I’m about to embark on a project that requires timestamping files for potentially presenting them in court. There are many timestamping services out there, they all basically do the same, and implementing their services is usually trivial.
My hypothetical situation is this:
I chose a service, use it for some time and then they go out of business. At this point I have a bunch of timestamps that I can validate because I have their public key. If I need to present these files in court, how can I prove that it was the third party company the one who timestamped them? The company does not exist, and their website is down. The public key may still exist in web.archive.org or some Google cache but then again, it may not.
In this case, does the timestamp validity strictly depend on the TSA’s existence or is there another way that I could switch timestamping providers and my old timestamped files would still be valid?