Hi Marck, You have two options:
1 - Use encrypted email 2 - Use the built in PDF Signing capability within Acrobat (or other PDF writer/reader) The first option does not rely on any capability of the document software to validate the document but you could certainly sign and encrypt email and this would solve the problem. I would not recommend this as setting up an encrypted email system has all sorts of other issues. The second option is more than suitable. Check out http://helpx.adobe.com/acrobat/kb/certificate-signatures.html [1] for more information. In this scenario you would have your document signing certificate signed by your internal CA hierarchy. Then using the certificate and private key you would sign your PDFs using your chosen PDF writing software. To ensure that your users could validate the signature on the PDF you should install root and intermediate CA (if you have one) certificate into the users certificate store (CAPI store in Windows). Then when one of your users receives a PDF they can validate it. Now you can do the same thing with Office (http://office.microsoft.com/en-gb/excel-help/add-or-remove-a-digital-signature-in-office-documents-HA010099768.aspx). [2] I don't see that you need any other software or any cloud service. You can do everything you need with the tools you all ready have. I hope this helps. Cheers, Matt On Sat 23/03/13 13:49 , "marck e." [email protected] sent: Thanks for the link.I checked Microsoft RMS site, it aims to solve document protection problema.However I can't see -correct me if wrong- how it solves digital signature+digital encryption of documents. I need something like a app installed on client workstation (say, User A) that uses a certificate issued by our internal CA to sign the document (PDF,DOC,XLS) and send that document to User B , who will validate identity of sender checking signature on the received document. I know this is the basic concept of any digital signature solution but all i find is this kind of applications based on cloud or applications that use self-issued certificates which can't be used for my purpose. i would appreciate If anyone has advice on this. M.e. On Fri, Mar 22, 2013 at 12:45 PM, Carlos Perez wrote: > if you are in a Windows Only env have you looked at RMS > http://technet.microsoft.com/en-us/library/cc771627%28v%3Dws.10%29.aspx [4]">http://technet.microsoft.com/en-us/library/cc771627(v=ws.10).aspx > > On Mar 22, 2013, at 12:09 PM, - wrote: > > Hi, > > Have a look here: http://joinup.ec.europa.eu/software/sd-dss/home [6]">http://joinup.ec.europa.eu/software/sd-dss/home > > It's a set of java modules/libraries (and a webapp) that offer a full > implementation of CAdES, PAdES and XAdES signature creation and verification > (with integrity and revocation checks). It also supports ECDSA algos, > PADES-LTV formats,,....and even if intially it's a bit complex to use it > works well. > > It's an project funded by the EU commission released under GPL license and > also the sources are available. > > BR, > D. > > > On Fri, Mar 22, 2013 at 3:50 PM, marck e. wrote: >> >> Hi there. >> I've been tasked to look for a solution to digitally sign PDF >> documents.This solution would have to validate document signer >> identity with a certificate which would be issued by a Internal CA (we >> think Microsoft Certificate Services would do well). >> Almost every digital signing solution focus on cloud-based PKI >> infrastructure and I find almost no documentation for integrating >> internal PKI server with a on-premise software to digitally signing >> software. >> Can anyone provide insight about this particular scenario? >> >> Thanks >> M.E >> _______________________________________________ >> Pauldotcom mailing list >> [email protected] [8] >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom [9]">http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> Main Web Site: http://pauldotcom.com [10]">http://pauldotcom.com > > > _______________________________________________ > Pauldotcom mailing list > [email protected] [11] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom [12]">http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com [13]">http://pauldotcom.com > > > > _______________________________________________ > Pauldotcom mailing list > [email protected] [14] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom [15]">http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com [16]">http://pauldotcom.com _______________________________________________ Pauldotcom mailing list [email protected] [17] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom [18]">http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com [19]">http://pauldotcom.com Links: ------ [1] http://helpx.adobe.com/acrobat/kb/certificate-signatures.html [2] http://office.microsoft.com/en-gb/excel-help/add-or-remove-a-digital-signature-in-office-documents-HA010099768.aspx). [3] mailto:[email protected] [4] http://technet.microsoft.com/en-us/library/cc771627%28v%3Dws.10%29.aspx [5] mailto:[email protected] [6] http://joinup.ec.europa.eu/software/sd-dss/home [7] mailto:[email protected] [8] mailto:[email protected] [9] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom [10] http://pauldotcom.com [11] mailto:[email protected] [12] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom [13] http://pauldotcom.com [14] mailto:[email protected] [15] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom [16] http://pauldotcom.com [17] mailto:[email protected] [18] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom [19] http://pauldotcom.com
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
