OR... You can use the method described in PAdES (ETSI TS 102778) Part 4 called LTV that is fully supported by Acrobat/Reader 9.1 and later.
Leonard -----Original Message----- From: Paulo Soares [mailto:psoa...@glintt.com] Sent: Thursday, October 29, 2009 2:38 PM To: Post all your questions about iText here Subject: Re: [iText-questions] Embed a CRL or OCSP response to a signature that already exists in the PDF Timestamp may be added later as it's an unsigned attribute but not CRL or OCSP. CRL and OCSP are signed attributes and in practice the PKCS7 must be regenerated and re-signed. Paulo > -----Original Message----- > From: Uribe-Herrerias, Daniel [mailto:daniel.ur...@claraview.com] > Sent: Thursday, October 29, 2009 5:49 PM > To: itext-questions@lists.sourceforge.net > Subject: [iText-questions] Embed a CRL or OCSP response to a signature > that already exists in the PDF > > I have documents that were signed with Adobe CDS certificates using > iText, including a secure timestamp. It seems that for long-term > validation we also need to add the OCSP response or CRL (depending on > the certificate we use, since each one supports a different method). > Is it possible to modify the PKCS 7 structure just to add one of these > without invalidating the signature itself? I read this is something > that Acrobat offers, to enable end-users to sign documents while they > are offline, adding the online portions (secure timestamp, CRL and > OCSP response) to the signatures later. > > > > Thank you, > > Daniel Uribe > > Aviso Legal: Esta mensagem ? destinada exclusivamente ao destinat?rio. Pode conter informa??o confidencial ou legalmente protegida. A incorrecta transmiss?o desta mensagem n?o significa a perca de confidencialidade. Se esta mensagem for recebida por engano, por favor envie-a de volta para o remetente e apague-a do seu sistema de imediato. ? proibido a qualquer pessoa que n?o o destinat?rio de usar, revelar ou distribuir qualquer parte desta mensagem. Disclaimer: This message is destined exclusively to the intended receiver. It may contain confidential or legally protected information. The incorrect transmission of this message does not mean the loss of its confidentiality. If this message is received by mistake, please send it back to the sender and delete it from your system immediately. It is forbidden to any person who is not the intended receiver to use, distribute or copy any part of this message. ------------------------------------------------------------------------------ Come build with us! The BlackBerry(R) Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9 - 12, 2009. Register now! http://p.sf.net/sfu/devconference _______________________________________________ iText-questions mailing list iText-questions@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/itext-questions Buy the iText book: http://www.1t3xt.com/docs/book.php Check the site with examples before you ask questions: http://www.1t3xt.info/examples/ You can also search the keywords list: http://1t3xt.info/tutorials/keywords/
