本推荐国际标准将定义支持数字应用所需的TTP服务 用于文档创建的不可否认性的签名。 本推荐国际标准还将定义接口和协议以实现互操作性 在与这些TTP服务相关联的实体之间。 需要技术服务和协议的定义，以便实现TTP服务和相关的 商业应用。 本推荐性国际标准侧重于: ？实施和互操作性； ？服务规范；和 ？技术要求。 本推荐国际标准没有描述TTPs或其他组织的管理， 操作或个人问题。这些主题主要涵盖在ITU-T建议。X.842 ISO/IEC TR 14516，信息 技术？安全技术？可信第三方服务的使用和管理指南。 注1？由于互操作性是本推荐性国际标准的主要问题，以下限制 保持: i)本协议仅涵盖TTP可能向终端实体或另一TTP提供的服务 推荐国际标准。 ii)只有那些可以通过可标准化的数字消息来请求和/或递送的服务 覆盖。 iii)只有那些当时可以就广泛接受的标准化消息达成一致的服务 建议公布的国际标准有详细规定。 当可获得广泛接受的标准化消息时，将在单独的文档中指定进一步的服务。在 特别是，时间戳服务将在单独的文档中定义。 注2？本推荐国际标准中的数据结构和报文将按照 RFC文档、RFC 2510和RFC 2511（用于证书管理服务）以及RFC 2560（用于OCSP服务）。The 证书请求格式还允许与PKCS#10的互操作性。中提到的文件参考见附件C 这张纸条。 注3？存在针对特定环境和应用中的TTP服务的其他标准化工作，如SET或EDIFACT。 这些超出了本推荐国际标准的范围。 注4？本推荐性国际标准定义了服务的技术规范。这些规格是 独立于政策、具体的法律法规和组织模式（例如，它们可能定义职责和 责任由认证机构和注册机构分担）。当然，TTPs提供的政策 本建议国际标准中描述的服务将需要具体说明法律法规和其他 前面提到的方面将由TTP来实现。特别是，策略必须具体说明数字签名的有效性 并确定证书。

This Recommendation | International Standard will define those TTP services needed to support the application of digital signatures for the purpose of non-repudiation of creation of documents. This Recommendation | International Standard will also define interfaces and protocols to enable interoperability between entities associated with these TTP services. Definitions of technical services and protocols are required to allow for the implementation of TTP services and related commercial applications. This Recommendation | International Standard focuses on: ?implementation and interoperability; ?service specifications; and ?technical requirements. This Recommendation | International Standard does not describe the management of TTPs or other organizational, operational or personal issues. Those topics are mainly covered in ITU-T Rec. X.842 | ISO/IEC TR 14516, Information technology?Security techniques?Guidelines on the use and management of Trusted Third Party services. NOTE 1?Because interoperability is the main issue of this Recommendation | International Standard, the following restrictions hold: i) Only those services which may be offered by a TTP, either to end entities or to another TTP, are covered in this Recommendation | International Standard. ii) Only those services which may be requested and/or delivered by means of standardizable digital messages are covered. iii) Only those services for which widely acceptable standardized messages can be agreed upon at the time this Recommendation | International Standard is published are specified in detail. Further services will be specified in separate documents when widely acceptable standardized messages are available for them. In particular, time stamping services will be defined in a separate document. NOTE 2?The data structures and messages in this Recommendation | International Standard will be specified in accordance to RFC documents, RFC 2510 and RFC 2511 (for certificate management services) and to RFC 2560 (for OCSP services). The certificate request format also allows interoperability with PKCS#10. See Annex C for references to the documents mentioned in this Note. NOTE 3?Other standardization efforts for TTP services in specific environments and applications, like SET or EDIFACT, exist. These are outside of the scope of this Recommendation | International Standard. NOTE 4?This Recommendation | International Standard defines technical specifications for services. These specifications are independent of policies, specific legal regulations, and organizational models (which, for example, might define how duties and responsibilities are shared between Certification Authorities and Registration Authorities). Of course, the policy of TTPs offering the services described in this Recommendation | International Standard will need to specify how legal regulations and the other aspects mentioned before will be fulfilled by the TTP. In particular, the policy has to specify how the validity of digital signatures and certificates is determined.