Validity of Timestamp in ResponseHeader|OPC UA Standard|Forum|OPC Foundation

Avatar
Search
Forum Scope


Match



Forum Options



Minimum search word length is 3 characters - maximum search word length is 84 characters
Lost password?
sp_Feed sp_PrintTopic sp_TopicIcon
Validity of Timestamp in ResponseHeader
Avatar
Graham Bloice
New Member
Members
Forum Posts: 2
Member Since:
04/16/2015
sp_UserOfflineSmall Offline
1
01/06/2022 - 03:41
sp_Permalink sp_Print

A customer is using our OPC UA client and attempting to connect to a server that’s setting the timestamp value in the ResponseHeader of the OpenSecureChannelResponse to 0.  Is this server compliant with the standard?

Our OPC UA client checks the validity of the timestamp in the ResponseHeader and expects it to be within 5 minutes of the clients time.  This is based on our interpretation of the specification in particular:

Part 2, 5.1.4, Message spoofing, “… Messages will always contain a valid …, Timestamp”.

Part 2, 5.1.6, Message replay, “OPC UA uses …, Timestamps”.

Part 4, 7.34, ResponseHeader, the description for the timestamp field is “The time the server sent the response”.

Part 6, 6.3 Time synchronization, “All SecurityProtocols require that system clocks on communicating machines be reasonably synchronized”.  The previous version (1.0.4) noted a suitable tolerance for clock differences would be 5 minutes.

Looking at the reference client I don’t see any checks of the timestamp in the response header.

Avatar
Randy Armstrong
Admin
Forum Posts: 1579
Member Since:
05/30/2017
sp_UserOnlineSmall Online
2
01/06/2022 - 07:50
sp_Permalink sp_Print

The timestamp is supposed to be set to the computer clock, however, we removed the requirement to check because it was causing too many IOP problems with embedded devices that have clocks that get reset on reboot or are generally not accurate.

The message replay problem does not exist when messages are sent over an authenticated channel so the check is redundant in the majority of cases.

Avatar
Graham Bloice
New Member
Members
Forum Posts: 2
Member Since:
04/16/2015
sp_UserOfflineSmall Offline
3
01/06/2022 - 09:39
sp_Permalink sp_Print

Thanks for the response, are there any plans to amend the specifications in light of this decision, i.e. that the timestamp isn’t checked and may be a random value?

Avatar
Randy Armstrong
Admin
Forum Posts: 1579
Member Since:
05/30/2017
sp_UserOnlineSmall Online
4
01/06/2022 - 15:55
sp_Permalink sp_Print
Forum Timezone: America/Phoenix
Most Users Ever Online: 510
Currently Online: Randy Armstrong
Guest(s) 52
Currently Browsing this Page:
1 Guest(s)
Top Posters:
Forum Stats:
Groups: 2
Forums: 10
Topics: 1445
Posts: 4889