Re: [libreoffice-users] Re: Question about signed documents
On 01/08/2019 13:28, Michael Jeltsch wrote: > > It is even more sad that even the method using self-signed certificates it > is broken in LibreOffice (at least in a frequently used scenario: > preinstalled LibreOffice under Ubuntu 18.04). Any GPG keys (or other certs) > that are available on the system are not accessible when invoking the > signing task from within LibreOffice. Under Ubuntu 18.04, LibreOffice > invokes the Seahorse key manager, which starts but never gets populated with > the available keys/certs (and also new key generation is dysfunctional in > this somehow isolated environment). > > I am still trying to sign a single document with LibreOffice. Any help? > Where can I change how OpenOffice invokes Seahorse (or for that matter any > other certificate manager? The fact that this functionality is broken shows > how few people really do sign their documents. I guess in the corporate > setting, this is done more frequently, but NOT with LibreOffice. Sad, but > true. I was intrigued by your remarks above because a couple of years' or so ago I had to sign a lot of documents and I used a CAcert certificate which I had imported into Thunderbird and Firefox. LO Writer had no difficulty using my certificate from the Firefox or Thunderbird certificate store. That must have been on UbuntuStudio 1404 or even 1604. Now I'm on 1804 with LO 6.0.7.3 and I just checked. It offers to sign my doc but only with an old certificate which expired in June this year. My new cert is in both Firefox and Thunderbird but LO appears unable to find it. When I click on the Start Certificate Manager button in the LO dialogue box, it informs me that it couldn't find any certificate manager. The LO Help files still instruct to use the Firefox and Thunderbird cert stores but some change has evidently been introduced. And yet again the help files seem out of date. Philip -- To unsubscribe e-mail to: users+unsubscr...@global.libreoffice.org Problems? https://www.libreoffice.org/get-help/mailing-lists/how-to-unsubscribe/ Posting guidelines + more: https://wiki.documentfoundation.org/Netiquette List archive: https://listarchives.libreoffice.org/global/users/ Privacy Policy: https://www.documentfoundation.org/privacy
Re: [libreoffice-users] Re: Question about signed documents
On 2019-08-01 07:28 AM, Michael Jeltsch wrote: > Document signing in LibreOffice revisited: What is absent from this > conversation is the fact that one needs a certificate that is anchored to a > well-known certificate authority in order for a random other person to > verify the signature. And such certificate does not come automatically with > a LibreOffice install. In fact, to my best knowledge, there are no free > certificate providers anymore that are generally trusted. I use cacert.org. It's still free. I have signed this message. I also sent it to you direct, in case the list blocks it. -- To unsubscribe e-mail to: users+unsubscr...@global.libreoffice.org Problems? https://www.libreoffice.org/get-help/mailing-lists/how-to-unsubscribe/ Posting guidelines + more: https://wiki.documentfoundation.org/Netiquette List archive: https://listarchives.libreoffice.org/global/users/ Privacy Policy: https://www.documentfoundation.org/privacy
[libreoffice-users] Re: Question about signed documents
Document signing in LibreOffice revisited: What is absent from this conversation is the fact that one needs a certificate that is anchored to a well-known certificate authority in order for a random other person to verify the signature. And such certificate does not come automatically with a LibreOffice install. In fact, to my best knowledge, there are no free certificate providers anymore that are generally trusted. E.g. when you want to sign a PDF document (e.g. with LibreOffice Draw), the receiving end typically will use Adobe Acrobat Reader to verify the signature. The only libre work-around is to generate a self-signed certificate, then convince your receiving party to get the certificate via an independent, secure way of transmission and then have them install this self-signed certificate into their computer. Good luck with that. The only way I know of to get a (free as in beer) signature with a generally accepted certificate is HelloSign (their free plan allows for signing of 3 documents per month). Besides that, it is technically possible to convert e.g. a free Let's encrypt cert for document signing, but since Let's encrypt is not designed for document signing, these certs are not part of e.g. the cert list trusted by Adobe. It is even more sad that even the method using self-signed certificates it is broken in LibreOffice (at least in a frequently used scenario: preinstalled LibreOffice under Ubuntu 18.04). Any GPG keys (or other certs) that are available on the system are not accessible when invoking the signing task from within LibreOffice. Under Ubuntu 18.04, LibreOffice invokes the Seahorse key manager, which starts but never gets populated with the available keys/certs (and also new key generation is dysfunctional in this somehow isolated environment). I am still trying to sign a single document with LibreOffice. Any help? Where can I change how OpenOffice invokes Seahorse (or for that matter any other certificate manager? The fact that this functionality is broken shows how few people really do sign their documents. I guess in the corporate setting, this is done more frequently, but NOT with LibreOffice. Sad, but true. -- Sent from: http://document-foundation-mail-archive.969070.n3.nabble.com/Users-f1639498.html -- To unsubscribe e-mail to: users+unsubscr...@global.libreoffice.org Problems? https://www.libreoffice.org/get-help/mailing-lists/how-to-unsubscribe/ Posting guidelines + more: https://wiki.documentfoundation.org/Netiquette List archive: https://listarchives.libreoffice.org/global/users/ Privacy Policy: https://www.documentfoundation.org/privacy