Tim Bouma on Nostr: I finally figured out why applying digital signature to PDFs is so damned annoying. ...
I finally figured out why applying digital signature to PDFs is so damned annoying.
The reason is that you need to associate a certificate with every digital signature. You can create your own self-signed certificate to do the signing, but the verification process ‘fails’ because the certificate is not ‘trusted’ by a certificate authority.
Of course, all the vendors like this approach as being more ‘secure’ but you as a user are forced by the app to use ‘trusted certificate authorities’. There is flexibility, but the decision for a user to independently verify the public key of the certificate is not an option provided by the app.
There are ways around this, though. I figured out a way to extract the public key, so I can build my own trust verification process.
More to come…
#hackpdfsignatures.
The reason is that you need to associate a certificate with every digital signature. You can create your own self-signed certificate to do the signing, but the verification process ‘fails’ because the certificate is not ‘trusted’ by a certificate authority.
Of course, all the vendors like this approach as being more ‘secure’ but you as a user are forced by the app to use ‘trusted certificate authorities’. There is flexibility, but the decision for a user to independently verify the public key of the certificate is not an option provided by the app.
There are ways around this, though. I figured out a way to extract the public key, so I can build my own trust verification process.
More to come…
#hackpdfsignatures.