Timestamping Service is a HTTP service that responds to HTTP POST method

The PKI chain certificates can be found in SK repository.

Figure: Production environment setup

Parameter	Value
LIVE Service address	Issuer CN=SK TSA CA 2023E http://tsa.sk.ee http://tsa.sk.ee/ecc Issuer CN=SK TSA CA 2023R http://tsa.sk.ee/rsa All endpoints available also via HTTPS.
LIVE TSU certificates	SK TIMESTAMPING UNIT 2025E SK TIMESTAMPING UNIT 2025R
TEST environment endpoints	Issuer CN=TEST of SK TSA CA 2023E http://tsa.demo.sk.ee/tsa http://tsa.demo.sk.ee/tsaecc Issuer CN=TEST of SK TSA CA 2023R http://tsa.demo.sk.ee/tsarsa All TEST endpoints available also via HTTPS
TEST TSU certificates	DEMO SK TIMESTAMPING UNIT 2025E DEMO SK TIMESTAMPING UNIT 2025R

Parameter	Value
Repository	Timestamping Authority Practice Statement v7.0 PDF
Timestamping policy OID	0.4.0.2023.1.1
Supported hash algorithms	SHA256, SHA384, SHA512
Signing key parameter	SK TSA CA 2023R: 4096bit RSA SK TSA CA 2023E: elliptic curve P-256
Signing algorithm available	SK TSA CA 2023E: SHA256withECDSA SK TSA CA 2023R: SHA512withRSA
Supported extensions in requests	Not specified
Responses to the correct requests include the following	- Status information - Operation Okay - Signing hash algorithm - Timestamping policy OID - Timestamp time - Timestamping Service Certificate (not incl. certificate chain) - Extensions in use - nonce value - Precision (0x01 seconds) - tsa (timestamping service certificate DN)
Responses to the incorrect requests include the following	- Status information Rejected - Error description
Response to the request from a client that has no access to the timestamping service	HTTP status code 403 - Forbidden
Response to the non-timestamping query	HTTP status code 400 - Bad request