Hi, I'm trying to sign PDF file by Java (code below). If I uderstand the principle well, signing means writing some information to PDF and
from then on it doesn't matter, if I have some certficate installed or not.
The mystery is that I on my PC see the sign as invalid, : "Selected certificate has error: Invalid principle restriction" (roughly translated)
whereas all my colleagues from our company see it as valid. Very strange.
One thing that can be confusing about "PDF signatures" is that a Google search will turn up as many, if not more hits on how to stamp a handwritten signature image into a PDF as it does on digitally signed documents. Which is what we want here.
Digital signing is not the same as encryption although similar mechanisms are involved, You can sign a document and still have it perfectly readable by everyone. The signature is simply a certification that the document that they are reading has not been tampered with.
To digitally sign (and/or encrypt) a PDF, you must have a standard 2-part public/private key mechanism. The private key is used to sign, the public key is used to confirm (and/or decrypt). However, you cannot operate self-contained. To make the mechanism work, you have to have a certified public key. Otherwise I could take a PDF, change it, sign it myself and give you my bogus key and it would look legitimate, even though it wasn't. So just as with webapp servers, the decryption key must be certified via a "chain of trust". Meaning that the public cert has to be blessed by a certificate issuer who in turn is blessed perhaps by another certificate issuer all the way up until you get to one of the master certs that are built into the reader system.
So while the recipient doesn't have to have an explicit key in hand, they do have to have something that will vouch for the cert in the PDF itself.
Adobe Reader contains a set of master certs. Linux PDF readers may use the poppler library which references the OS master certs directory (/etc/pki). Java also comes with certs builr in.
Sources may include data from the Fakebook Research Foundation with support from Gargle University
You showed up just in time for the waffles! And this tiny ad:
Building a Better World in your Backyard by Paul Wheaton and Shawn Klassen-Koop