Linux Foundation Wiki

project collaboration site

User Tools

Site Tools


<< Public Timestamp


REST Interface

All requests are made via HTTP GET or POST parameters, and the server always answers with XML

All requests to the server contain

  • version=1
  • This is the interface-version, let's start with one here
  • pt=xyz
  • This is the command that we want to execute at the server. If several commands need to be executed with one request, then just chain those pt=xyz&pt=abc.
  • pre=myprefix
  • This are the prefixes to all command-parameters that I wanna use for this request. If there are e.g. 3 commands issued at once, than there also need to be 3 different pre parameters.
  • Example-Request

<a href=“” class=“external free” title=“” rel=“nofollow”></a>

or with 2 commands in one request:

<a href=“” class=“external free” title=“” rel=“nofollow”></a>

All answers from the server contain

  • publictimestamp
  • our root xml tag, enclosing the complete xml-answer
  • pt
  • each executed command creates its own command sub-tree. Depending on the command itself, this contains all the response for this one.
  • command-name
  • repeats the executed command in the answer. this is a child within command
  • params
  • a child within each command-subtree repeats the request for this command incl. all parameters
  • params-prefix
  • the used prefix for this command
  • return-value
  • the return-code
  • return-description
  • the return-code description
  • return
  • enclosing the command-specific xml-answer
  • <?xml version=“1.0” encoding=“ISO-8859-1”?>
  • the encoding
  • <?xml-stylesheet type=“text/xsl” href=“transform.xsl”?>
  • the XSLT link, enabling browsers to make a website out of this xml
  • version
  • the version-number of the interface that created the response
  • latest-version
  • the latest available interface-version
  • too-old-version
  • this version is too old and should be upgraded as soon as possible (mostly due to security reasons)
  • timestamps-total
  • quick statistics for total number of timestamps
  • timestamps-today
  • quick statistics for number of today's new timestamps

return values

  • 0
  • OK
  • 1
  • invalid or missing parameters
  • 2
  • unknown command

XML Blocks

All XML-Answers are combinations of these xml-blocks

basic structure

<?xml version="1.0" encoding="ISO-8859-1"?>
<?xml-stylesheet type="text/xsl" href="transform.xsl"?>


      .. command specific part
      .. all detected parameters



        <tstamp>2007-04-12 15:00:03</tstamp>


        <fcs32>FB109ADE	2157</fcs32>
        <cksum>72C52F1D	2157</cksum>
        <adler32>79510CB3	2157</adler32>
        <crc32mpeg2>D69E012F	2157</crc32mpeg2>
        <crc16>D35A	2157</crc16>
        <crc64>7E41CDE62147393D	2157</crc64>
        <elf32>02CF71DA	2157</elf32>
        <fcs16>7EC8	2157</fcs16>
        <sum32>00020C94	2157</sum32>


        <document_title>Public Timestamp Block 68</document_title>
  • documenttype
  • 1 = source code
  • 2 = object code (executable)
  • 3 = text (website, text document, open office file)



Allows to search for ptid_info entries.

  • pt=search_ptid_info
  • name of this command
  • offset=0
  • optional, skips the first # of results
  • count=10
  • optional, sets the max number of returned results

Just use whatever you want to search for:

  • ptid
  • document_title
  • homepage
  • project_name
  • url
  • filename
  • documenttype
  • reported
  • info_show
  • boolean=and
  • default is and, can be 'and', 'or', 'xor', 'nand', etc.


Allows to search for ptid_info entries by hash-value or filesize.

  • pt=search_ptid_hash
  • name of this command
  • algorithm
  • name of hash-algorithm to compare for. special case: 'filesize'
  • one of
 'sum32', 'fcs16', 'elf32', 'md2sum', 'md4sum', 'crc64',
 'whirlpool', 'ripemd128', 'ripemd160', 'crc16', 'haval',
 'tiger', 'sha512', 'sha384', 'sha256', 'crc32mpeg2',
 'adler32', 'cksum', 'md5sum', 'fcs32', 'sha160', 'sha0',
 'sha224', 'tiger128', 'tiger160', 'tiger2', 'whirlpool0',
 'whirlpool2', 'ripemd256', 'ripemd320')
  • hashvalue
  • the hash-value to search (must be at least 5 chars long, only hex-numbers allowed)

This function returns ptid_info blocks, even if it compares the values in the ptid table. This is because this seems to be the more convenient way to use this.


Allows to search for one exact ptid

  • pt=search_ptid
  • name of this command
  • ptid
  • the ptid

returns the ptid info incl. all hash-values, the corresponding ptid_info blocks as well as the ptb info

search response

     .. list of used parameters
      .. list of ptid_info blocks


Returns details to one specific timestamp.


Returns details to one specific PTB


Special command to easy optain latest PTB


  • ptb
  • ptid of latest ptb
  • ptid_info of latest ptb


Allows a user to submit new Hash-Values and Meta-Information. This is the command to actually timestamp a file.


  • meta-information as required for ptid_info
  • hash-values as required for ptid


To make this service as reliable as possible, several precautions should be addressed. This section defines some addresses, to make this goal at least as easy as possible.


OK, the web-site itself is not one of the things I would consider as important for high availability.

REST Interface

Jupp, this is important, as we don't want to distract people that actually try to upload the hashes of a file! We also don't want to have any problems with automated timestamping (as e.g. by

Well defined interface address

Well defined interface address, but slightly different for each version - this is for version 1.0, other version-numbers work accordingly


For testing purposes, there should be a well-defined testing-interface. It should also have a database backend (but which might e.g. be deleted once a day) to fully try and test all features of this service without being able to damage anything or to bloat the nice and shiny timestamp-database :)


Server redundancy

Actually this is not so easy, as we need a single incremental id for each timestamp. So what can we do? → We will run a second server, that receives hash-values just like the real server does, but which only queues those until the real server is restored. Then all queued items will be send by this server, transparent to the original sender. - this should be a completely different IP-Address, on some server somewhere else in the world which does above job :)

<< Public Timestamp

osapa/pt_interface.txt · Last modified: 2016/07/19 01:22 (external edit)