Home » Adobe Manuals » Computer Software » Adobe 22002484 » Manual Viewer

Adobe 22002484 Security Guide - Page 116

Request Contact, Importing Adobe LiveCycle Rights Management Server Settings

View all Adobe 22002484 manuals

Add to My Manuals
Save this manual to your list of manuals

Page 116 highlights

Acrobat Family of Products Security Feature User Guide Migrating and Sharing Security Settings Sharing Settings & Certificates with FDF 116 required application is used to open these files via a browser or file explorer. Acrobat provides the following FDF features:  Import and export of digital ID certificates.  Import and export of server settings for an Adobe LiveCycle Rights Management Server, LDAP directory servers, roaming credential servers, and timestamp servers.  Creation by a user (through the application) or by a server programmatically.  Sharing via networked directories or as email attachments. Whether the file is located on a network or emailed, FDF file recipients simply double click on a FDF file to import its data automatically via the FDF import wizard, thereby eliminating the need for error prone, manual configuration. FDF files provide individuals and businesses with many opportunities for streamlining workflows. For example:  Alice wants to email her certificate to Bob and wants Bob to reply with his certificate. Alice chooses Request Contact in the Trusted Identity Manager. The workflow generates and emails an FDF file that can contain her certificate, a request for Bob's certificate, and Alice's return email address.  Alice needs to encrypt documents for a number of people in her organization. An administrator sends her an FDF file that contains a large group of contacts. When Alice opens the FDF file, she is walked through the FDF Data Exchange UI wizard so that she can import these contacts into her Trusted Identities list.  A server wants a copy of Bob's certificate so that the server can encrypt documents for Bob. The server generates an FDF file that contains a certificate request and a return URL address. When Bob downloads the FDF file from the server, he is walked through the FDF Data Exchange UI wizard where he can respond by allowing his certificate to be returned.  A company needs to distribute its trusted certificate to customers so that they can verify that the company's documents are authentic. A server or administrator creates an FDF file that contains the trusted certificate and posts it on a Web server that hosts a Web page with a link to the file. When customers download the file, they are asked whether they wish to add this certificate to the Trusted Identity list and are given the ability to set the certificate's trust level. For more information, refer to the following:  FDF Files and Security  Importing Application Settings with FDF Files  "Responding to an Email Request for a Digital ID" on page 127  "Importing Someone's Certificate" on page 129  "Importing Multiple Certificates" on page 130  "Importing Timestamp Server Settings" on page 132  "Importing Directory Server Settings" on page 134  "Importing Adobe LiveCycle Rights Management Server Settings" on page 135  "Importing Roaming ID Account Settings" on page 136  "Importing a Trust Anchor and Setting Trust" on page 138  Exporting Application Settings with FDF Files  "Distributing a Trust Anchor or Trust Root" on page 118  "Setting the Certificate Trust Level" on page 121

Section	Page
Getting Started	7
1.1 What’s in this Guide?	7
1.2 Who Should Read This Guide?	7
1.3 How Should You Use This Guide?	8
1.4 Roadmap to Security Documentation	8
Getting and Using Your Digital ID	10
2.1 Digital ID Basics	10
2.1.1 What is a Digital ID?	10
2.1.2 Digital ID Storage Mechanisms	11
2.1.3 Registering a Digital ID for Use in Acrobat	12
2.1.4 Digital ID Management and the Security Settings Console	13
2.1.5 Setting Identity Information	13
2.2 Generic ID Operations	14
2.2.1 Specifying Digital ID Usage	14
2.2.2 Sharing (Exporting) a Digital ID Certificate	15
2.2.3 Viewing All of Your Digital IDs	15
2.2.4 Customizing a Digital ID Name	16
2.2.5 Viewing Digital ID Certificates in the Certificate Viewer	16
2.3 Managing PKCS#12 Digital ID Files	17
2.3.1 Logging in to a Digital ID File	18
2.3.2 Finding an Existing Digital ID in a PKCS#12 File	18
2.3.3 Adding and Removing Digital ID Files from the File List	19
2.3.4 Changing an ID File’s Password	19
2.3.5 Changing a PKCS#12 File’s Password Timeout	20
2.3.6 Logging in to PKCS#12 Files	21
2.3.7 Creating a Self-Signed Digital ID	21
2.3.8 Deleting a PKCS#12 Digital ID	24
2.4 Managing Windows Digital IDs	25
2.4.1 Finding a Digital ID in a Windows Certificate Store File	25
2.4.2 Deleting a Digital ID from the Windows Certificate Store	25
2.5 Managing Roaming ID Accounts and IDs	25
2.5.1 Adding a Roaming ID Account to Get a Roaming ID	26
2.5.2 Logging in to a Roaming ID Account	26
2.6 Managing IDs Accessible via PKCS#11 Devices	27
2.6.1 Adding an ID that Resides on External Hardware	27
2.6.2 Changing Passwords	28
2.6.3 Logging in to a Device	29
Managing Certificate Trust and Trusted Identities	30
3.1 What is a Trusted Identity?	30
3.2 Adding Someone to Your Trusted Identity List	32
3.2.1 Adding a Certificate From a Signature	32
3.2.2 Requesting a Digital ID via Email	33
3.2.3 Importing a Certificate From a File	33
3.2.4 Searching for Digital ID Certificates	34
3.3 Certificate Trust Settings	36
3.3.1 Setting Certificate Trust	37
3.3.2 Setting Certificate Policy Restrictions	39
3.3.3 Using Certificates for Certificate Security (Encryption)	40
3.4 Using Directory Servers to Add Trusted Identities	40
3.4.1 Manually Configuring a Directory Server	41
3.4.2 Editing Directory Servers Details	42
3.4.3 Deleting a Directory Server	42
3.4.4 Specifying a Default Directory Server	43
3.4.5 Importing and Exporting Directory Server Settings	43
3.5 Managing Contacts	43
3.5.1 Viewing and Editing Contact Details	43
3.5.2 Emailing Certificate or Contact Data	44
3.5.3 Saving Certificate or Contact Details to a File	44
3.5.4 Associating a Certificate with a Contact	45
3.5.5 Changing a Trusted Identity’s Certificate Association	45
3.5.6 Deleting Contacts and Certificates	46
Document Security Basics	48
4.1 Security Method Basics	48
4.1.1 Choosing a Security Method Type	49
4.1.2 Security Policies	50
4.1.3 Security Methods and Encryption	50
4.1.3.1 Encryption Workflow	50
4.1.3.2 Choosing What to Encrypt	51
4.1.3.3 Choosing an Algorithm	51
4.1.4 Security Methods and Permissions	52
4.1.4.1 Permissions Workflow	53
4.1.4.2 Permissions Options	53
4.1.5 Associating Batch Processing with a Security Method	54
4.2 Changing and Viewing Security Settings	55
4.2.1 Viewing Document Encryption and Permission Settings	55
4.2.2 Viewing Document Restrictions	56
4.2.3 Viewing Security Settings in a Browser	57
4.2.4 Changing the Security Method Type	57
4.2.5 Editing Security Method Settings	58
4.2.6 Removing Document Security	58
4.3 Security Policies: Reusable Security Settings	59
4.3.1 Creating Security Policies with Policy Manager	60
4.3.2 Applying a Security Policy to a Document	60
4.3.3 Viewing a Security Policy	61
4.3.4 Copying a Security Policy	61
4.3.5 Editing a Security Policy	61
4.3.6 Making a Security Policy Favorite	62
4.3.7 Refreshing the Security Policy List	62
4.3.8 Deleting a Security Policy	62
4.4 Envelopes	63
Password Security	65
5.1 Creating Password Security Settings	66
5.1.1 Creating a Reusable Password Security Policy	66
5.1.2 Creating Password Security for One-Time Use	69
5.2 Opening a Password-Protected Document	72
5.3 Removing Password Security	72
5.4 Changing Document Collection Passwords	72
5.5 Password Recovery	73
Certificate Security	74
6.1 Setting up the Certificate Security Environment	75
6.1.1 Accessing the Windows Certificate Store	75
6.1.2 Selecting a Certificate to Use for Encryption	76
6.2 Working with Groups of Contacts	77
6.2.1 Creating a Group	77
6.2.2 Adding or Removing Group Contacts	77
6.2.3 Deleting a Group	78
6.3 Creating Certificate Security Settings	78
6.3.1 Creating a Reusable Certificate Security Policy	78
6.3.2 Creating Certificate Security for the Current Document	82
6.3.3 Applying a Certificate Security Policy	87
6.3.4 Applying a Certificate Security to a Group	87
6.3.5 Opening a Certificate-Protected Document	88
LiveCycle Rights Management Server Security	90
7.1 Configuring Servers	90
7.1.1 Importing ALCRMS Settings from an FDF file	91
7.1.2 Importing ALCRMS Settings with a Security Settings Import	91
7.1.3 Configuring ALCRMS Settings Manually	91
7.1.4 Managing your ALCRMS Account	92
7.2 Working with Documents and ALCRMS Policies	92
7.2.1 Creating an ALCRMS Security Policy	92
7.2.2 Applying ALCRMS Security	93
7.2.3 Refreshing the Security Policy List	93
7.2.4 Synchronizing a Document for Offline Use	94
7.2.5 Revoking a Document	94
7.2.6 View a Document’s Audit History	94
External Content and Document Security	95
8.1 Enhanced Security	95
8.1.1 Enabling Enhanced Security	96
8.1.2 Changes in FDF Behavior	97
8.1.3 Interaction with Trust Manager	98
8.1.4 Make Privileged Folder Locations Recursive	98
8.2 Controlling Multimedia	98
8.2.1 Configuring Multimedia Trust Preferences	99
8.2.2 Controlling Multimedia in Certified Documents	100
8.3 Setting JavaScript Options	101
8.3.1 High Privilege JavaScript Defined	101
8.3.2 Javascript and Certified Documents	102
8.4 Adobe Trusted Identity Updates	103
8.5 Working with Attachments	103
8.5.1 Default Behavior: Black and White Lists	103
8.5.2 Adding Files to the Black and White Lists	107
8.5.3 Resetting the Black and White Lists	108
8.5.4 Allowing Attachments to Launch Applications	108
8.6 Controlling Access to Referenced Files and XObjects	109
8.7 Internet URL Access	109
8.7.1 Turning Internet Access Off and On	110
8.7.2 Allowing and Blocking Specific Web Sites	111
Migrating and Sharing Security Settings	112
9.1 Security Setting Import and Export	112
9.1.1 Exporting Security Settings to a File	112
9.1.2 Importing Security Settings from a File	113
9.1.3 Importing Security Settings from a Server	115
9.2 Sharing Settings & Certificates with FDF	115
9.2.1 FDF Files and Security	117
9.2.2 Exporting Application Settings with FDF Files	118
9.2.2.1 Distributing a Trust Anchor or Trust Root	118
9.2.2.2 Setting the Certificate Trust Level	121
9.2.2.3 Exporting Your Certificate	121
9.2.2.4 Emailing Your Certificate	122
9.2.2.5 Saving Your Digital ID Certificate to a File	123
9.2.2.6 Requesting a Certificate via Email	124
9.2.2.7 Emailing Server Details	125
9.2.2.8 Exporting Server Details	126
9.2.3 Importing Application Settings with FDF Files	127
9.2.3.1 Responding to an Email Request for a Digital ID	127
9.2.3.2 Importing Someone’s Certificate	129
9.2.3.3 Importing Multiple Certificates	130
9.2.3.4 Importing Timestamp Server Settings	132
9.2.3.5 Importing Directory Server Settings	134
9.2.3.6 Importing Adobe LiveCycle Rights Management Server Settings	135
9.2.3.7 Importing Roaming ID Account Settings	136
9.2.3.8 Importing a Trust Anchor and Setting Trust	138
Glossary of Security Terms	141

Match case Limit results 1 per page

Acrobat Family of Products

Migrating and Sharing Security Settings

Security Feature User Guide

Sharing Settings & Certificates with FDF

116

required application is used to open these files via a browser or file explorer. Acrobat provides the

following FDF features:



Import and export of digital ID certificates.



Import and export of server settings for an Adobe LiveCycle Rights Management Server, LDAP

directory servers, roaming credential servers, and timestamp servers.



Creation by a user (through the application) or by a server programmatically.



Sharing via networked directories or as email attachments.

Whether the file is located on a network or emailed, FDF file recipients simply double click on a FDF file to

import its data automatically via the FDF import wizard, thereby eliminating the need for error prone,

manual configuration.

FDF files provide individuals and businesses with many opportunities for streamlining workflows. For

example:



Alice wants to email her certificate to Bob and wants Bob to reply with his certificate. Alice chooses

Request Contact

in the Trusted Identity Manager. The workflow generates and emails an FDF file that

can contain her certificate, a request for Bob’s certificate, and Alice’s return email address.



Alice needs to encrypt documents for a number of people in her organization. An administrator sends

her an FDF file that contains a large group of contacts. When Alice opens the FDF file, she is walked

through the FDF Data Exchange UI wizard so that she can import these contacts into her Trusted

Identities list.



A server wants a copy of Bob’s certificate so that the server can encrypt documents for Bob. The server

generates an FDF file that contains a certificate request and a return URL address. When Bob

downloads the FDF file from the server, he is walked through the FDF Data Exchange UI wizard where

he can respond by allowing his certificate to be returned.



A company needs to distribute its trusted certificate to customers so that they can verify that the

company’s documents are authentic. A server or administrator creates an FDF file that contains the

trusted certificate and posts it on a Web server that hosts a Web page with a link to the file. When

customers download the file, they are asked whether they wish to add this certificate to the Trusted

Identity list and are given the ability to set the certificate’s trust level.

For more information, refer to the following:



FDF Files and Security



Importing Application Settings with FDF Files



“Responding to an Email Request for a Digital ID” on page 127



“Importing Someone’s Certificate” on page 129



“Importing Multiple Certificates” on page 130



“Importing Timestamp Server Settings” on page 132



“Importing Directory Server Settings” on page 134



“Importing Adobe LiveCycle Rights Management Server Settings” on page 135



“Importing Roaming ID Account Settings” on page 136



“Importing a Trust Anchor and Setting Trust” on page 138



Exporting Application Settings with FDF Files



“Distributing a Trust Anchor or Trust Root” on page 118



“Setting the Certificate Trust Level” on page 121