timestamp down

NTDEV
1

Hi,

? recently, I got this message:
"
SignTool Error: The specified timestamp server either could not be reached
or returned an invalid response.
? ? ? ? This may happen if you specify an RFC 3161 timestamp URL but used
? ? ? ? the /t option or you specified a legacy Authenticode timestamp URL
? ? ? ? but used the /tr option.
"
? The build scripts worked a day ago. I have about 20 files to be signed. The builds are called about 20 times a day.

? Has anyone seen this issue?

Regards,
? Calin

2

Verisign? I found 04:00GMT a common failure time - not every day of course! Maybe twice a month. My guess is they are performing some maintenance on the servers and/or routers.

Tim.

From: xxxxx@lists.osr.com [xxxxx@lists.osr.com] On Behalf Of Calin Iaru [xxxxx@yahoo.com]
Sent: 09 March 2012 01:10
To: Windows System Software Devs Interest List
Subject: [ntdev] timestamp down

Hi,

recently, I got this message:
"
SignTool Error: The specified timestamp server either could not be reached
or returned an invalid response.
This may happen if you specify an RFC 3161 timestamp URL but used
the /t option or you specified a legacy Authenticode timestamp URL
but used the /tr option.
"
The build scripts worked a day ago. I have about 20 files to be signed. The builds are called about 20 times a day.

Has anyone seen this issue?

Regards,
Calin

NTDEV is sponsored by OSR

For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer

3

Hi Tim,

? yes, Verisign between March 8 1600 GMT and March 9 0600 GMT. Now it works.

? I would like to know if Verisign is doing it on purpose, so that I can adjust the automated builds. I will ask them.

? Why isn’t Microsoft giving us a timestamp?

Regards,
? Calin

From: Tim Green
To: Windows System Software Devs Interest List
Sent: Friday, March 9, 2012 8:32 AM
Subject: RE: [ntdev] timestamp down

Verisign? I found 04:00GMT a common failure time - not every day of course! Maybe twice a month. My guess is they are performing some maintenance on the servers and/or routers.

Tim.
________________________________________
From: xxxxx@lists.osr.com [xxxxx@lists.osr.com] On Behalf Of Calin Iaru [xxxxx@yahoo.com]
Sent: 09 March 2012 01:10
To: Windows System Software Devs Interest List
Subject: [ntdev] timestamp down

Hi,

? recently, I got this message:

SignTool Error: The specified timestamp server either could not be reached
or returned an invalid response.
? ? ? ? This may happen if you specify an RFC 3161 timestamp URL but used
? ? ? ? the /t option or you specified a legacy Authenticode timestamp URL
? ? ? ? but used the /tr option.

? The build scripts worked a day ago. I have about 20 files to be signed. The builds are called about 20 times a day.

? Has anyone seen this issue?

Regards,
? Calin


NTDEV is sponsored by OSR

For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer


NTDEV is sponsored by OSR

For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer

4

On 3/9/2012 10:42 AM, Calin Iaru wrote:

Why isn’t Microsoft giving us a timestamp?

Ask yourself: How would you feel if everything of the Windows
development ecosystem was controlled by a single company?

5

Works for Apple :wink:

Hagen Patzke wrote:

On 3/9/2012 10:42 AM, Calin Iaru wrote:
> Why isn’t Microsoft giving us a timestamp?

Ask yourself: How would you feel if everything of the Windows
development ecosystem was controlled by a single company?

NTDEV is sponsored by OSR

For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer


Kind regards, Dejan (MSN support: xxxxx@alfasp.com)
http://www.alfasp.com
File system audit, security and encryption kits.

6

>? Why isn’t Microsoft giving us a timestamp?

I would suppose because doing so is exactly what Verisign’s business is and
it is most definitely not what MSFT’s business is. The independent third
party in trust systems is pretty important. Imagine if the
MSFT/APPL/ORACLE/IBM lawyers could also put in their EULAs that they are the
arbiters of whether or not something is ‘authentic’ in addition to all of
the other ground users and other cede in a EULA.

That timestamp is way more than just a sticky-note saying what time it was.
It is a third-party entity that is asserting what time it was that is very
hard to ‘dispute’ - even in a dispute with MSFT/APPL/ORACLE/IBM.

They are the ‘notary public’ for us all.

-dave cattley

7

Hi,

? I asked the q assuming that verising rejected on purpose the signtool request. This was false.

? 1) Verisign says that they don’t have a downtime on their servers.?
? 2) During signtool, the internal network was being reconfigured. It’s the only reason for the failure.

Thank you all for taking the time.

? Calin

From: David R. Cattley
To: Windows System Software Devs Interest List
Sent: Friday, March 9, 2012 2:16 PM
Subject: RE: [ntdev] timestamp down

>? Why isn’t Microsoft giving us a timestamp?

I would suppose because doing so is exactly what Verisign’s business is and
it is most definitely not what MSFT’s business is.? ? The independent third
party in trust systems is pretty important.? Imagine if the
MSFT/APPL/ORACLE/IBM lawyers could also put in their EULAs that they are the
arbiters of whether or not something is ‘authentic’ in addition to all of
the other ground users and other cede in a EULA.

That timestamp is way more than just a sticky-note saying what time it was.
It is a third-party entity that is asserting what time it was that is very
hard to ‘dispute’ - even in a dispute with MSFT/APPL/ORACLE/IBM.

They are the ‘notary public’ for us all.

-dave cattley


NTDEV is sponsored by OSR

For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer