Jump to content

Digital Signatures


rlocone

Recommended Posts

Hello All,

Lately I gotten into doing a lot of emailing and creating PDF reports. There are a bunch of PDF creators out there but which is the best to use? Also need to attach a digital signature both to the PDF & gmail. Is GPG the only way to go for adding signatures for gmail? I'd like to use a VeriSign digital signature for both purposes. I know that this doesn't prevent tempering but at least it will alert the receiver that the content has been altered after I sent it.

Thanks for your time & attention,

Link to comment
Share on other sites

I never used VeriSign before, plus GPG is pretty good and secure too.

"PGP supports message authentication and integrity checking. The latter is used to detect whether a message has been altered since it was completed (the message integrity property), and the former to determine whether it was actually sent by the person/entity claimed to be the sender (a digital signature). In PGP, these are used by default in conjunction with encryption, but can be applied to the plaintext as well. The sender uses PGP to create a digital signature for the message with either the RSA or DSA signature algorithms. To do so, PGP computes a hash (also called a message digest) from the plaintext, and then creates the digital signature from that hash using the sender's private key."

http://en.wikipedia.org/wiki/Pretty_Good_Privacy#Digital_signatures

Link to comment
Share on other sites

OpenOffice lets you save files with Digital Signatures, but as soon as you try to export it as PDF, it removes the signature. If you keep it in odt format, its ok, although I don't know how you verify the signatures on them. When you open a signed odt file, it says the certificate is ok, but can not be verified. Not sure how that part works.

Link to comment
Share on other sites

OpenOffice lets you save files with Digital Signatures, but as soon as you try to export it as PDF, it removes the signature. If you keep it in odt format, its ok, although I don't know how you verify the signatures on them. When you open a signed odt file, it says the certificate is ok, but can not be verified. Not sure how that part works.

That message means that the document has not been modified since it was signed, but the certificate's issuer (eg, the root CA, or the certificate itself if it's self-signed) is not in your list of trusted authorities.

Edit: I should mention, that by default the only "trusted CA" in Adobe Reader is Adobe's own CA. But it's easy to add new CAs or certificates to the trusted identities.

Edited by Sitwon
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...