Enviar búsqueda
Cargar
Digital Signatures in PDF: how it's done
•
Descargar como PPTX, PDF
•
0 recomendaciones
•
1,125 vistas
Bruno Lowagie
Seguir
Information on how to create digital signatures in PDF.
Leer menos
Leer más
Tecnología
Denunciar
Compartir
Denunciar
Compartir
1 de 52
Descargar ahora
Recomendados
OpenID for Verifiable Credentials
OpenID for Verifiable Credentials
Torsten Lodderstedt
Workshop-Demo Breakdown.pptx
Workshop-Demo Breakdown.pptx
FIDO Alliance
Digital signature
Digital signature
Digvijay Singh Karakoti
Peer DIDs: a secure and scalable method for DIDs that’s entirely off-ledger –...
Peer DIDs: a secure and scalable method for DIDs that’s entirely off-ledger –...
SSIMeetup
Electrocution
Electrocution
PMAS Arid Agriculture Univsersity Rawalpindi
OpenID for SSI
OpenID for SSI
Torsten Lodderstedt
Final project submission assignment
Final project submission assignment
Modupe Sarratt
History of pen
History of pen
Dhanasekardhamotharan
Recomendados
OpenID for Verifiable Credentials
OpenID for Verifiable Credentials
Torsten Lodderstedt
Workshop-Demo Breakdown.pptx
Workshop-Demo Breakdown.pptx
FIDO Alliance
Digital signature
Digital signature
Digvijay Singh Karakoti
Peer DIDs: a secure and scalable method for DIDs that’s entirely off-ledger –...
Peer DIDs: a secure and scalable method for DIDs that’s entirely off-ledger –...
SSIMeetup
Electrocution
Electrocution
PMAS Arid Agriculture Univsersity Rawalpindi
OpenID for SSI
OpenID for SSI
Torsten Lodderstedt
Final project submission assignment
Final project submission assignment
Modupe Sarratt
History of pen
History of pen
Dhanasekardhamotharan
Questioned Document.pptx
Questioned Document.pptx
Bhupeshkumar Nanhe
SSL/TLS Handshake
SSL/TLS Handshake
Arpit Agarwal
Ssl (Secure Sockets Layer)
Ssl (Secure Sockets Layer)
Asad Ali
Digital Signature
Digital Signature
saurav5884
OpenID for Verifiable Credentials @ IIW 36
OpenID for Verifiable Credentials @ IIW 36
Torsten Lodderstedt
Introduction to TLS-1.3
Introduction to TLS-1.3
Vedant Jain
Document Examination
Document Examination
annperry09
secure socket layer
secure socket layer
Amar Shah
Digital signature & certificate
Digital signature & certificate
NetGains Technologies Pvt. Ltd.
FIDO Authentication: Unphishable MFA for All
FIDO Authentication: Unphishable MFA for All
FIDO Alliance
SSL
SSL
theekuchi
Decipherment of indented writting
Decipherment of indented writting
ShanmukhaValli3
DETERMINATION OF RACE FROM HUMAN REMAINS.pptx Dr. Haricharan MD RIMS Im...
DETERMINATION OF RACE FROM HUMAN REMAINS.pptx Dr. Haricharan MD RIMS Im...
Dr. A. Haricharan Comrade
Certification authority
Certification authority
proser tech
OpenID 4 Verifiable Credentials + HAIP (Update)
OpenID 4 Verifiable Credentials + HAIP (Update)
Torsten Lodderstedt
Microsoft's Implementation Roadmap for FIDO2
Microsoft's Implementation Roadmap for FIDO2
FIDO Alliance
Strong Customer Authentication & Biometrics
Strong Customer Authentication & Biometrics
FIDO Alliance
07 distance learning standards-common cartridge
07 distance learning standards-common cartridge
宥均 林
CAS, OpenID, Shibboleth, SAML : concepts, différences et exemples
CAS, OpenID, Shibboleth, SAML : concepts, différences et exemples
Clément OUDOT
OpenID Connect 4 SSI
OpenID Connect 4 SSI
Torsten Lodderstedt
Four failures and one hit
Four failures and one hit
Bruno Lowagie
A Hippopotamus for Christmas
A Hippopotamus for Christmas
Bruno Lowagie
Más contenido relacionado
La actualidad más candente
Questioned Document.pptx
Questioned Document.pptx
Bhupeshkumar Nanhe
SSL/TLS Handshake
SSL/TLS Handshake
Arpit Agarwal
Ssl (Secure Sockets Layer)
Ssl (Secure Sockets Layer)
Asad Ali
Digital Signature
Digital Signature
saurav5884
OpenID for Verifiable Credentials @ IIW 36
OpenID for Verifiable Credentials @ IIW 36
Torsten Lodderstedt
Introduction to TLS-1.3
Introduction to TLS-1.3
Vedant Jain
Document Examination
Document Examination
annperry09
secure socket layer
secure socket layer
Amar Shah
Digital signature & certificate
Digital signature & certificate
NetGains Technologies Pvt. Ltd.
FIDO Authentication: Unphishable MFA for All
FIDO Authentication: Unphishable MFA for All
FIDO Alliance
SSL
SSL
theekuchi
Decipherment of indented writting
Decipherment of indented writting
ShanmukhaValli3
DETERMINATION OF RACE FROM HUMAN REMAINS.pptx Dr. Haricharan MD RIMS Im...
DETERMINATION OF RACE FROM HUMAN REMAINS.pptx Dr. Haricharan MD RIMS Im...
Dr. A. Haricharan Comrade
Certification authority
Certification authority
proser tech
OpenID 4 Verifiable Credentials + HAIP (Update)
OpenID 4 Verifiable Credentials + HAIP (Update)
Torsten Lodderstedt
Microsoft's Implementation Roadmap for FIDO2
Microsoft's Implementation Roadmap for FIDO2
FIDO Alliance
Strong Customer Authentication & Biometrics
Strong Customer Authentication & Biometrics
FIDO Alliance
07 distance learning standards-common cartridge
07 distance learning standards-common cartridge
宥均 林
CAS, OpenID, Shibboleth, SAML : concepts, différences et exemples
CAS, OpenID, Shibboleth, SAML : concepts, différences et exemples
Clément OUDOT
OpenID Connect 4 SSI
OpenID Connect 4 SSI
Torsten Lodderstedt
La actualidad más candente
(20)
Questioned Document.pptx
Questioned Document.pptx
SSL/TLS Handshake
SSL/TLS Handshake
Ssl (Secure Sockets Layer)
Ssl (Secure Sockets Layer)
Digital Signature
Digital Signature
OpenID for Verifiable Credentials @ IIW 36
OpenID for Verifiable Credentials @ IIW 36
Introduction to TLS-1.3
Introduction to TLS-1.3
Document Examination
Document Examination
secure socket layer
secure socket layer
Digital signature & certificate
Digital signature & certificate
FIDO Authentication: Unphishable MFA for All
FIDO Authentication: Unphishable MFA for All
SSL
SSL
Decipherment of indented writting
Decipherment of indented writting
DETERMINATION OF RACE FROM HUMAN REMAINS.pptx Dr. Haricharan MD RIMS Im...
DETERMINATION OF RACE FROM HUMAN REMAINS.pptx Dr. Haricharan MD RIMS Im...
Certification authority
Certification authority
OpenID 4 Verifiable Credentials + HAIP (Update)
OpenID 4 Verifiable Credentials + HAIP (Update)
Microsoft's Implementation Roadmap for FIDO2
Microsoft's Implementation Roadmap for FIDO2
Strong Customer Authentication & Biometrics
Strong Customer Authentication & Biometrics
07 distance learning standards-common cartridge
07 distance learning standards-common cartridge
CAS, OpenID, Shibboleth, SAML : concepts, différences et exemples
CAS, OpenID, Shibboleth, SAML : concepts, différences et exemples
OpenID Connect 4 SSI
OpenID Connect 4 SSI
Destacado
Four failures and one hit
Four failures and one hit
Bruno Lowagie
A Hippopotamus for Christmas
A Hippopotamus for Christmas
Bruno Lowagie
ZUGFeRD: an overview
ZUGFeRD: an overview
iText Group nv
Startup Legal and IP
Startup Legal and IP
Bruno Lowagie
Digital Signatures: how it's done in PDF
Digital Signatures: how it's done in PDF
iText Group nv
Doing business in the US: Yes, You Can!
Doing business in the US: Yes, You Can!
Bruno Lowagie
Destacado
(6)
Four failures and one hit
Four failures and one hit
A Hippopotamus for Christmas
A Hippopotamus for Christmas
ZUGFeRD: an overview
ZUGFeRD: an overview
Startup Legal and IP
Startup Legal and IP
Digital Signatures: how it's done in PDF
Digital Signatures: how it's done in PDF
Doing business in the US: Yes, You Can!
Doing business in the US: Yes, You Can!
Similar a Digital Signatures in PDF: how it's done
ETDA Conference - Digital signatures: how it's done in PDF
ETDA Conference - Digital signatures: how it's done in PDF
iText Group nv
Document Processing Made Better - Hadi Harb, Apryse
Document Processing Made Better - Hadi Harb, Apryse
DigiMarCon - Digital Marketing, Media and Advertising Conferences & Exhibitions
Digital Signatures: how it's done in PDF
Digital Signatures: how it's done in PDF
iText Group nv
ECM & Digital Signature
ECM & Digital Signature
Leonardo da Silva
Digital Signatures in the Cloud: A B2C Case Study
Digital Signatures in the Cloud: A B2C Case Study
iText Group nv
IOTprotocols and overview (SSI)
IOTprotocols and overview (SSI)
Dania Rashid
[Lithuania] DigiCerts and DigiID to Enterprise apps
[Lithuania] DigiCerts and DigiID to Enterprise apps
OWASP EEE
Owasp digi ms_v1_
Owasp digi ms_v1_
Aurelijus Stanislovaitis
Digital leadership event ipt und swisscom 28.10.2015
Digital leadership event ipt und swisscom 28.10.2015
Noemi Haag
IANAL: what developers should know about IP and Legal
IANAL: what developers should know about IP and Legal
iText Group nv
BeingSign blockchain-based online signing system|Introduction
BeingSign blockchain-based online signing system|Introduction
BeingSign|區塊鏈線上簽署系統
FIDO, Strong Authentication and elD in Germany
FIDO, Strong Authentication and elD in Germany
FIDO Alliance
GBM Digital Hub
GBM Digital Hub
shokr.ahmed
Xybermotive introduction (en) 092014
Xybermotive introduction (en) 092014
Hans-Chr. Brockmann
Cloud signature chatbot
Cloud signature chatbot
Paolo Montrasio
V3.1.Ds Generic Presentation Pptshow [Autosaved]
V3.1.Ds Generic Presentation Pptshow [Autosaved]
Robert Grawet
Cloud signature chatbot
Cloud signature chatbot
Emanuele Cisbani
Docuten Webinar: Get ready for your vacations with the digital signature inte...
Docuten Webinar: Get ready for your vacations with the digital signature inte...
Innova Advanced Consulting
Digital signatur
Digital signatur
Ruwandi Madhunamali
Sinadura Cebit 2012
Sinadura Cebit 2012
zylk net
Similar a Digital Signatures in PDF: how it's done
(20)
ETDA Conference - Digital signatures: how it's done in PDF
ETDA Conference - Digital signatures: how it's done in PDF
Document Processing Made Better - Hadi Harb, Apryse
Document Processing Made Better - Hadi Harb, Apryse
Digital Signatures: how it's done in PDF
Digital Signatures: how it's done in PDF
ECM & Digital Signature
ECM & Digital Signature
Digital Signatures in the Cloud: A B2C Case Study
Digital Signatures in the Cloud: A B2C Case Study
IOTprotocols and overview (SSI)
IOTprotocols and overview (SSI)
[Lithuania] DigiCerts and DigiID to Enterprise apps
[Lithuania] DigiCerts and DigiID to Enterprise apps
Owasp digi ms_v1_
Owasp digi ms_v1_
Digital leadership event ipt und swisscom 28.10.2015
Digital leadership event ipt und swisscom 28.10.2015
IANAL: what developers should know about IP and Legal
IANAL: what developers should know about IP and Legal
BeingSign blockchain-based online signing system|Introduction
BeingSign blockchain-based online signing system|Introduction
FIDO, Strong Authentication and elD in Germany
FIDO, Strong Authentication and elD in Germany
GBM Digital Hub
GBM Digital Hub
Xybermotive introduction (en) 092014
Xybermotive introduction (en) 092014
Cloud signature chatbot
Cloud signature chatbot
V3.1.Ds Generic Presentation Pptshow [Autosaved]
V3.1.Ds Generic Presentation Pptshow [Autosaved]
Cloud signature chatbot
Cloud signature chatbot
Docuten Webinar: Get ready for your vacations with the digital signature inte...
Docuten Webinar: Get ready for your vacations with the digital signature inte...
Digital signatur
Digital signatur
Sinadura Cebit 2012
Sinadura Cebit 2012
Más de Bruno Lowagie
The Dark Magic of Start-Up Valuation
The Dark Magic of Start-Up Valuation
Bruno Lowagie
Open Source Survival: A Story from the Trenches
Open Source Survival: A Story from the Trenches
Bruno Lowagie
Entreprenerd: presenting the book
Entreprenerd: presenting the book
Bruno Lowagie
The Secret of your Success
The Secret of your Success
Bruno Lowagie
Blockchain: use cases for the future
Blockchain: use cases for the future
Bruno Lowagie
Blockchain Fundamentals
Blockchain Fundamentals
Bruno Lowagie
How can large open source projects be monetized?
How can large open source projects be monetized?
Bruno Lowagie
Open source: an introduction to IP and Legal
Open source: an introduction to IP and Legal
Bruno Lowagie
How can large open source projects be monetized?
How can large open source projects be monetized?
Bruno Lowagie
Waarom iText de Leeuw van de Export 2016 moet winnen
Waarom iText de Leeuw van de Export 2016 moet winnen
Bruno Lowagie
Belgium and the US: a mutual introduction
Belgium and the US: a mutual introduction
Bruno Lowagie
Startup Weekend Ghent
Startup Weekend Ghent
Bruno Lowagie
Community Leadership Summit - Calistoga March 2013
Community Leadership Summit - Calistoga March 2013
Bruno Lowagie
Bizcamp #8: The Founder's Dilemmas, Control vs. Wealth decisions
Bizcamp #8: The Founder's Dilemmas, Control vs. Wealth decisions
Bruno Lowagie
Kruispunt Brugsepoortstraat
Kruispunt Brugsepoortstraat
Bruno Lowagie
What's new in PDF 2.0 regarding digital signatures
What's new in PDF 2.0 regarding digital signatures
Bruno Lowagie
GentM #9: Business Angels
GentM #9: Business Angels
Bruno Lowagie
De lijn
De lijn
Bruno Lowagie
Zenika - iText in Action
Zenika - iText in Action
Bruno Lowagie
PDF Digital signatures
PDF Digital signatures
Bruno Lowagie
Más de Bruno Lowagie
(20)
The Dark Magic of Start-Up Valuation
The Dark Magic of Start-Up Valuation
Open Source Survival: A Story from the Trenches
Open Source Survival: A Story from the Trenches
Entreprenerd: presenting the book
Entreprenerd: presenting the book
The Secret of your Success
The Secret of your Success
Blockchain: use cases for the future
Blockchain: use cases for the future
Blockchain Fundamentals
Blockchain Fundamentals
How can large open source projects be monetized?
How can large open source projects be monetized?
Open source: an introduction to IP and Legal
Open source: an introduction to IP and Legal
How can large open source projects be monetized?
How can large open source projects be monetized?
Waarom iText de Leeuw van de Export 2016 moet winnen
Waarom iText de Leeuw van de Export 2016 moet winnen
Belgium and the US: a mutual introduction
Belgium and the US: a mutual introduction
Startup Weekend Ghent
Startup Weekend Ghent
Community Leadership Summit - Calistoga March 2013
Community Leadership Summit - Calistoga March 2013
Bizcamp #8: The Founder's Dilemmas, Control vs. Wealth decisions
Bizcamp #8: The Founder's Dilemmas, Control vs. Wealth decisions
Kruispunt Brugsepoortstraat
Kruispunt Brugsepoortstraat
What's new in PDF 2.0 regarding digital signatures
What's new in PDF 2.0 regarding digital signatures
GentM #9: Business Angels
GentM #9: Business Angels
De lijn
De lijn
Zenika - iText in Action
Zenika - iText in Action
PDF Digital signatures
PDF Digital signatures
Último
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Victor Rentea
presentation ICT roal in 21st century education
presentation ICT roal in 21st century education
jfdjdjcjdnsjd
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Orbitshub
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
apidays
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
Product Anonymous
Architecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
rafiqahmad00786416
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Orbitshub
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
Martijn de Jong
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
Zilliz
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
Overkill Security
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
MIND CTI
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
Zilliz
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Edi Saputra
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
apidays
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdf
Overkill Security
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
apidays
Último
(20)
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
presentation ICT roal in 21st century education
presentation ICT roal in 21st century education
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
Architecting Cloud Native Applications
Architecting Cloud Native Applications
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdf
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Digital Signatures in PDF: how it's done
1.
© 2015, iText
Group NV, iText Software Corp., iText Software BVBA© 2015, iText Group NV, iText Software Corp., iText Software BVBA Digital Signatures: how it’s done in PDF UGent (July 1, 2015)
2.
© 2015, iText
Group NV, iText Software Corp., iText Software BVBA© 2015, iText Group NV, iText Software Corp., iText Software BVBA Agenda • Why do we need digital signatures? • Basic concepts… • … applied to PDF • Architectures: server-side vs. client-side • Digital signatures and document workflow • Long term validation
3.
© 2015, iText
Group NV, iText Software Corp., iText Software BVBA Digital signatures: how it's done in PDF3 Why do we need digital signatures? Integrity Authenticity Non-repudiation
4.
© 2015, iText
Group NV, iText Software Corp., iText Software BVBA Integrity Digital signatures: how it's done in PDF4 I paid a forged invoice and lost 30K€ !
5.
© 2015, iText
Group NV, iText Software Corp., iText Software BVBA Authenticity Digital signatures: how it's done in PDF5 Why am I, Emperor Constantine I, in this picture? I never transferred authority to the Pope!
6.
© 2015, iText
Group NV, iText Software Corp., iText Software BVBA Non-repudiation Digital signatures: how it's done in PDF6 I didn’t do it!
7.
© 2015, iText
Group NV, iText Software Corp., iText Software BVBA Three goals Integrity — we want assurance that the document hasn’t been changed somewhere in the workflow. Authenticity — we want assurance that the author of the document is who we think it is (and not somebody else). Non-repudiation — we want assurance that the author can’t deny his authorship. Digital signatures: how it's done in PDF7
8.
© 2015, iText
Group NV, iText Software Corp., iText Software BVBA Digital signatures: how it's done in PDF8 Basic Concepts… Hashing algorithms Encryption algorithms Certificate Authorities Digital signatures
9.
© 2015, iText
Group NV, iText Software Corp., iText Software BVBA Concept 1: Integrity check using hash Digital signatures: how it's done in PDF9 Document Generate Hash AF1B4C...D34E Secure Server / Website Retrieve Hash AF1B4C...D34E Compare!
10.
© 2015, iText
Group NV, iText Software Corp., iText Software BVBA Concept 1: Hashing Hashing algorithm a cryptographic hash function to turn an arbitrary block of data into a fixed-size bit string. Available algorithms MD5: Ron Rivest (deprecated) SHA: SHA-1: NSA (phased out!) SHA-2: NSA / NIST SHA-3: Keccak (made in Belgium!) RIPEMD: KULeuven Digital signatures: how it's done in PDF10
11.
© 2015, iText
Group NV, iText Software Corp., iText Software BVBA Concept 2: Encryption Assymetric key algorithms Encryption Digital signing Digital signatures: how it's done in PDF11
12.
© 2015, iText
Group NV, iText Software Corp., iText Software BVBA Concept 2: Some name dropping Public Key Cryptography Standards PKCS#1: RSA Cryptography Standard (Rivest, Shamir, Adleman) PKCS#7: Cryptographic Message Standard (CMS) PKCS#11: Cryptographic Token Interface PKCS#12: Personal Information Exchange Syntax Standard PKCS#13: Elliptic Curve Cryptography Standard (ECDSA) Federal Information Processing Standards (FIPS) DSA: Digital Signature Algorithm (DSA) European Telecommunications Standards Institute (ETSI) CMS Advanced Electronic Signatures (CAdES) Digital signatures: how it's done in PDF12
13.
© 2015, iText
Group NV, iText Software Corp., iText Software BVBA Concept 3: Certificate Authorities Digital signatures: how it's done in PDF13
14.
© 2015, iText
Group NV, iText Software Corp., iText Software BVBA Concept 3: example Digital signatures: how it's done in PDF14 Self-signed: Signed by Adobe: Signed by GlobalSign: Signed by GlobalSign
15.
© 2015, iText
Group NV, iText Software Corp., iText Software BVBA Concept 3: example Digital signatures: how it's done in PDF15
16.
© 2015, iText
Group NV, iText Software Corp., iText Software BVBA Concept 3: the green check mark PKCS#12: Personal Information Exchange Syntax Standard public and private key are stored in a file PKCS#11: Cryptographic Token Interface public and private key are stored on a device In the context of PDF: Certified Document Services (CDS): Adobe’s root certificate Adobe Approved Trust List (AATL): Trusted root certificates (since Acrobat 9) Digital signatures: how it's done in PDF16
17.
© 2015, iText
Group NV, iText Software Corp., iText Software BVBA Concept 1 + Concept 2 + Concept 3 Producer Provides data as-is: [A] Provides hash of data, encrypted using private key: [B] Provides public key Consumer Creates hash from data [A]: hash1 Decrypts hash [B] using public key: hash2 If (hash1 == hash2) document OK! Digital signatures: how it's done in PDF17
18.
© 2015, iText
Group NV, iText Software Corp., iText Software BVBA Goals met? Integrity Hashes are identical Authenticity Identity is stored in public key provided by CA A time-stamp can be added Non-repudiation If hash can be decrypted with public key, the document was signed with the corresponding private key Digital signatures: how it's done in PDF18
19.
© 2015, iText
Group NV, iText Software Corp., iText Software BVBA Differences between EU and US In the US, we make a distinction Electronic signatures don’t necessarily involve PKI Digital signatures when a PKI infrastructure is involved In Europe, we speak of electronic signatures As a synonym for digital signatures All laws and regulations take this wording There’s no sharp distinction between electronic and digital signatures (which leads to confusion) I always speak of digital signatures Digital signatures: how it's done in PDF19
20.
© 2015, iText
Group NV, iText Software Corp., iText Software BVBA Digital signatures: how it's done in PDF20 … Applied to PDF ISO 32000-1 ETSI TS 102 778 (PAdES) ISO 32000-2
21.
© 2015, iText
Group NV, iText Software Corp., iText Software BVBA Standards ISO ISO-32000-1 (2008) based on PDF 1.7 (2006) ISO-32000-2 will define PDF 2.0 (2016) ETSI: TS 102 778 (2009 - 2010) PAdES 1: Overview PAdES 2: Basic – CMS based (ISO-32000-1) PAdES 3: Enhanced – CAdES based (ISO-32000-2) PAdES 4: LTV – Long Term Validation PAdES 5: XAdES based (XML content) PAdES 6: Visual representation guidelines ETSI: TS 103 172 (2011 - 2013) PAdES Baseline Profile Digital signatures: how it's done in PDF21
22.
© 2015, iText
Group NV, iText Software Corp., iText Software BVBA Signatures in PDF There are no bytes in the PDF that aren’t covered, other than the PDF signature itself. (*) The digital signature isn’t part of the ByteRange. The concept “to initial a document” doesn’t exist; you sign the complete document at once, not on a page per page basis. (*) Digital signatures: how it's done in PDF22
23.
© 2015, iText
Group NV, iText Software Corp., iText Software BVBA What’s inside a signature? Digital signatures: how it's done in PDF23 ISO-32000-2: At minimum the PKCS#7 object shall include the signer’s X.509 signing certificate. This certificate shall be used to verify the signature value in /Contents. Best practices (“should” also have): • Full certificate chain • Revocation information (CRL / OCSP) • Timestamp %PDF-1.x ... /ByteRange ... /Contents< >... %%EOF DIGITAL SIGNATURE • Signed Message Digest • Certificate chain • Revocation information • Timestamp
24.
© 2015, iText
Group NV, iText Software Corp., iText Software BVBA Digital signatures: how it's done in PDF24 Architectures Server-side signing Client-side signing Deferred signing
25.
© 2015, iText
Group NV, iText Software Corp., iText Software BVBA Server-side signing Digital signatures: how it's done in PDF25 <</Type/Sig/ /Contents < %PDF-1.x ... ... %%EOF >>> Signed Message Digest Application DeviceSERVER
26.
© 2015, iText
Group NV, iText Software Corp., iText Software BVBA Use cases server-side signing Company signature Invoices Contracts … Signing services in the Cloud Docusign Echosign … Security management responsibilities! Digital signatures: how it's done in PDF26
27.
© 2015, iText
Group NV, iText Software Corp., iText Software BVBA Client-side signing Digital signatures: how it's done in PDF27 <</Type/Sig/ /Contents < %PDF-1.x ... ... %%EOF >>> Signed Message Digest ApplicationDevice CLIENT
28.
© 2015, iText
Group NV, iText Software Corp., iText Software BVBA Use cases client-side signing Desktop applications Adobe Acrobat Pro Adobe Reader (for Reader-enabled documents) Home-made, e.g. using iText In a web context The PDF software runs on the client, e.g. using Java Web Start Access to the token or smart card through MSCAPI PKCS#11 Custom smart card library Security User has smart card and PIN or USB token and passphrase Digital signatures: how it's done in PDF28 1 signature / second
29.
© 2015, iText
Group NV, iText Software Corp., iText Software BVBA Deferred signing Digital signatures: how it's done in PDF29 Signed Message Digest AppDevice CLIENT <</Type/Sig/ /Contents < %PDF-1.x ... ... %%EOF >>> Application SERVER
30.
© 2015, iText
Group NV, iText Software Corp., iText Software BVBA Use cases deferred signing Signing on an iPad/Tablet App on the device has a low footprint Easy to integrate into a document management system Example: eaZySign (Zetes) Disadvantage At most 1 signature / second You need to trust the server that the hash you receive is actually the hash of the document you want to sign. ISAE 3000 the standard for assurance over non-financial information. ISAE3000 is issued by the International Federation of Accountants (IFAC). The standard consists of guidelines for the ethical behavior, quality management and performance of an ISAE3000 engagement. Generally ISAE3000 is applied for audits of internal control, sustainability and compliance with laws and regulations. Digital signatures: how it's done in PDF30
31.
© 2015, iText
Group NV, iText Software Corp., iText Software BVBA Digital signatures: how it's done in PDF31 Digital signatures and workflow Author signatures Recipient signatures Locking fields / documents
32.
© 2015, iText
Group NV, iText Software Corp., iText Software BVBA Serial signatures 32 %PDF-1.x % Original document % Additional content 1 ... ... %%EOF DIGITAL SIGNATURE 1 ... %%EOF DIGITAL SIGNATURE 2 % Additional content 2 ... ... %%EOF DIGITAL SIGNATURE 3 Rev1 Rev2 Rev3 A PDF document can be signed more than once, but parallel signatures aren’t supported, only serial signatures: additional signatures sign all previous signatures.
33.
© 2015, iText
Group NV, iText Software Corp., iText Software BVBA Digital signatures: types Certification (aka author) signature Only possible for the first revision Involves modification detection permissions: No changes allowed Form filling and signing allowed Form filling, signing and commenting allowed Approval (aka recipient) signature Workflow with subsequent signers New in PDF 2.0: modification detection permissions Digital signatures: how it's done in PDF33
34.
© 2015, iText
Group NV, iText Software Corp., iText Software BVBA Other possible icons Signer’s identity is unknown Document has been altered or corrupted Digital signatures: how it's done in PDF34
35.
© 2015, iText
Group NV, iText Software Corp., iText Software BVBA Certified by Alice Digital signatures: how it's done in PDF35
36.
© 2015, iText
Group NV, iText Software Corp., iText Software BVBA Read, approved and signed by Bob Digital signatures: how it's done in PDF36
37.
© 2015, iText
Group NV, iText Software Corp., iText Software BVBA Bob’s signature invalidated by Chuck Digital signatures: how it's done in PDF37
38.
© 2015, iText
Group NV, iText Software Corp., iText Software BVBA Read, approved and signed by Carol Digital signatures: how it's done in PDF38
39.
© 2015, iText
Group NV, iText Software Corp., iText Software BVBA Read, approved and signed by Dave Digital signatures: how it's done in PDF39
40.
© 2015, iText
Group NV, iText Software Corp., iText Software BVBA Signature and lock broken by Chuck Digital signatures: how it's done in PDF40
41.
© 2015, iText
Group NV, iText Software Corp., iText Software BVBA Digital signatures: how it's done in PDF41 Long-term validation Revocation Timestamps LTV
42.
© 2015, iText
Group NV, iText Software Corp., iText Software BVBA Certificates expire Digital signatures: how it's done in PDF42 Expiration date 2013 2014 2015
43.
© 2015, iText
Group NV, iText Software Corp., iText Software BVBA Certificates get revoked Digital signatures: how it's done in PDF43 Expiration dateRevocation date 2013 2014 2015
44.
© 2015, iText
Group NV, iText Software Corp., iText Software BVBA CA: CRL and OCSP Digital signatures: how it's done in PDF44
45.
© 2015, iText
Group NV, iText Software Corp., iText Software BVBA Concept 3: example Digital signatures: how it's done in PDF45 Self-signed: Signed by Adobe: Signed by GlobalSign: Signed by GlobalSign
46.
© 2015, iText
Group NV, iText Software Corp., iText Software BVBA How to survive revocation / expiration? Digital signatures: how it's done in PDF46 Expiration dateRevocation date
47.
© 2015, iText
Group NV, iText Software Corp., iText Software BVBA Timestamps Digital signatures: how it's done in PDF47
48.
© 2015, iText
Group NV, iText Software Corp., iText Software BVBA What to do when: There’s no CRL/OCSP/TS in the document? The certificate is about to expire in one of your documents? The hashing/encryption algorithm is about to be deprecated? Digital signatures: how it's done in PDF48
49.
© 2015, iText
Group NV, iText Software Corp., iText Software BVBA Document Security Store (DSS) Digital signatures: how it's done in PDF49 %PDF-1.x ... /ByteRange ... /Contents< >... %%EOF DIGITAL SIGNATURE • Signed Message Digest • Certificate %PDF-1.x ... /ByteRange ... /Contents< >... %%EOF DSS for DIGITAL SIGNATURE • VRI, Certs, OCSPs, CRLs DIGITAL SIGNATURE • Signed Message Digest • Certificate
50.
© 2015, iText
Group NV, iText Software Corp., iText Software BVBA Document-level timestamp Digital signatures: how it's done in PDF50 %PDF-1.x ... /ByteRange ... /Contents< >... %%EOF DSS for DIGITAL SIGNATURE • VRI, Certs, OCSPs, CRLs %PDF-1.x ... /ByteRange ... /Contents< >... %%EOF DSS for DIGITAL SIGNATURE • VRI, Certs, OCSPs, CRLs DOCUMENT TIMESTAMP TS1 ETSI.RFC3161 DIGITAL SIGNATURE • Signed Message Digest • Certificate DIGITAL SIGNATURE • Signed Message Digest • Certificate
51.
© 2015, iText
Group NV, iText Software Corp., iText Software BVBA Digital signatures: how it's done in PDF51 %PDF-1.x ... /ByteRange ... /Contents< >... %%EOF DSS for DIGITAL SIGNATURE • VRI, Certs, OCSPs, CRLs DOCUMENT TIMESTAMP TS1 %PDF-1.x ... /ByteRange ... /Contents< >... %%EOF DSS for DIGITAL SIGNATURE • VRI, Certs, OCSPs, CRLs DOCUMENT TIMESTAMP TS1 DSS for TS1 DOCUMENT TIMESTAMP TS2 DIGITAL SIGNATURE • Signed Message Digest • Certificate DIGITAL SIGNATURE • Signed Message Digest • Certificate
52.
© 2015, iText
Group NV, iText Software Corp., iText Software BVBA Digital signatures: how it's done in PDF52 Questions? itextpdf.com SG: sales.isa@itextpdf.com +65 31 58 39 47 BE: sales.isb@itextpdf.com +32 92 98 02 31 US: sales.isc@itextpdf.com +1 617 982 646
Descargar ahora