Hello, Thanx for your answer and good guidance
Ok what I got from your reply is that we can't put OCSP based revocation information in PDF signature during verification. 1 - But can we do it during signing? [As far as I know that the OCSP info will be placed as authenticated attributes in signature but RFC3161 Timestamp token is placed as un-authenticated attributes] 2 - Can we add CRL based revocation information during either PDF signing or verification. [Which I don't think so is not possible during verification as OCSP Response]. Please guide me in this regard Best Regards, KS > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On=20 > Behalf Of Khurram Salim > Sent: Wednesday, May 23, 2007 12:18 PM > To: [EMAIL PROTECTED] > Subject: [iText-questions] Adding revocation information in=20 > PKCS#7 during verification > Hello, > I'm signing a PDF using iText and IAIK JCE Provider. I'm also > adding Time-stamping information in the signature. Can I also > add revocation information in the signature e.g. OCSP > response? OCSP is an online protocol. > But I'm facing a problem. I want to add revocation information > in already created signature in PDF during=20 > verification. Is it possible? No. If you add anything you invalidate the signature. You'll have to decide if you want OCSP or CRL. Paulo Regards, KS
smime.p7s
Description: S/MIME cryptographic signature
------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/
_______________________________________________ iText-questions mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/itext-questions Buy the iText book: http://itext.ugent.be/itext-in-action/
