Sorry, yes I agree that we should use the same protocol.
Unless it is already there and I have missed it, I suggest that we should
add that there is a protocol to obtain a time-stamp token (and verify
time-stamp token ???), and that this requirement may be met using the
signing request / response.
I agree, though at least Ed disagrees, let's see what anyone else says.
I also missed the words hidden in 3.1.2:
"We will also define an XML Timestamp Token format, which will be similar to
an RFC 3161 TimeStampToken, and can be used for time-stamping XML-DSIG
signatures. We will leave this format extensible to support linking schemes
in the future."
I suggest that is made more prominent by putting a new sub-heading
"3.1.3 Time-stamp token"
Finally, I would also perhaps suggest that the XML time-stamping can be
provided through a profile of DSS, and so that we add to 3.10.2:
- Time-stamping service profile.
I'll change "XML Time-Stamp Binding" to "XML Time-Stamp Binding and
Profile", and in general change 3.10 to talk not just about "Signature
Profiles" but "Protocol Profiles" as well, since these have played an
increasing role in our discussions.