https://bugs.documentfoundation.org/show_bug.cgi?id=143134
--- Comment #5 from renato...@gmail.com --- I consider we are discussing many aspects of signing. First, attending former comments, I am describing 2 forms of signing: keeping signatures outside of main file and keeping signatures within the main file. Then, I am returning to the point of signing PDF in LibreOffice. In this point, the details are pointing out several difficulties to sign within the main PDF file. Basically, the focus of this ticket is to verify the possibility to manage PDF flags and to perform more than one signature within the main file; First, there are 2 forms of storing signatures: - Keeping signatures in additional files; - Keeping signatures altogether within the main document; Keeping signatures in attached files It is well known that some projects keep signatures and fingerprints out of the main document. It is a very good option to implement new systems/tools. The reason is that the main file do not need interactions or additional changes to store signatures. This option prevents changes in fingerprint and file corruption through the signing process and other steps. This option is the easiest to implement and to maintain using common open source tools and well know concepts of signatures. Keeping signatures within the main document On the other hand, keeping all signatures in the same document delivers signatures for all users which received the only one - main file. The problem is that if signatures are kept all together in the same file, all signature recordings change the main document. Therefore, this might lead to fingerprint alterations, and in some cases the main fie might be susceptible to external changes or file corruption. The most risky part is that all signatures needs the user to interact with the main file. The user must download it, expose the file to the environment, sign it, and upload back to the server. Since, there are threats related to PDFs or any other files, changing files for signatures do not seems to be the securest solution. Considering the main file pass through internal and external users, multiple access might increase the risky changes or virus injections.. Another point, which might be good or not, is that this solution might depend on proprietary definitions. The advantage of this solution is that it is easy to store all signatures and data in one file. It is good for a long run. To sum up, to keep all signatures within the same file might bring some risks, however this option have been used for a long time. I would consider both options of signing are functional. Focusing in signing PDF After detailing the two options of keeping signatures, I am switching to the point of signing one main file in Libre Office. I highlight the option of keeping signatures in one main document. And, I consider the main document is a PDF file. Then, I move forward to the topic of signing PDF in LibreOffice. I am using an example to consolidate the scene. In my example: two people need to sign a PDF file. Unfortunately, the second one is reporting trouble. The second is an external user signing the same main PDF file. The problem is that If the first user signs via LibreOffice, the second can not sign successfully in other PDF reader. The last reader could use any program. In fact, we could focus in the flags. I guess that the blockage which the second user faces might be caused because of flags which LibreOffice sets in the first PDF signature. It seems that flags, which are written in first version of signed file, are not compatible with second access for the second signature. Other problems such as not having permissions to add stamps and not having permissions to add visual marks are seen for the second signer at the second access. Opposite to the difficulty presented in this environment, two different signatures are possible in proprietary PDF reader solution and have been used in my region. To check the possibility to edit flags and to execute multiple signatures in the LibreOffice. I would verify the possibility to include a function to allow multiple signatures and to allow specific flags to be available in the signature box. It is because the second signature depend on right flags such as Editable, Comments and Signatures to access the document properly. In fact, most of readers rely on those flags to add information, and other programs have managed all functionalities which can handle two signatures properly. Basically, other programs have allowed two people to sign PDF properly, and I would appreciate if LibreOffice could perform such way. That means placing a visual stamp and adding signatures in the second access. – PS: @Timur and Comment2: Unfortunately, I can not provide official documents using others’ signatures; however I wish I could explained what is needed for comprehension in this comment. Mainly, specific flags are used for other programs to guarantee two times signatures. In addition, other programs, which probably follow some specification, access the signed PDF and can not sign the second time. Moreover, It is believed that those flags used in Libreoffice do not allow the second signature in other programs. I wish I could provide all information needed once I am not sure if I can provide any further details or files. -- You are receiving this mail because: You are the assignee for the bug.
