[
https://issues.apache.org/jira/browse/PDFBOX-5070?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17268129#comment-17268129
]
Tilman Hausherr commented on PDFBOX-5070:
-----------------------------------------
Lets try the smallest thing first, which is getting a dummy timestamp signature.
- TSAClient.getTimeStampToken() has a wrong javadoc / parameter name (it's not
an "imprint")
- it would be better that it returns a TimeStampToken
(CreateSignedTimeStamp.sign() will have to be changed)
- ShowSignature has (non resusable) code to extract the certificates from the
TimeStampToken
- The nonce isn't really good in TSAClient (SecureRandom is not static), the
code in OCSPHelper is better
> LTV: allow to gather OCSP responses before signing
> ---------------------------------------------------
>
> Key: PDFBOX-5070
> URL: https://issues.apache.org/jira/browse/PDFBOX-5070
> Project: PDFBox
> Issue Type: Improvement
> Components: Signing
> Affects Versions: 2.0.23
> Reporter: Ralf Hauser
> Priority: Minor
>
> Then, the OCSP responses lifetime does not start after signature time.
> This obviously only can work if the signing cert serial# is known prior to
> signing (see PDFBOX-2776 comment-17220875 )
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
