from https://sectigo.com/resource-library...tamping-server :

"RFC 3161 time stamping is used by SignTool (using the "/tr" parameter) and other applications (such as jarsigner). Our time stamping server automatically selects the appropriate signature algorithm (RSA/SHA-256, RSA/SHA-384, or RSA/SHA-512) with which to sign each time-stamp, based on the hash algorithm you specify (e.g., via SignTool's "/td" parameter)."

I ask because it sounds like a better, more future-proof alternative to the 2nd description on that page, which says this:

"Authenticode time stamping is used by older versions of SignTool (using the "/t" parameter) and SignCode. Due to this protocol's design, it is not possible for our time stamping server to automatically select the appropriate signature algorithm. We currently use RSA/SHA-384 by default. However, you may request a different signature algorithm by appending "?td=<hash_algorithm>" to the URL. e.g., http://timestamp.sectigo.com?td=sha256."

Mark