[ https://issues.apache.org/jira/browse/PDFBOX-5070?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17268129#comment-17268129 ]
Tilman Hausherr commented on PDFBOX-5070: ----------------------------------------- Lets try the smallest thing first, which is getting a dummy timestamp signature. - TSAClient.getTimeStampToken() has a wrong javadoc / parameter name (it's not an "imprint") - it would be better that it returns a TimeStampToken (CreateSignedTimeStamp.sign() will have to be changed) - ShowSignature has (non resusable) code to extract the certificates from the TimeStampToken - The nonce isn't really good in TSAClient (SecureRandom is not static), the code in OCSPHelper is better > LTV: allow to gather OCSP responses before signing > --------------------------------------------------- > > Key: PDFBOX-5070 > URL: https://issues.apache.org/jira/browse/PDFBOX-5070 > Project: PDFBox > Issue Type: Improvement > Components: Signing > Affects Versions: 2.0.23 > Reporter: Ralf Hauser > Priority: Minor > > Then, the OCSP responses lifetime does not start after signature time. > This obviously only can work if the signing cert serial# is known prior to > signing (see PDFBOX-2776 comment-17220875 ) > -- This message was sent by Atlassian Jira (v8.3.4#803005) --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@pdfbox.apache.org For additional commands, e-mail: dev-h...@pdfbox.apache.org