You are right, of course, it can be done with a DSS dictionary.
Paulo
> -----Original Message-----
> From: Leonard Rosenthol [mailto:[email protected]]
> Sent: Thursday, October 29, 2009 6:54 PM
> To: Post all your questions about iText here
> Subject: Re: [iText-questions] Embed a CRL or OCSP response
> to a signature that already exists in the PDF
>
> OR...
>
> You can use the method described in PAdES (ETSI TS 102778)
> Part 4 called LTV that is fully supported by Acrobat/Reader
> 9.1 and later.
>
> Leonard
>
> -----Original Message-----
> From: Paulo Soares [mailto:[email protected]]
> Sent: Thursday, October 29, 2009 2:38 PM
> To: Post all your questions about iText here
> Subject: Re: [iText-questions] Embed a CRL or OCSP response
> to a signature that already exists in the PDF
>
> Timestamp may be added later as it's an unsigned attribute
> but not CRL or OCSP. CRL and OCSP are signed attributes and
> in practice the PKCS7 must be regenerated and re-signed.
>
> Paulo
>
> > -----Original Message-----
> > From: Uribe-Herrerias, Daniel [mailto:[email protected]]
> > Sent: Thursday, October 29, 2009 5:49 PM
> > To: [email protected]
> > Subject: [iText-questions] Embed a CRL or OCSP response to
> a signature
> > that already exists in the PDF
> >
> > I have documents that were signed with Adobe CDS certificates using
> > iText, including a secure timestamp. It seems that for long-term
> > validation we also need to add the OCSP response or CRL
> (depending on
> > the certificate we use, since each one supports a different
> method).
> > Is it possible to modify the PKCS 7 structure just to add
> one of these
> > without invalidating the signature itself? I read this is something
> > that Acrobat offers, to enable end-users to sign documents
> while they
> > are offline, adding the online portions (secure timestamp, CRL and
> > OCSP response) to the signatures later.
> >
> >
> >
> > Thank you,
> >
> > Daniel Uribe
Aviso Legal:
Esta mensagem é destinada exclusivamente ao destinatário. Pode conter
informação confidencial ou legalmente protegida. A incorrecta transmissão desta
mensagem não significa a perca de confidencialidade. Se esta mensagem for
recebida por engano, por favor envie-a de volta para o remetente e apague-a do
seu sistema de imediato. É proibido a qualquer pessoa que não o destinatário de
usar, revelar ou distribuir qualquer parte desta mensagem.
Disclaimer:
This message is destined exclusively to the intended receiver. It may contain
confidential or legally protected information. The incorrect transmission of
this message does not mean the loss of its confidentiality. If this message is
received by mistake, please send it back to the sender and delete it from your
system immediately. It is forbidden to any person who is not the intended
receiver to use, distribute or copy any part of this message.
------------------------------------------------------------------------------
Come build with us! The BlackBerry(R) Developer Conference in SF, CA
is the only developer event you need to attend this year. Jumpstart your
developing skills, take BlackBerry mobile applications to market and stay
ahead of the curve. Join us from November 9 - 12, 2009. Register now!
http://p.sf.net/sfu/devconference
_______________________________________________
iText-questions mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/itext-questions
Buy the iText book: http://www.1t3xt.com/docs/book.php
Check the site with examples before you ask questions:
http://www.1t3xt.info/examples/
You can also search the keywords list: http://1t3xt.info/tutorials/keywords/
