On Fri, 2 Nov 2018 15:42:40 +0100, Stefan Claas wrote: > Am 02.11.18 um 15:20 schrieb Dirk Gottschalk: > > Hello Stefan. > > > > Am Freitag, den 02.11.2018, 12:53 +0100 schrieb Stefan Claas: > >> Hi Wiktor, > >> > >> thanks a lot! Now this is awesome... i just timestamped my already > >> signed .pdf with Adobe Reader DC and this does not invalidate my > >> qualified signature, when saving the document again! :-) I must > >> admit i did not know this. > > You mean, you "tampered" with the file and the signature is still > > valid? Are you sure? Then Adome does sometging really bad, IMHO. > > > > Such a signature should ensure that the file is unmodified > > completely. otherwise somebody can modify it in a way that could be > > used as a backdoor to the signature, at least in theory. > Hi Dirk, > > i did not tampered with the file, i simply used the function > in Adobe Reader DC to let it *add* a time stamp to my > document and then saved it again. > > I strongly assume that it is also possible that someone > else can sign my .pdf too with a qualified signature and > this will also not invalidate my qualified signature, unless > of course someone would *edit* my document.
Just did a test with an older .pdf, which was signed with my non-qualified D-Trust certificate and time stamped with freetsa. Now i signed it again with my qualified D-Trust certificate and time stamped again. Works perfect! :-) Regards Stefan -- https://www.behance.net/futagoza https://keybase.io/stefan_claas
pgpC5EYpjeX6_.pgp
Description: Digitale Signatur von OpenPGP
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
