On Mon, 22 Jan 1996, Doug Hughes wrote: > The best way to do this is with digital signatures. If you include the time > in the body of the message, and then sign the body of the message, there ca > be no doubt about the time (unless you have a weak key-length, or your key > has been compromised). PGP/PEM will do this. > There can be no doubt. Use the largest key you can. The original question and the response both beg the question of what you mean by "secure timestamp." If you mean that "the timestamp is an accurate reflection of the system clock at the time it was written," then this response is a potential solution. Unfortunately, the system clock is probably still vulnerable and you won't have gained much by implementing this. If you mean that "the system clock is an accurate reflection of the external world and the timestamp accurately reflects the system clock," you have taken on a much harder problem. If, perhaps, you mean only that the timestamps should accurately indicate the order in which the messages were received, then the solutions to both of the problems posed above are overkill. Before the original question can be answered satisfactorily, the questioner needs to decide what he means by secure and why he wants that. ---D