Hello there!
I am trying to understand the use of a digital signature and I somehow fail. In my mind, if I digitally sign a PDF, it means I certify that I read and agreed with the contents of the PDF. To me, this implies that once the PDF is modified in any way, my signature would become invalid. What I find out, however, is something different.
I created a signature and signed a PDF. It asked me where to save the new, signed document and now my signature shows as valid. I can, however, modify the document however I want, and the signature still shows as valid. Am I doing something wrong? Is PDF XChange Pro 2.0.42.7 misbehaving? Is there some feature which is not yet implemented?
Thank you!
Digital signatures
Moderators: PDF-XChange Support, Daniel - PDF-XChange, Chris - PDF-XChange, Sean - PDF-XChange, Paul - PDF-XChange, Vasyl - PDF-XChange, Ivan - Tracker Software, Stefan - PDF-XChange
-
Ivan - Tracker Software
- Site Admin
- Posts: 3603
- Joined: Thu Jul 08, 2004 10:36 pm
Re: Digital signatures
Will fix it in the next build.
PDF-XChange Co Ltd. (Project Director)
When attaching files to any message - please ensure they are archived and posted as a .ZIP, .RAR or .7z format - or they will not be posted - thanks.
When attaching files to any message - please ensure they are archived and posted as a .ZIP, .RAR or .7z format - or they will not be posted - thanks.
-
fortune99
- User
- Posts: 1
- Joined: Fri Sep 03, 2004 12:32 pm
Re: Digital signatures
Hello,
I have been using for several years a registered PDF-XChange PRO to my full satisfaction (have as now latest version on Vista32).
However, after I sign (obtaining a valid signature), when content is changed, signature still shows as valid; unfortunately, I am unable to check what document was at the time of signature nor to “freeze” PDF permissions to prevent any changes after signature (disabling permissions option do not “stick”) nor to sign if PDF has security on (apparently all or some undetermined permissions need to be allowed or else signing option in PDF viewer, for instance, is grayed out); nor to sign if save mode is “full save” instead of “incremental” in PDFtools.
Basically, would expect that setting in a document all permissions not allowed except “allow signing” would suffice to be able to sign document and to prevent any further changes (or else changes to make signature display as invalid).
Instead of giving an exhaustive listing of all trials combinations, maybe someone knows, basically:
What are the min. set of allowed permissions in document properties security (i.e. “changing the document”, etc.) so signing is possible?
If changing permissions after signing turns out to be part of the solution, what are the maximum set of not allowed permissions in documents properties security so signing remains valid and user cannot change PDF content after it has been signed?
Pls. note I have exact same problem with stand-alone open source apps Sinadura
http://www.sinadura.net/inicio
As a side note, after clicking on a signature in a PDF document, popup window opened to show certificate validity and details is very similar to the Xtracker one; don’t know if it uses some Xtracker or Windows “service” or component to explain such a graphic similarity.
I guess another useful approach would be for someone to upload a PDF with valid signature having the toughest security (ideally no changes allowed, etc.) so could have close look at its properties.
Thank you in advance for your help.
I have been using for several years a registered PDF-XChange PRO to my full satisfaction (have as now latest version on Vista32).
However, after I sign (obtaining a valid signature), when content is changed, signature still shows as valid; unfortunately, I am unable to check what document was at the time of signature nor to “freeze” PDF permissions to prevent any changes after signature (disabling permissions option do not “stick”) nor to sign if PDF has security on (apparently all or some undetermined permissions need to be allowed or else signing option in PDF viewer, for instance, is grayed out); nor to sign if save mode is “full save” instead of “incremental” in PDFtools.
Basically, would expect that setting in a document all permissions not allowed except “allow signing” would suffice to be able to sign document and to prevent any further changes (or else changes to make signature display as invalid).
Instead of giving an exhaustive listing of all trials combinations, maybe someone knows, basically:
What are the min. set of allowed permissions in document properties security (i.e. “changing the document”, etc.) so signing is possible?
If changing permissions after signing turns out to be part of the solution, what are the maximum set of not allowed permissions in documents properties security so signing remains valid and user cannot change PDF content after it has been signed?
Pls. note I have exact same problem with stand-alone open source apps Sinadura
http://www.sinadura.net/inicio
As a side note, after clicking on a signature in a PDF document, popup window opened to show certificate validity and details is very similar to the Xtracker one; don’t know if it uses some Xtracker or Windows “service” or component to explain such a graphic similarity.
I guess another useful approach would be for someone to upload a PDF with valid signature having the toughest security (ideally no changes allowed, etc.) so could have close look at its properties.
Thank you in advance for your help.