source/text/shared/guide/digital_signatures.xhp | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
New commits:
commit 02139162f541bb56ddbaf0a2d6142256a0454372
Author: Miklos Vajna <vmik...@collabora.co.uk>
Date: Thu Nov 10 11:55:07 2016 +0100
digital signatures: briefly document OOXML/PDF signing effort
It may be unexpected for users to see that OOXML files are always only
partially signed.
Change-Id: Ie7c6c553580a4eb38ed72c8a50b75f4b7902613f
diff --git a/source/text/shared/guide/digital_signatures.xhp
b/source/text/shared/guide/digital_signatures.xhp
index 514852d..eb85aef 100644
--- a/source/text/shared/guide/digital_signatures.xhp
+++ b/source/text/shared/guide/digital_signatures.xhp
@@ -87,7 +87,10 @@
<paragraph xml-lang="en-US" id="hd_id0821200910191787" role="heading"
level="3" l10n="NEW">Signatures and software versions</paragraph>
<paragraph xml-lang="en-US" id="par_id0821200910191747" role="paragraph"
l10n="NEW">The signing of contents got changed with OpenOffice.org 3.2 and
StarOffice 9.2. Now all contents of the files, except the signature file itself
(META-INF/documentsignatures.xml) are signed. </paragraph>
- <paragraph xml-lang="en-US" id="par_id0821200910191774" role="paragraph"
l10n="NEW">When you sign a document with OpenOffice.org 3.2 or StarOffice 9.2
or a later version, and you open that document in an older version of the
software, the signature will be displayed as "invalid". Signatures created with
older versions of the software will be marked with "only parts of the documents
are signed" when loaded in the newer software.</paragraph>
+ <paragraph xml-lang="en-US" id="par_id0821200910191774" role="paragraph"
l10n="NEW">When you sign a document with OpenOffice.org 3.2 or StarOffice 9.2
or a later version, and you open that document in an older version of the
software, the signature will be displayed as "invalid". Signatures created with
older versions of the software will be marked with "only parts of the document
is signed" when loaded in the newer software.</paragraph>
+ <paragraph xml-lang="en-US" id="par_id0821200910191775" role="paragraph"
l10n="NEW">When you sign an OOXML document, then the signature will be always
marked with "only parts of the document is signed". Metadata of OOXML files are
never signed, to be compatible with Microsoft Office.</paragraph>
+ <paragraph xml-lang="en-US" id="par_id0821200910191776" role="paragraph"
l10n="NEW">When you sign a PDF document, then this marking is not used. Signing
only parts of the document is simply an invalid signature.</paragraph>
+ <paragraph xml-lang="en-US" id="par_id0821200910191777" role="paragraph"
l10n="NEW">Signing other document formats is not supported at the
moment.</paragraph>
<paragraph xml-lang="en-US" id="par_id2008200911583098" role="note"
l10n="NEW">When you load an ODF document, you might see an icon in the status
bar and the status field in the dialog that indicates that the document is only
partially signed. This status will appear when the signature and certificate
are valid, but they were created with a version of OpenOffice.org before 3.2 or
StarOffice before 9.2. In versions of OpenOffice.org before 3.0 or StarOffice
before 9.0, the document signature was applied to the main contents, pictures
and embedded objects only and some contents, like macros, were not signed. In
OpenOffice.org 3.0 and StarOffice 9.0 the document signature was applied to
most content, including macros. However, the mimetype and the content of the
META-INF folder were not signed. And in OpenOffice.org 3.2, StarOffice 9.2, and
all versions of LibreOffice all contents, except the signature file itself
(META-INF/documentsignatures.xml), are signed.</paragraph>
<paragraph xml-lang="en-US" id="hd_id9354228" role="heading" level="2"
l10n="NEW">Security Warnings</paragraph>
<paragraph xml-lang="en-US" id="par_id2372508" role="paragraph"
l10n="NEW">When you receive a signed document, and the software reports that
the signature is valid, this does not mean that you can be absolutely sure that
the document is the same that the sender has sent. Signing documents with
software certificates is not a perfectly secure method. Numerous ways are
possible to circumvent the security features.</paragraph>
_______________________________________________
Libreoffice-commits mailing list
libreoffice-comm...@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice-commits
