> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On
> Behalf Of [EMAIL PROTECTED]
> Sent: Friday, October 27, 2006 1:32 PM
> To: [email protected]
> Subject: [iText-questions] Multiple signatures - why don't they work ?
>
...(skipped introdution)
> Just to go back to the current state of the iText library (1.4.5),
> you can verify that there are two problems ...
>
> The first one is with the "addDocMDP" method
> (within the "PdfSignatureAppearance.java" file)
> "addDocMDP" allows certification-signatures with "level 1"
> permission
> only !
Yes, only "level 1", no change, and it will only work in Acrobat 7.
> There should be a way to specify level 2 or 3, too.
> This is not difficult to fix, but there is the second problem ...
This is difficult to implement.
>
> The second (BIG) problem in "PdfSignatureAppearance.java" is
> that when
> you
> add an approval-signature over an existing blanc signature field, you
> *apparently* fill that field, but actually the following steps are
> performed:
> * create a duplicate of the signature field
> * fill it with the 'appearance' stuff
> * delete the original field
> * add the new field
> * ....
> * sign the document
>
> You can get a quick confirm of this behaviour by opening a signed
> document
> with AcrobatReader:
> [ http://itext.ugent.be/articles/eid-pdf/pdf/EIDFormInvalid.pdf ]
> Look at the "Signature Property" related to the first signature
> (it is a certification-signature), go to the "Document" tab and press
> the "Show changes" button.
> Now you can read details (this is a rough translation from Italian):
> * added "Signature2" field at page 1
> * deleted "Signature2" field at page 1
> * field "Signature2" at page 1 filled-in
> * 2 changes (????)
>
> ======================
>
> Just to resume:
>
> **1**
> If we want to add multiple-signatures to Certificated-documents, we
> need
> the original certificated-doc were created with a "permission-level"
> equal
> to 2 or 3( level 1 means "NO change allowed" ).
> Note that the next signatures should FILL the originally provided
> (blanc)
> signature fields (i.e. No one is allowed to ADD a new (signature)
> field,
> you are only allowed to FILL those fields the author's provided )
>
> This is easy to do with just a little internal patch in
> "PdfSignatureAppearance.java"
>
> **2**
> The actual implementation of "PdfSignatureAppearance", does not FILL
> an existing signature-field; it ADDS a clone (hiding the original).
>
The certified doc can't be changed, it doesn't matter how the field is
changed.
> Although the "apparent" result is valid (i.e. ALL the signatures are
> valid), this operation (so implemented) breaks the special meaning
> of the certification-signature (remind the 3 "permission-levels" )
> set by the author.
>
> ======================
>
> I hope my arguments may help to find a solutions.
>
The solution is someone implementing the missing parts.
Paulo
Aviso Legal:
Esta mensagem é destinada exclusivamente ao destinatário. Pode conter
informação confidencial ou legalmente protegida. A incorrecta transmissão desta
mensagem não significa a perca de confidencialidade. Se esta mensagem for
recebida por engano, por favor envie-a de volta para o remetente e apague-a do
seu sistema de imediato. É proibido a qualquer pessoa que não o destinatário de
usar, revelar ou distribuir qualquer parte desta mensagem.
Disclaimer:
This message is destined exclusively to the intended receiver. It may contain
confidential or legally protected information. The incorrect transmission of
this message does not mean the loss of its confidentiality. If this message is
received by mistake, please send it back to the sender and delete it from your
system immediately. It is forbidden to any person who is not the intended
receiver to use, distribute or copy any part of this message.
-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
iText-questions mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/itext-questions
