sinpe.fi.cr/tsaHttp/ (trailing slash required)
http://timestamp.globalsign.com/advanced (and other URL variants)
https://freetsa.org/tsr
http://tsa.lex-persona.com/tsa
https://tsa.mahidol.ac.th/tsa/get.aspx
https://time.mconnect.mc
http://timestamp.acs.microsoft.com
http://dss.nowina.lu/pki-factory/tsa/good-tsa
http://timestamp.ssl.trustwave.com
Not working
http://psis.catcert.cat/psis/catcert/tsp (timeout)
http://tsa.mesign.com (timeout/crash, likely moved to https://tsa.wotrus.com)
http://tsa.safecreative.org (timeout/crash)
http://tsa.sep.bg (timeout/gone)
http://sha256timestamp.ws.symantec.com/sha256/timestamp (timeout/error)
https://tsp.iaik.tugraz.at/tsp/TspRequest (error)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
@Manouchehri great, thanks a lot, works perfectly. Now we can call our "time stamper" util with your load balancer.