|
US$449.00 · In stock
Delivery: <= 4 days. True-PDF full-copy in English will be manually translated and delivered via email.
GB/T 20520-2025: Cybersecurity technology - Public key infrastructure - Specification for time stamp
Status: Valid GB/T 20520: Evolution and historical versions
| Standard ID | Contents [version] | USD | STEP2 | [PDF] delivered in | Standard Title (Description) | Status | PDF |
| GB/T 20520-2025 | English | 449 |
Add to Cart
|
4 days [Need to translate]
|
Cybersecurity technology - Public key infrastructure - Specification for time stamp
| Valid |
GB/T 20520-2025
|
| GB/T 20520-2006 | English | 150 |
Add to Cart
|
0--9 seconds. Auto-delivery
|
Information security technology - Public key infrastructure - Time stamp specification
| Valid |
GB/T 20520-2006
|
PDF similar to GB/T 20520-2025
Basic data | Standard ID | GB/T 20520-2025 (GB/T20520-2025) | | Description (Translated English) | Cybersecurity technology - Public key infrastructure - Specification for time stamp | | Sector / Industry | National Standard (Recommended) | | Classification of Chinese Standard | L80 | | Classification of International Standard | 35.030 | | Word Count Estimation | 22,284 | | Date of Issue | 2025-08-01 | | Date of Implementation | 2026-02-01 | | Older Standard (superseded by this standard) | GB/T 20520-2006 | | Issuing agency(ies) | State Administration for Market Regulation, Standardization Administration of China | GB/T 20520-2025: Cybersecurity technology - Public key infrastructure - Specification for time stamp
---This is an excerpt. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.), auto-downloaded/delivered in 9 seconds, can be purchased online: https://www.ChineseStandard.net/PDF.aspx/GBT20520-2025
ICS 35.030
CCSL80
National Standard of the People's Republic of China
Replaces GB/T 20520-2006
Cybersecurity Technology Public Key Infrastructure
Timestamp Specification
Released on August 1, 2025
Implementation on February 1, 2026
State Administration for Market Regulation
The National Standardization Administration issued
Table of Contents
Preface III
1 Scope 1
2 Normative references 1
3 Terms and Definitions 1
4 Abbreviations 2
5.Composition, content and application of time stamp system 2
5.1 Timestamp System Composition 2
5.2 Timestamp Content 3
5.3 Timestamp Application and Issuance 3
6 Basic requirements for timestamps 3
6.1 Application and Issuance Requirements 3
6.2 Trusted Time Generation Requirements 4
6.3 Time Synchronization Requirements 4
6.4 Request and response message format requirements 4
7 Timestamp System Security Requirements 4
7.1 Safety Management Requirements 4
7.2 Safety Technical Requirements 6
8 Test and Evaluation Methods 8
8.1 Application and issuance methods 8
8.2 Credible Time Generation 8
8.3 Time Synchronization 8
8.4 Request and Response Message Format 8
8.5 Timestamp System Security Management Requirements 8
8.6 Technical Requirements for Timestamp System Security 11
Appendix A (Normative) ASN.1 Description of Timestamp Request and Response Message Formats 13
A.1 Basic Requirements 13
A.2 Timestamp Request Format 13
A.3 Timestamp Response Format 13
A.4 KeyUsage extension field OID definition 16
Reference 17
Preface
This document is in accordance with the provisions of GB/T 1.1-2020 "Guidelines for standardization work Part 1.Structure and drafting rules for standardization documents"
Drafting.
This document replaces GB/T 20520-2006 "Information Security Technology Public Key Infrastructure Timestamp Specification".
Compared with.2006, in addition to structural adjustments and editorial changes, the main technical changes are as follows.
a) The scope of the standard has been changed (see Chapter 1, Chapter 1 of the.2006 edition);
b) Change “the composition of the time stamp system” to “the composition, content and application for issuance of the time stamp system” (see Chapter 5,.2006 Edition).
Chapter 5, 6.4, Chapter 8);
c) Changed "Generation and issuance of timestamps" to "Basic requirements for timestamps" and added the use of "Application and issuance requirements"
SOAP method (see 6.1), modified some requirements of "the method of generating trusted time" (see 6.2, 6.2 of the.2006 edition);
d) Change “TSA requirements” to “general requirements” (see 7.1.1, 8.1 of the.2006 edition), and delete some requirements [see
7.1.1, 8.1c) and d) of the.2006 edition];
e) Deleted "storage at the user's site" (see 7.1.2 of the.2006 edition);
f) Deleted the requirements for backup media, off-site backup, and backup cryptographic algorithms [see 7.2b), c), and f) of the.2006 edition];
g) Change "physical security" and "software security" to "general security", and add communication networks, regional boundaries, computing environments and management
Heart-related requirements (see 7.2.1, 9.1 and 9.2 of the.2006 edition);
h) Changed the requirements for the security of cryptographic applications in the "Signature System" (see 7.2.2, 9.2.3 of the.2006 edition);
i) Deleted the security requirements for “time stamp database” (see 9.2.4 of the.2006 edition);
j) Deleted the file extension requirement for "Save File" (see 8.2.5 of the.2006 edition);
k) Added "Test and Evaluation Methods" and provided test and evaluation methods corresponding to safety requirements (see Chapter 8);
l) The ASN.1 structure and description of the timestamp request and response message formats have been changed (see Appendix A, 8.4 of the.2006 edition).
Please note that some of the contents of this document may involve patents. The issuing organization of this document does not assume the responsibility for identifying patents.
This document is proposed and coordinated by the National Cybersecurity Standardization Technical Committee (SAC/TC260).
This document was drafted by. Institute of Software, Chinese Academy of Sciences, University of Chinese Academy of Sciences, Changchun Jida Zhengyuan Information Technology Co., Ltd.,
China Science and Technology Information Security Common Technology National Engineering Research Center Co., Ltd., Beijing Digital Certification Co., Ltd., China Electronics Science and Technology Network Security Technology
Co., Ltd., Beijing Zhongguancun Laboratory, the Third Research Institute of the Ministry of Public Security, and the Cybersecurity Industry Development Center of the Ministry of Industry and Information Technology (Industry and
Information Center of the Ministry of Information Technology), Guangdong Electronic Commerce Certification Co., Ltd., Beijing Tianrongxin Network Security Technology Co., Ltd., Boya Zhongke
(Beijing) Information Technology Co., Ltd., Digital Security Times Technology Co., Ltd., Tongzhi Weiye Software Co., Ltd., and Asiadata Information Technology
(Shanghai) Co., Ltd., Shanghai Digital Certificate Certification Center Co., Ltd., State Grid Blockchain Technology (Beijing) Co., Ltd., Shaanxi Provincial Information Technology Co., Ltd.
Engineering Research Institute, Zhengzhou Xindajiean Information Technology Co., Ltd., Hangzhou Hikvision Digital Technology Co., Ltd., Changyang Technology
(Beijing) Co., Ltd., Beijing Times Newway Information Technology Co., Ltd., Beijing Core Shield Times Technology Co., Ltd., Beijing Tianrongxin Network
Security Technology Co., Ltd., Shenzhen E-Commerce Security Certificate Management Co., Ltd., Jiangnan Xinan (Beijing) Technology Co., Ltd., Zhejiang Dahua
Technology Co., Ltd., Qi'anxin Wangshen Information Technology (Beijing) Co., Ltd., Zhejiang Jiuzhou Quantum Information Technology Co., Ltd.,
Zhongfu Information Co., Ltd., GXT (Beijing) Information Technology Co., Ltd., and the Sixth Research Institute of China Electronics Corporation.
The main drafters of this document are. Feng Dengguo, Zhang Yan, Zhang Liwu, Jing Jiwu, Yang Lingbo, Zhang Baoxin, Liu Limin, Hu Jianxun, Zhao Song, Li Guanlin,
Meng Jiaying, Chen Yan, Pan Yi, Chen Zixiong, Xiao Yan, Zhang Chao, Cheng Kewei, Deng Zhaohan, Jiao Zhengkun, Wei Yicai, Wang Yulin, Gao Zhenpeng, Yang Ke, Zhao Xiaorong,
Liu Weihua, Wang Bin, Zhao Hua, Du Yunhao, Wang Zaifang, Liang Zhenquan, Wang Haiyang, Chen Fang, Huang Liang, Yu Jianjiang, Chen Teng, Wang Bin, and Chen Huaifeng.
The previous versions of this document and the documents it replaces are as follows.
---First published in.2006 as GB/T 20520-2006;
---This is the first revision.
Cybersecurity Technology Public Key Infrastructure
Timestamp Specification
1 Scope
This document provides the composition of the timestamp system, the content of the timestamp and the application and issuance process, specifies the timestamp security requirements, and describes the relevant
Appropriate test and evaluation methods.
This document is applicable to the design, development, and testing of time stamping systems and their applications.
2 Normative references
The contents of the following documents constitute the essential clauses of this document through normative references in this document.
For referenced documents without a date, only the version corresponding to that date applies to this document; for referenced documents without a date, the latest version (including all amendments) applies to
This document.
GB/T 16262.1 Information technology Abstract Syntax Notation One (ASN.1) Part 1.Basic notation specification
GB/T 20518-2018 Information Security Technology Public Key Infrastructure Digital Certificate Format
GB/T 22239-2019 Information security technology - Basic requirements for cybersecurity level protection
GB/T 25069 Information Security Technical Terminology
GB/T 39786 Information security technology Basic requirements for the application of cryptography in information systems
3 Terms and Definitions
The terms and definitions defined in GB/T 25069 and the following apply to this document.
3.1
timestamp
timestamptoken
After confirming the original data information, signature parameters, signature time, etc., a digital signature technology is used to prove that the original data
Data that existed before the signing time.
3.2
trusted time
An accurate and reliable current time value.
3.3
timestampauthority
A trusted service for generating and managing timestamps.
[Source. GM/Z0001-2013, 2.101]
3.4
TimestampService
A service used to prove that original data existed before a certain moment.
Note. The requesting party provides the data, and the timestamp system issues a timestamp for the data.
[Source. ISO /IEC 18014-1.2008, 3.18, with modifications]
Tips & Frequently Asked Questions:Question 1: How long will the true-PDF of GB/T 20520-2025_English be delivered?Answer: Upon your order, we will start to translate GB/T 20520-2025_English as soon as possible, and keep you informed of the progress. The lead time is typically 2 ~ 4 working days. The lengthier the document the longer the lead time. Question 2: Can I share the purchased PDF of GB/T 20520-2025_English with my colleagues?Answer: Yes. The purchased PDF of GB/T 20520-2025_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet. Question 3: Does the price include tax/VAT?Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countriesQuestion 4: Do you accept my currency other than USD?Answer: Yes. If you need your currency to be printed on the invoice, please write an email to [email protected]. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay. Question 5: Should I purchase the latest version GB/T 20520-2025?Answer: Yes. Unless special scenarios such as technical constraints or academic study, you should always prioritize to purchase the latest version GB/T 20520-2025 even if the enforcement date is in future. Complying with the latest version means that, by default, it also complies with all the earlier versions, technically.
|