In a signature workflow there may be a number of different
timestamps. For example, under PAdES a fully qualified Long Term
Archival (PADES_B_LTA) signature will have a minimum of three
- To conform to PAdES B_T the signature itself must be
- To conform to PAdES B_LT there should be a timestamp entry
(/TS) in the /VRI entry in the Document Security Store (DSS) for
- To conform to PAdES B_LTA the above must be signed with a
separate document timestamp signature.
This property enables you to specify the hash algorithm
compatible with your desired timestamping service.
For convenience when a signature is created with SignatureCompliance set to a level above
PAdES_B_B, this value is used to compute the digests for all
required timestamping operations above.
Note that MD5 or SHA1 should not be used where PAdES conformance
It is unlikely that you would need to change this from the
default Oid for SHA256.