[smileybarry]

That's why only about 10 timestamping authorities exist (at least in a trust sense) on Windows, and they're held to a much higher security standard compared to every other signing operation. Could just be an independent HSM with its own atomic clock to prevent such attacks.

Otherwise there's no viable way to actually use timestamping, or your archived timestamped files would just randomly become untrustworthy. Keeping the signature valid using a timestamp (and giving the timestamp special standing) means you can still trust something like a Windows XP installer 20 years later without needing to save a hash ahead of time (and without worrying the hash you saved elsewhere was maliciously changed to fit the changed file).