Concept Definition
What is a trusted timestamp?
A trusted timestamp is a cryptographically secure, verifiable proof that a specific document or data existed at a particular point in time. It is issued by a trusted Time Stamping Authority (TSA) as defined in RFC 3161 and under eIDAS. Trusted timestamps are used in e-invoice archiving to prove the date of document creation.
How are trusted timestamps used in invoice archiving?
Trusted timestamps prove that an invoice existed before a specific date, protecting against backdating. For archiving, timestamps are applied at the time of archival to prove the document existed and was unchanged at that moment.
- At invoice creation: Timestamp proves when the invoice was issued.
- At archival: Timestamp proves the archived document was not altered before archiving.
- Renewal: Long-term archiving requires periodic timestamp renewal before the hash algorithm becomes obsolete.
Frequently Asked Questions
- Is a trusted timestamp the same as a server timestamp?
- No. A server timestamp is a date/time value recorded by a system that is not independently verifiable. A trusted timestamp is issued by an accredited TSA, cryptographically bound to the document hash, and independently verifiable by any party with the TSA's public key.
- Is a trusted timestamp required for e-invoice compliance?
- Not universally mandated, but strongly recommended for long-term archiving. Trusted timestamps provide auditable proof of invoice creation time, which can be decisive in tax disputes about which period an invoice belongs to.