TimestampIt!

Trusted Timestamps. Simplified.

Log inSign Up

POST https://timestampit.com/create

Use this endpoint to create Trusted Timestamps.

Authentication

This endpoint requires HTTP Basic Authentication.

Parameters

Parameters may be sent as either URL encoded form parameters, OR as a JSON body. Clients should set the 'Content-type' header on their request to 'application/json' if using json.

Parameter name Required or optional Description
algorithm required The hash algorithm that produced the digest.
digest required The output of the hash algorithm.
ext optional A string of up to 1 kilobyte in size with any data the user wants included in the signed message. Extended data can be used to extend and customize the kinds of verification that are possible.

Valid algorithm values

TimestampIt! only allows a select list of hash algorithms. Valid values are:

Algorithm Restrictions on digest
raw digest can be any non-empty string, up to 1024 characters, without any newline or pipe characters. This value is intended to allow for timestamping small chunks of raw unhashed data.
sha1 digest must be 40 hexadecimal characters
sha256 digest must be 64 hexadecimal characters
sha384 digest must be 96 hexadecimal characters
sha512 digest must be 128 hexadecimal characters
sha3-224 digest must be 56 hexadecimal characters
sha3-256 digest must be 64 hexadecimal characters
sha3-384 digest must be 96 hexadecimal characters
sha3-512 digest must be 128 hexadecimal characters
blake2s256 digest must be 64 hexadecimal characters
blake2b512 digest must be 128 hexadecimal characters

Response codes

Response code Meaning
201 Trusted Timestamp was successfully created
400 Missing a required parameter, or supplied parameter is invalid. The response body will include an error message describing the specific problem. The errors will be formatted as json or plaintext depending on whether the request was json or not.

Examples

Content-type: application/x-www-form-urlencoded

Request

POST https://timestampit.com/create?algorithm=sha256&digest=cee7d4400474bcff4e669b47a75f0d77a8fa5dca3505b146470b87823a42e8a3

Response:

Upon successful creation, the response body will be a Simple Trusted Timestamp with Content-type: application/timestamp.

1.0|14dcu7ceuu44|2024-07-21T21:10:46Z|sha256|cee7d4400474bcff4e669b47a75f0d77a8fa5dca3505b146470b87823a42e8a3|http://timestampit.com/key/em90guswkwkm|
OIWMbaD8t2Ty1gyBoMaae7JOTn5KkDP/LWeZ7HAycWdsSvJKSqaMXzOnBnIWwkzvOVy6nW/zz63Rffj9KdwTCw==

Content-type: application/json

Request

POST https://timestampit.com/create
{
  "digest":"9e5a7dc7f7fb27425617012e7302d17b6c0bdf9a897a31c71292e909ac102266",
  "algorithm":"sha256",
  "ext":"my custom data"
}

Response

Upon successful creation, the response body will be a JSON encoded Trusted Timestamp with Content-type: application/json.

{
  "version": "1.0",
  "id": "x4nlycebbdjn",
  "timestamp": "2024-07-21T21:34:57Z",
  "algorithm": "sha256",
  "digest": "9e5a7dc7f7fb27425617012e7302d17b6c0bdf9a897a31c71292e909ac102266",
  "key_url": "http://timestampit.com/key/a1b2c3d4e5f6",
  "ext": "my custom data",
  "message": "1.0|x4nlycebbdjn|2024-07-21T21:34:57Z|sha256|9e5a7dc7f7fb27425617012e7302d17b6c0bdf9a897a31c71292e909ac102266|http://timestampit-test.com/key/a1b2c3d4e5f6|my custom data",
  "signature": "O2dTuG4RoZSfeLn6nJmPoM3Ana+/iAuKG4gJTP0FUGvqNxZePexErU+TICpVXt5u7jI4Hy886gr0cTm/W0pVCg==",
  "server_expiration": "2024-07-22T21:58:44Z"
}

JSON Fields

Field Description
version Trusted Timestamp files are versioned to allow for updates of the format in the future. The only current value is '1.0'. When validating Trusted Timestamps one should check this value to ensure they are parsing the Trusted Timestamp data correctly.
id A unique ID for each Trusted Timestamp. IDs are non-sequential random strings of 12 characters currently.
timestamp The is the precise time the Trusted Timestamp was created at. It is RFC3339 format and always in Coordinated Universal Time (UTC).
algorithm The hash algorithm used in hashing the file.
digest The hash digest of the hashed file.
key_url A trusted URL at which the verification key can be obtained. The last component of the path is the key id which can be used to acquire the key from a trusted backup location in the event the key url is not functional.
ext A field for any user defined data
message This is the complete string that is signed. Use this value to verify the signature against.
signature The signature of the message. Signature is always produced using the ED25519 digital signature standard, and must be verified using the same algorithm.
server_expiration This is the time at which the Trusted Timestamp is subject to deletion on the TimestampIt! server. TimestampIt! does not store Trusted Timestamps indefinitely. While verification will work indefinitely, however users are generally expected to store the Trusted Timestamps themselves and not rely on them being stored on TimeStampIt! servers.