https://bugs.documentfoundation.org/show_bug.cgi?id=156082
--- Comment #5 from Juraj Ĺ arinay <[email protected]> --- This is due to a document timestamp (ETSI EN 319 142-1 Clause 5.4.3 / ISO 32000-2 Clause 12.8.5) included in the file. The issue is not country (or signer) specific and can be reproduced with any PDF file containing a document timestamp. We even log a rather helpful warning xmlsecurity/source/helper/pdfsignaturehelper.cxx:356: ValidateSignature: unsupported sub-filter: 'ETSI.RFC3161' and then report the "signature" as invalid. In general, it is not unreasonable to call a signature invalid if one cannot validate it. Yet it may make sense to report an unsupported signature as such. Most invalid signatures are invalid, because we know how to validate them and the process demonstrably fails. A signature we do not even attempt to validate is a different kind of "invalid". Ideally, one would implement the rather straightforward validation of (both kinds of) timestamps. In the meantime, it might make sense to (silently) ignore document timestamps the same way we ignore signature timestamps. Such behaviour would at least be consistent. Because they must have Type set to DocTimeStamp (and should also have SubFilter == ETSI.RFC3161), document timestamps are easy to tell apart from "real" signatures. Until we are able to validate the timestamps, properly ignoring them should be a reasonably easy hack. -- You are receiving this mail because: You are the assignee for the bug.
