Home>CEO Blog>Postmail + Postmark, E-mail + E-postmark

Postmail + Postmark, E-mail + E-postmark2021.04.21

The mail transmitted by post office has postmark, this everyone knows. Wikipedia introduce “Postmark” like this: A postmark is a postal marking made on an envelope, parcel, postcard or the like, indicating the place, date and time that the item was delivered into the care of a postal service, or sometimes indicating where and when received or in transit. Modern postmarks are often applied with the cancellation that marks postage stamps as having been used. Sometimes a postmark alone is used to cancel stamps. Postmarks may be applied by handstamp or machine, using methods such as rollers or inkjets.

I think the reader has guess what I want to write in this article. The traditional mail has a postmark. One of the important roles is to prove the location, date and time of the mail delivery. This is very important before the Internet is not popular, for example, many submissions have deadlines. The deadline is generally based on the postmark stamped on the submission mail. Even in the current Internet era, some important election votes still use paper voting. Whether the vote is valid or not is also based on the postmark as an important judgment.

Postmail + Postmark, E-mail + E-postmark Postmail + Postmark, E-mail + E-postmark

From the birth of the first email marked with the @ symbol in 1971, to 2021 now, the email has a history of 50 years. At present, email has become a must for people's life and work. However, the email sent time displayed in the email is the user’s local computer time or the mail server time. This is an untrustworthy time. That is to say, the email sent time that everyone sees when they receive emails every day is actually the time on the mail server, which can be modified artificially. This time cannot be used as a trusted time like the postmark stamped by the post office. If the court directly accepts the email sent time during electronic evidence collection, there is a legal risk.

So, how to prove that the email sent time is trusted? With the popularity of the blockchain, I believe that non-IT people have also heard of the term “timestamp”. Every block of data on the blockchain has timestamp signature data to ensure that the generation time of this block data is trusted and cannot be tampered with. In layman's term, timestamp is electronic postmark, e-postmark, digital postmark, and its function is equivalent to postmark. In this way, to explain timestamp in blockchain, I guess those who originally didn't understand blockchain timestamp should fully understand.

More professionally, timestamp is the digitally signed data generated using digital signature technology. The object of the signature includes the original file information, signature parameters, signature time and other information. The timestamping system is used to generate and manage timestamp data, and digitally sign the object using timestamping certificate to generate timestamp data to prove that the original file has existed before the signing time.

The earlier timestamp application should be the code signing of Windows software. I believe some readers still remember that IE browser often pops up a warning that a certain plugin (ActiveX Control) is blocked because the plugin does not have a digital signature. This type of plugin requires a timestamp when digitally signed to ensure that the plugin's digital signature is valid for a long time, even if the code signing certificate has expired. Another timestamp application that has been widely used is electronic contract signing, which must have a timestamp signature to prove that the time of contract signing is trusted. This is a digital signature and timestamp application for PDF documents launched by Adobe. It is used for proving the identity of the publisher of the PDF document is trusted and the time when the document is signed is trusted.

The above two commonly used digital signature applications have attached timestamp signature to prove that the time of the digital signature is trusted. Let us return to email. The S/MIME standard enables email data to be digitally signed, but unfortunately, the design of this standard did not introduce the application of timestamp signature, so that even email has digital signatures, but no timestamp is used to prove the authenticity of the email sent time.

When MeSign Technology is developing automatic email encryption and digital signature, it uses timestamp signature technology innovatively. When MeSign App completes digital signature of email, it will automatically connect to MeSign Cloud Timestamping Service to obtain timestamp signature data and attach this timestamp signature data to the email digital signature in accordance with the MeSign enterprise standard format, so as to ensure that the sent time of each email sent by MeSign App is trusted, cannot be tampered with and non-repudiation. In this way, the email sent time of the digitally signed email sent by MeSign App can be used in all application scenarios that need to prove the email sent time. This email timestamp information can be used for legal evidence, has legal effect, and can be used in the legal proceedings related to email sent time.

Let’s show everyone the MeSign email timestamp. The picture below shows the timestamp information displayed by MeSign App after receiving a digital signatures and encrypted email. It displays "Sent time: 2020-05-26 14:24:08, this time is from MeSign timestamp". This time may not be the same as the time displayed in the first line, because the time in the first line comes from the mail server.

MeSign App

MeSign Technology not only adopts the international standard RFC3161 to realize the email timestamp service, but also innovatively adds some technical protection measures in the timestamp signature to prevent the restamp timestamp from overwriting the original timestamp, effectively ensure that the email timestamp data cannot be replaced, and truly ensure the authenticity and non-repudiation of the email sent time.

Just like postal mail must be postmarked, sending email should also be postmarked. Only MeSign Technology can do it in the world! MeSign Technology will actively promote the revision and improvement of international standards, to realize the early realization of standards of email digital signature with timestamp, so that email timestamp service will become a standardized popular service to benefit mankind.

MeSign Timestamping Service is not only used for email timestamping, but also for MeSign document signature timestamping. It can also be used for other applications that require timestamp, such as blockchain, copyright protection, electronic forensics, document curing, etc. MeSign cloud timestamping service has been freely open to Adobe Reader users for document digital signature timestamping, Adobe global trusted, welcome to use and enjoy it.

Click here to download this blog post (PDF format with digital signature and timestamp)