[
https://issues.apache.org/jira/browse/PDFBOX-1847?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13931975#comment-13931975
]
John Hewson edited comment on PDFBOX-1847 at 3/12/14 4:49 PM:
--------------------------------------------------------------
Just to recap our discussion on the mailing list: this patch is going to go
into a new singing module:
{quote}
*Vakhtang Koroghlishvili:*
I think, it's time to create another project named sign-box or something like
that. At the moment I have time and I can create that project with very good
design architect and show you a patch or comitters can create that project
with existence features and then we will add new features step by step.
{quote}
and the existing non-core signing classes will be moved there too.
For anyone wondering why we would want to move the signing classes, one reason
is that they are not part of the PDF specification. The spec defines a generic
plug-in framework for signatures with some basic built-in functionality, but
nothing beyond that. Instead, there are various third party signing standards,
such as [PAdES|http://en.wikipedia.org/wiki/PAdES].
was (Author: jahewson):
Just to recap out discussion on the mailing list: this patch is going to go
into a new singing module:
{quote}
*Vakhtang Koroghlishvili:*
I think, it's time to create another project named sign-box or something like
that. At the moment I have time and I can create that project with very good
design architect and show you a patch or comitters can create that project
with existence features and then we will add new features step by step.
{quote}
and the existing non-core signing classes will be moved there too.
For anyone wondering why we would want to move the signing classes, one reason
is that they are not part of the PDF specification. The spec defines a generic
plug-in framework for signatures with some basic built-in functionality, but
nothing beyond that. Instead, there are various third party signing standards,
such as [PAdES|http://en.wikipedia.org/wiki/PAdES].
> TSA Time Signature
> ------------------
>
> Key: PDFBOX-1847
> URL: https://issues.apache.org/jira/browse/PDFBOX-1847
> Project: PDFBox
> Issue Type: Improvement
> Components: Signing
> Affects Versions: 2.0.0
> Reporter: vakhtang koroghlishvili
> Assignee: John Hewson
> Fix For: 2.0.0
>
> Attachments: CreateSignature-updated.java.patch,
> TSATimeSignature.patch, resultOfSigning.jpg
>
>
> When we was signing document, we was using time from our time. For more
> security we can use Time Stamp server.
> "Trusted timestamping is the process of securely keeping track of the
> creation and modification time of a document. Security here means that no one
> — not even the owner of the document — should be able to change it once it
> has been recorded provided that the timestamper's integrity is never
> compromised."(wiki)
--
This message was sent by Atlassian JIRA
(v6.2#6252)
