Add more validations for timestamp response

[priteshbandi]

We do need to add more validation for timestamp response to avoid MitM, replay, etc. attacks and also to be a compliant client. The validations are more from timestamp security and correctness perspective. If the timestamp signature is bad then it is of no use for users.

Haven't gone through complete rfc3161 but here are some notable mentions:

• MitM and replay attack: https://datatracker.ietf.org/doc/html/rfc3161#section-4 point 4 and 5
• Policy: https://datatracker.ietf.org/doc/html/rfc3161#section-2.2
• nonce https://datatracker.ietf.org/doc/html/rfc3161#section-2.4.1
• PKIStatus,PKIFailureInfo https://datatracker.ietf.org/doc/html/rfc3161#section-2.4.2

Originally posted by @priteshbandi in #11 (comment)

[iamsamirzon]

@shizhMSFT - could you consider this as part of the timestamping work your were looking at?
cc: @dtzar

[dtzar]

IMO it makes sense for one engineer to own/drive all the items related to this space. See the linked roadmap item 59. I don't think this is owned by @shizhMSFT at this time. Perhaps @priteshbandi since you've been most involved and recently with this code and all three of these issues have been created by you?

[vaninrao10]

As per the meeting note on sep, 19th "https://hackmd.io/_vrqBGAOSUC_VWvFzWruZw?view#Sep-19-2022 " this will be moved to RC-2 similar to notaryproject/roadmap#59

[priteshbandi]

Removing RC2 milestone as its been tracked in parent issue notaryproject/roadmap#59

[github-actions]

This issue is stale because it has been opened for 60 days with no activity. Remove stale label or comment. Otherwise, it will be closed in 30 days.

[github-actions]

Issue closed due to no activity in the past 30 days.