Discuss this help topic in SecureBlackbox Forum
Handle TSP request
Prior to handling TSP requests you need to properly configure your TSP server.
Upon receiving a request, you need to decide whether you want to serve it or not. Your decision can be based on different aspects of the request.
For example, hash algorithm used by the connected client may be considered weak by your security policy. You may want to choose not to return a valid timestamps for such requests:
if (tspServer.TSPInfo.HashAlgorithm != SBConstants.Unit.SB_ALGORITHM_DGST_SHA256)
{
serverResult = SBPKICommon.Unit.psRejection;
failureInfo = SBPKICommon.Unit.pfiBadAlg;
}
Other possible criteria for rejection include the client's IP address and the number of requests it has made.
When preparing a response, you might wish to include accuracy values for your time figures. Accuracy describes the deviation of the time you supply via the Time property relative to the real UTC time. Of course, the accuracy setting is optional and can be omitted.