Terence, I've been through this with a number of security researchers. There is no way short of a full public key system (and probably not even then) to more strongly protect a document that's in a documented format displayed via open-source software. What I looked for was a way to protect the document, assuming only minor changes to the viewer or the document itself by an attacker. You can of course always write a version of the viewer (or just a re-distiller) that applies any degree of crypto strength you'd like to crack the document. This approach has the additional virtues of not adding any significant amount of crypto code to the viewer, and of being invisible to the user.
This should probably go in the FAQ. This of this more as a white picket fence marking the boundaries of a property... Bill
