[jira] [Commented] (PDFBOX-4020) Into signature embedded Signed Timestamp for validation
[ https://issues.apache.org/jira/browse/PDFBOX-4020?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16261274#comment-16261274 ] Tilman Hausherr commented on PDFBOX-4020: - That is indeed a good argument! > Into signature embedded Signed Timestamp for validation > --- > > Key: PDFBOX-4020 > URL: https://issues.apache.org/jira/browse/PDFBOX-4020 > Project: PDFBox > Issue Type: Improvement > Components: Signing >Affects Versions: 2.0.8 >Reporter: Alexis Suter > Attachments: SignatureValidation_Embedded_Timestamping.java.patch > > > I would like to contribute a new example for embedded Timestamping. > The Timestamp is beeing embedded into the existing Signature (which has so be > prepared big enough for it). So that the document does not get changed. > This Step is a preparation for the LTV and includes some reorganisation for > Validation-Purposes. > I am still working on embedding the OCSP-Data, wich will take a bit longer. > For that I have excluded and commented out the Code for it, to avoid > confusion. > Possible Usage: > {code:java} > exec:java -X > -Dexec.mainClass="org.apache.pdfbox.examples.signature.validation.CreateEmbeddedValidation" > -Dexec.args="${infile} -tsa ${tsa}" > {code} > CreateSignature has been changed to add SignatureOptions, where we can choose > the size of the signature. -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: dev-unsubscr...@pdfbox.apache.org For additional commands, e-mail: dev-h...@pdfbox.apache.org
[jira] [Commented] (PDFBOX-4020) Into signature embedded Signed Timestamp for validation
[ https://issues.apache.org/jira/browse/PDFBOX-4020?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16261267#comment-16261267 ] Ralf Hauser commented on PDFBOX-4020: - The use case is that you want to sign offline to avoid zero-day attacks against your signing machine. Once the signature is there und the pdf is transferred to a network connect machine, one is likely to want to add a timestamp. > Into signature embedded Signed Timestamp for validation > --- > > Key: PDFBOX-4020 > URL: https://issues.apache.org/jira/browse/PDFBOX-4020 > Project: PDFBox > Issue Type: Improvement > Components: Signing >Affects Versions: 2.0.8 >Reporter: Alexis Suter > Attachments: SignatureValidation_Embedded_Timestamping.java.patch > > > I would like to contribute a new example for embedded Timestamping. > The Timestamp is beeing embedded into the existing Signature (which has so be > prepared big enough for it). So that the document does not get changed. > This Step is a preparation for the LTV and includes some reorganisation for > Validation-Purposes. > I am still working on embedding the OCSP-Data, wich will take a bit longer. > For that I have excluded and commented out the Code for it, to avoid > confusion. > Possible Usage: > {code:java} > exec:java -X > -Dexec.mainClass="org.apache.pdfbox.examples.signature.validation.CreateEmbeddedValidation" > -Dexec.args="${infile} -tsa ${tsa}" > {code} > CreateSignature has been changed to add SignatureOptions, where we can choose > the size of the signature. -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: dev-unsubscr...@pdfbox.apache.org For additional commands, e-mail: dev-h...@pdfbox.apache.org
[jira] [Commented] (PDFBOX-4020) Into signature embedded Signed Timestamp for validation
[ https://issues.apache.org/jira/browse/PDFBOX-4020?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16261243#comment-16261243 ] Tilman Hausherr commented on PDFBOX-4020: - What is the use case of this, i.e. what would prevent a user from adding the timestamp at signing time? I saw your ICLA confirmation, it was for the mail address one can see here. > Into signature embedded Signed Timestamp for validation > --- > > Key: PDFBOX-4020 > URL: https://issues.apache.org/jira/browse/PDFBOX-4020 > Project: PDFBox > Issue Type: Improvement > Components: Signing >Affects Versions: 2.0.8 >Reporter: Alexis Suter > Attachments: SignatureValidation_Embedded_Timestamping.java.patch > > > I would like to contribute a new example for embedded Timestamping. > The Timestamp is beeing embedded into the existing Signature (which has so be > prepared big enough for it). So that the document does not get changed. > This Step is a preparation for the LTV and includes some reorganisation for > Validation-Purposes. > I am still working on embedding the OCSP-Data, wich will take a bit longer. > For that I have excluded and commented out the Code for it, to avoid > confusion. > Possible Usage: > {code:java} > exec:java -X > -Dexec.mainClass="org.apache.pdfbox.examples.signature.validation.CreateEmbeddedValidation" > -Dexec.args="${infile} -tsa ${tsa}" > {code} > CreateSignature has been changed to add SignatureOptions, where we can choose > the size of the signature. -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: dev-unsubscr...@pdfbox.apache.org For additional commands, e-mail: dev-h...@pdfbox.apache.org
[jira] [Commented] (PDFBOX-4020) Into signature embedded Signed Timestamp for validation
[ https://issues.apache.org/jira/browse/PDFBOX-4020?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16260633#comment-16260633 ] Ralf Hauser commented on PDFBOX-4020: - see also PDFBOX-1848 > Into signature embedded Signed Timestamp for validation > --- > > Key: PDFBOX-4020 > URL: https://issues.apache.org/jira/browse/PDFBOX-4020 > Project: PDFBox > Issue Type: Improvement > Components: Signing >Affects Versions: 2.0.8 >Reporter: Alexis Suter > Attachments: SignatureValidation_Embedded_Timestamping.java.patch > > > I would like to contribute a new example for embedded Timestamping. > The Timestamp is beeing embedded into the existing Signature (which has so be > prepared big enough for it). So that the document does not get changed. > This Step is a preparation for the LTV and includes some reorganisation for > Validation-Purposes. > I am still working on embedding the OCSP-Data, wich will take a bit longer. > For that I have excluded and commented out the Code for it, to avoid > confusion. > Possible Usage: > {code:java} > exec:java -X > -Dexec.mainClass="org.apache.pdfbox.examples.signature.validation.CreateEmbeddedValidation" > -Dexec.args="${infile} -tsa ${tsa}" > {code} > CreateSignature has been changed to add SignatureOptions, where we can choose > the size of the signature. -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: dev-unsubscr...@pdfbox.apache.org For additional commands, e-mail: dev-h...@pdfbox.apache.org