Issues with Time Stamping URL

It has been brought to our attention that the default time stamping url specified in our products is not working. While it is unclear as to why this is the case, for the time being, we recommend our customers use the following time stamp url: http://timestamp.digicert.com

Why does this matter?

This is important for those of you attempting to sign scripts using our products. Time stamping is used to specify time when the digital signature is made, which is required to properly validate the signature. Time stamping allows Authenticode signatures to be verifiable even after the certificates used to create the signature have expired. Authenticode is a Microsoft code-signing technology that is used to identify the publisher of Authenticode-signed software. It also verifies that the software has not been tampered with since it was signed and published.

If a signature time stamp is present, the application which validates the signature will check whether the certificates involved in signature validation were valid at the moment of signing. If the signature does not have a time stamp, certificate validity is checked at the moment of signature validation, which is not always acceptable.

We do apologize for the inconvenience, but this is out of our control. If our default url continues to not work, we will be updating to the time stamp url specified above.