source/text/shared/guide/digitalsign_send.xhp | 47 ++++++++++++++------------
1 file changed, 27 insertions(+), 20 deletions(-)
New commits:
commit 9e31d6fffa7505c009c603f3fd605eea9460958d
Author: Olivier Hallot <olivier.hal...@libreoffice.org>
Date: Tue Feb 27 18:31:45 2018 -0300
tdf#36970 Revisit digital signature help content
Many thanks to orcmid for the precisions.
Change-Id: I362abe27a3eb5748e90b8797206f414c0eade537
Reviewed-on: https://gerrit.libreoffice.org/50471
Reviewed-by: Olivier Hallot <olivier.hal...@libreoffice.org>
Tested-by: Olivier Hallot <olivier.hal...@libreoffice.org>
diff --git a/source/text/shared/guide/digitalsign_send.xhp
b/source/text/shared/guide/digitalsign_send.xhp
index f487f7748..4216a412d 100644
--- a/source/text/shared/guide/digitalsign_send.xhp
+++ b/source/text/shared/guide/digitalsign_send.xhp
@@ -1,6 +1,6 @@
<?xml version="1.0" encoding="UTF-8"?>
<helpdocument version="1.0">
-
+
<!--
* This file is part of the LibreOffice project.
*
@@ -18,8 +18,8 @@
* except in compliance with the License. You may obtain a copy of
* the License at http://www.apache.org/licenses/LICENSE-2.0 .
-->
-
-
+
+
<meta>
<topic id="textsharedguidedigitalsign_sendxhp" indexer="include"
status="PUBLISH">
<title xml-lang="en-US" id="tit">Applying Digital Signatures</title>
@@ -36,24 +36,31 @@
<paragraph xml-lang="en-US" id="par_idN10640" role="paragraph">You can get a
certificate from a certification authority. No matter if you choose a
governmental institution or a private company it is common to be charged for
this service, for example when they certify your identity. Few other
authorities issue certificates free of costs, like the Open Source Project
<link href="https://www.CAcert.org/";>CAcert</link> which is based on the
well-known and reliable Web of Trust model and is of growing
popularity.</paragraph>
<paragraph xml-lang="en-US" id="par_idN106F6" role="heading"
level="2">Managing your Certificates</paragraph>
<switch select="sys">
-<case select="WIN">
-<paragraph xml-lang="en-US" id="par_idN1070A" role="paragraph">If you are
using Microsoft Windows, you can manage your certificates either from the
Control Panel applet "Internet Options" on the "Contents" tab page or from MS
Internet Explorer.</paragraph>
- <paragraph xml-lang="en-US" id="par_id8311410" role="paragraph">Import
your new root certificate into the Trusted Root Certification Authorities
list.</paragraph>
-</case>
-<default>
-<paragraph xml-lang="en-US" id="par_idN1071D" role="paragraph">If you are
using Linux, macOS or Solaris, you must install a recent version of Thunderbird
or Firefox. %PRODUCTNAME will then access their certificate storage.</paragraph>
- <paragraph xml-lang="en-US" id="par_idN10720" role="tip">If you have
created different profiles in Thunderbird or Firefox and you want to use
certificates from one specific user profile, select the profile in <emph>Tools
- Options - Security - Certificate Path</emph>. Alternatively, you can set the
environment variable MOZILLA_CERTIFICATE_FOLDER to point to the folder
containing that profile.</paragraph>
- <list type="ordered">
- <listitem>
+<case select="UNIX">
+ <paragraph xml-lang="en-US" id="par_idN1071D" role="paragraph">If you are
using Linux, macOS or Solaris, you must install a recent version of Thunderbird
or Firefox. %PRODUCTNAME will then access their certificate storage.</paragraph>
+ <paragraph xml-lang="en-US" id="par_idN10720" role="tip">If you have
created different profiles in Thunderbird or Firefox and you want to use
certificates from one specific user profile, select the profile in <emph>Tools
- Options - Security - Certificate Path</emph>. Alternatively, you can set the
environment variable MOZILLA_CERTIFICATE_FOLDER to point to the folder
containing that profile.</paragraph>
+ <list type="ordered">
+ <listitem>
<paragraph xml-lang="en-US" id="par_id944242"
role="paragraph">Open your web browser’s preferences, select the
<emph>Advanced</emph> section, click on the <emph>Certificates</emph> tab, and
then choose <emph>View Certificates</emph>. The <emph>Certificate
Manager</emph> dialog will appear.</paragraph>
- </listitem>
- <listitem>
+ </listitem>
+ <listitem>
<paragraph xml-lang="en-US" id="par_id6452223"
role="paragraph">Import your new root certificate, then select and edit the
certificate. Enable the root certificate to be trusted at least for web and
email access. This ensures that the certificate can sign your documents. You
may edit any intermediate certificate in the same way, but it is not mandatory
for signing documents.</paragraph>
- </listitem>
- <listitem>
+ </listitem>
+ <listitem>
<paragraph xml-lang="en-US" id="par_id6486098"
role="paragraph">When you have edited the new certificates, restart
%PRODUCTNAME.</paragraph>
- </listitem>
- </list>
+ </listitem>
+ </list>
+</case>
+<default>
+ <paragraph role="paragraph" id="par_id921519766138177" xml-lang="en-US">On
Windows systems, %PRODUCTNAME will access the system certificate
storage.</paragraph>
+
+ <paragraph role="paragraph" id="par_id461519763996407"
xml-lang="en-US">Your digital signature private key will usually be generated
and securely stored by Windows as part of the signature-issuance ceremony.
Once the issuing Certificate Authority authority is satisfied that your
computer produced the private key and you have satisfied any other
identification requirements, the corresponding public key is signed by the
Certificate Authority. (For personal keys obtained over the Internet, the
private key is generated by your browser and it is not shared with the
Certificate Authority.)</paragraph>
+
+ <paragraph role="paragraph" id="par_id181519764008387" xml-lang="en-US">If
a private key is received by other means or you transfer it from another
computer, you can install it on your Windows PC by double-clicking on the
private key certificate and providing any required password. This private key
may be known to others (such as an organizational or governmental security
administation) depending on how it was issued to you.</paragraph>
+
+ <paragraph role="paragraph" id="par_id21519764016831"
xml-lang="en-US">Public keys of others that you use to verify documents signed
by them and to encrypt by digital signature for their eyes only tend to be
retained on your system by the software products that provide confirmation of
those signatures and that support encryption using public keys of others. In
some cases you will need to manage those public-key certificates
yourself.</paragraph>
+
+ <paragraph role="paragraph" id="par_id351519764024243"
xml-lang="en-US">The general management of public and private keys on your PC
will vary depending on the version of Windows you are operating. For more
information, use the "Help and Support" topic of your Windows version and
search for "digital signature".</paragraph>
</default>
</switch>
<paragraph xml-lang="en-US" id="par_idN10681" role="heading" level="2">Signing
a document</paragraph>
@@ -74,7 +81,7 @@
<paragraph xml-lang="en-US" id="par_idN106C0" role="paragraph">You
see again the Digital Signatures dialog, where you can add more certificates if
you want. Click OK to add the public key to the saved file.</paragraph>
</listitem>
</list>
- <paragraph xml-lang="en-US" id="par_idN106C3" role="paragraph">A signed
document shows an icon
+ <paragraph xml-lang="en-US" id="par_idN106C3" role="paragraph">A signed
document shows an icon
<image id="img_id262764" src="xmlsecurity/res/certificate_16.png"
width="0.2228in" height="0.2228in"><alt xml-lang="en-US"
id="alt_id262764">Icon</alt>
</image> in the status bar. You can double-click the icon in the status
bar to view the certificate.</paragraph>
<paragraph xml-lang="en-US" id="par_id2008200911381426"
role="paragraph">The result of the signature validation is displayed in the
status bar and within the Digital Signature dialog. Several documents and macro
signatures can exist inside an ODF document. If there is a problem with one
signature, then the validation result of that one signature is assumed for all
signatures. That is, if there are ten valid signatures and one invalid
signature, then the status bar and the status field in the dialog will flag the
signature as invalid.</paragraph>
@@ -88,7 +95,7 @@
<paragraph xml-lang="en-US" id="par_idN106F2"
role="paragraph">Apply the signature as described above for
documents.</paragraph>
</listitem>
</list>
- <paragraph xml-lang="en-US" id="par_idN106F5" role="paragraph">When you
open the Basic IDE that contains signed macros, you see an icon
+ <paragraph xml-lang="en-US" id="par_idN106F5" role="paragraph">When you
open the Basic IDE that contains signed macros, you see an icon
<image id="img_id9252296" src="xmlsecurity/res/certificate_16.png"
width="0.2228in" height="0.2228in"><alt xml-lang="en-US"
id="alt_id9252296">Icon</alt>
</image> in the status bar. You can double-click the icon in the status
bar to view the certificate.</paragraph><comment>WebDAV see issue
32935</comment><comment>main dialog IDs are here to lead the user initially to
this help page</comment><comment>Examine certificate button</comment>
<!-- removed HID 1311740419 -->
_______________________________________________
Libreoffice-commits mailing list
libreoffice-comm...@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice-commits
