OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

office message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [office] Digital Signature proposal

2008/7/30 Duane Nickull <dnickull@adobe.com>:
> Dave:
> The PDF archive format can preserve a block of bytes representing the
> original document plus the signature dictionary which contains information
> about the hashing algorithm, the key and signature values in a manner that
> they can be preserved and tested in the future.  The exact mechanism is very
> complex and includes callback to test as the file is being written out to
> disk to ensure no tampering occurred between the time it was signed and the
> persistence to disk as well as other safeguards.

Comlex = fragile? Sounds an unwarranted risk if the document is important.
Especially over a long time.
You'd also need the inverse program to extract it - same as archiving
any application for a long period. Very risky.

> The PDF itself could be signed again thus making two certification events
> per document.

That's more logical.

A signed xml file
A signed pdf document (Again very risky again over a projected long period)

I'd bet on reading the XML into the future.
The PDF? I wouldn't put money on it.

> Multiple signatures on a document have extra complexity

Too much risk for important content?
KISS principle rules for sensible archivists :-)


Dave Pawson

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]