On 4/15/2014 9:30 PM, Potvin, Chet wrote:
> Thank you for your response. I believe I understand iText’s position
> on this matter. Just to make sure that I understand you correctly,
> iText utilizes the OpenSSL library for encrypting and signing PDF
> documents on the client-side.
iText utilize
Mr. Lowagie,
Thank you for your response. I believe I understand iText's position on this
matter. Just to make sure that I understand you correctly, iText utilizes the
OpenSSL library for encrypting and signing PDF documents on the client-side.
The Heartbleed vulnerability only relates to se
On 4/9/2014 2:08 PM, iText mailing list wrote:
> Public/private keys are also used in the context of SSL, but I fail to
> see why iText would be affected by an OpenSSL problem. Maybe you can
> explain, but I can't.
In other words: the question should not be about iText. The question
should be:
On 4/9/2014 12:55 PM, Potvin, Chet wrote:
> iText has OpenSSL capabilities.
Why would a PDF generation library need OpenSSL functionality?
Sure, we use encryption for:
- encrypting PDFs,
- either using passwords (owner password and optionally a user password),
- or using a certificate
- sig
