I am doing some testing with long term validation of signatures in PDF files.
Our documents currently are signed with CRL/OCSP embedded for the main
certificate chain (the one used for signing), but with no CRL/OCSP embedded for
the timestamp certificate chain. Using Reader 8.1, it seems that the missing
revocation information causes the validation to stop working when the
certificate used for the timestamp expires. If I change the security settings
to use "The time at which the signature was created" (which is used since
Reader 9.1), the certification shows as VALID, but when opening the properties
the timestamp cannot be verified. I believe this would be solved by including
the revocation information for the timestamp, but I don't know if that is
supported by iText right now.
Thank you,
Daniel Uribe
------------------------------------------------------------------------------
Come build with us! The BlackBerry(R) Developer Conference in SF, CA
is the only developer event you need to attend this year. Jumpstart your
developing skills, take BlackBerry mobile applications to market and stay
ahead of the curve. Join us from November 9 - 12, 2009. Register now!
http://p.sf.net/sfu/devconference
_______________________________________________
iText-questions mailing list
iText-questions@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/itext-questions
Buy the iText book: http://www.1t3xt.com/docs/book.php
Check the site with examples before you ask questions:
http://www.1t3xt.info/examples/
You can also search the keywords list: http://1t3xt.info/tutorials/keywords/
