On Apr 23, 2010, at 11:38 , Ludovic Rousseau wrote: > 2010/4/21 Andreas Jellinghaus <a...@dungeon.inka.de>: >> well, if the token is a smart phone, it can display the pdf and show >> it to me, before I agree to sign it. thats my whole point: smart >> cards/ usb crypto tokens, even with pinpad readers, have this problem >> of not being able to display a pdf before I sign it. a simple nice >> personal, trusted device with a real screen and input system and >> security system build in could do that on the other hand. >> wait! I already have something like that, my mobile phone ... > > A PDF document is not static but dynamic. The same document can be > displayed differently depending on external input (time for example). > So you may sign a PDF document displaying 100€ on your phone but the > bank will see the same document displaying 10,000€. > > A PDF document is NOT static as an image. See a presentation at a > security conference [1]. The article and presentation is in French > sorry. The paper was previously presented at an English conference [2] > but I can't find the English article online. Most of the PDF attacks AFAIK make use of stuff in PDF that should not be there. Like JavaScript or .exe-s :)
I'm not 100% sure but the PDF format that is used for long-term archival, PDF/A [1], should not have at least some of the problems. [1] http://en.wikipedia.org/wiki/PDF/A -- Martin Paljak http://martin.paljak.pri.ee +3725156495 _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
