TimestampIt!

Trusted Timestamps. Simplified.

POST https://timestampit.com/create

Use this endpoint to create Trusted Timestamps.

Authentication

This endpoint requires HTTP Basic Authentication.

Parameters

Parameters may be sent as either URL encoded form parameters, OR as a JSON body. Clients should set the 'Content-type' header on their request to 'application/json' if using json.

Parameter name	Required or optional	Description
algorithm	required	The hash algorithm that produced the digest.
digest	required	The output of the hash algorithm.
ext	optional	A string of up to 1 kilobyte in size with any data the user wants included in the signed message. Extended data can be used to extend and customize the kinds of verification that are possible.

Valid algorithm values

TimestampIt! only allows a select list of hash algorithms. Valid values are:

Algorithm	Restrictions on digest
raw	digest can be any non-empty string, up to 1024 characters, without any newline or pipe characters. This value is intended to allow for timestamping small chunks of raw unhashed data.
sha1	digest must be 40 hexadecimal characters
sha256	digest must be 64 hexadecimal characters
sha384	digest must be 96 hexadecimal characters
sha512	digest must be 128 hexadecimal characters
sha3-224	digest must be 56 hexadecimal characters
sha3-256	digest must be 64 hexadecimal characters
sha3-384	digest must be 96 hexadecimal characters
sha3-512	digest must be 128 hexadecimal characters
blake2s256	digest must be 64 hexadecimal characters
blake2b512	digest must be 128 hexadecimal characters

Response codes

Response code	Meaning
201	Trusted Timestamp was successfully created
400	Missing a required parameter, or supplied parameter is invalid. The response body will include an error message describing the specific problem. The errors will be formatted as json or plaintext depending on whether the request was json or not.

Examples

Content-type: application/x-www-form-urlencoded

Request

POST https://timestampit.com/create?algorithm=sha256&digest=cee7d4400474bcff4e669b47a75f0d77a8fa5dca3505b146470b87823a42e8a3

Response:

Upon successful creation, the response body will be a Simple Trusted Timestamp with Content-type: application/timestamp.

1.0|14dcu7ceuu44|2024-07-21T21:10:46Z|sha256|cee7d4400474bcff4e669b47a75f0d77a8fa5dca3505b146470b87823a42e8a3|http://timestampit.com/key/em90guswkwkm|
OIWMbaD8t2Ty1gyBoMaae7JOTn5KkDP/LWeZ7HAycWdsSvJKSqaMXzOnBnIWwkzvOVy6nW/zz63Rffj9KdwTCw==

Content-type: application/json

Request

POST https://timestampit.com/create
{
  "digest":"9e5a7dc7f7fb27425617012e7302d17b6c0bdf9a897a31c71292e909ac102266",
  "algorithm":"sha256",
  "ext":"my custom data"
}

Response

Upon successful creation, the response body will be a JSON encoded Trusted Timestamp with Content-type: application/json.

{
  "version": "1.0",
  "id": "x4nlycebbdjn",
  "timestamp": "2024-07-21T21:34:57Z",
  "algorithm": "sha256",
  "digest": "9e5a7dc7f7fb27425617012e7302d17b6c0bdf9a897a31c71292e909ac102266",
  "key_url": "http://timestampit.com/key/a1b2c3d4e5f6",
  "ext": "my custom data",
  "message": "1.0|x4nlycebbdjn|2024-07-21T21:34:57Z|sha256|9e5a7dc7f7fb27425617012e7302d17b6c0bdf9a897a31c71292e909ac102266|http://timestampit-test.com/key/a1b2c3d4e5f6|my custom data",
  "signature": "O2dTuG4RoZSfeLn6nJmPoM3Ana+/iAuKG4gJTP0FUGvqNxZePexErU+TICpVXt5u7jI4Hy886gr0cTm/W0pVCg==",
  "server_expiration": "2024-07-22T21:58:44Z"
}

JSON Fields

Field	Description
version	Trusted Timestamp files are versioned to allow for updates of the format in the future. The only current value is '1.0'. When validating Trusted Timestamps one should check this value to ensure they are parsing the Trusted Timestamp data correctly.
id	A unique ID for each Trusted Timestamp. IDs are non-sequential random strings of 12 characters currently.
timestamp	The is the precise time the Trusted Timestamp was created at. It is RFC3339 format and always in Coordinated Universal Time (UTC).
algorithm	The hash algorithm used in hashing the file.
digest	The hash digest of the hashed file.
key_url	A trusted URL at which the verification key can be obtained. The last component of the path is the key id which can be used to acquire the key from a trusted backup location in the event the key url is not functional.
ext	A field for any user defined data
message	This is the complete string that is signed. Use this value to verify the signature against.
signature	The signature of the message. Signature is always produced using the ED25519 digital signature standard, and must be verified using the same algorithm.
server_expiration	This is the time at which the Trusted Timestamp is subject to deletion on the TimestampIt! server. TimestampIt! does not store Trusted Timestamps indefinitely. While verification will work indefinitely, however users are generally expected to store the Trusted Timestamps themselves and not rely on them being stored on TimeStampIt! servers.