Adobe 22002486 Digital Signature User Guide

Adobe 22002486 Manual

Get Adobe 22002486 PDF manuals and user guides View all Adobe 22002486 manuals
Add to My Manuals
Save this manual to your list of manuals

Adobe 22002486 manual content summary:

  • Adobe 22002486 | Digital Signature User Guide - Page 1
    bc PDF Creation Date: November 17, 2008 Digital Signature User Guide for Acrobat 9.0 and Adobe Reader 9.0 Acrobat® and Adobe® Reader® Version 9.0
  • Adobe 22002486 | Digital Signature User Guide - Page 2
    Systems Incorporated. All rights reserved. Digital Signature User Guide for Adobe® Acrobat 9.0 and Adobe® Reader 9.0 on Windows® and Macintosh®. If this guide is distributed with software that includes an end user agreement, this guide, as well as the software described in it, is furnished under
  • Adobe 22002486 | Digital Signature User Guide - Page 3
    How Should You Use This Guide? ...9 1.4 Roadmap to Other Security Documentation 9 2 Getting and Using Your Digital ID 11 2.1 Digital ID Basics...11 2.1.1 What is a Digital ID? ...11 2.1.2 Digital ID Storage Mechanisms ...12 2.1.3 Registering a Digital ID for Use in Acrobat...13 2.1.4 Digital ID
  • Adobe 22002486 | Digital Signature User Guide - Page 4
    Acrobat 9 Family of Products Security Feature User Guide 4 3.4.1 Using Certificates for Certificate Security (Encryption 38 3.5 Using Directory Servers to Add Trusted Identities 38 3.5.1 Manually Configuring a Directory Server...39 3.5.2 Editing Directory Servers Details ...40 3.5.3 Deleting a
  • Adobe 22002486 | Digital Signature User Guide - Page 5
    Acrobat 9 Family of Products Security Feature User Guide 5 5.1.2 Supported Seed Values ...69 5.1.3 Enabling JavaScript to Set Seed Values...70 5.2 Validating Signatures Manually 106 7.3.1 Validating Signatures with Adobe Reader ...106 7.3.2 Validating a Single Signature in Acrobat ...106 7.3.3
  • Adobe 22002486 | Digital Signature User Guide - Page 6
    Acrobat 9 Family of Products Security Feature User Guide 6 File 120 7.5.2 Troubleshooting a Document Integrity Problem 120 7.5.2.1 Validation (View Signed Version 127 8.3 PDF Signature Reports ...127 8.4 Signature Report and Certified Documents...139 9.4 Adobe Trusted Identity Updates 140 9.5
  • Adobe 22002486 | Digital Signature User Guide - Page 7
    Acrobat 9 Family of Products Security Feature User Guide 7 9.7.2 Allowing and Blocking Specific Web Sites ...147 10 Migrating 169 10.2.3.5 Importing Directory Server Settings ...171 10.2.3.6 Importing Adobe LiveCycle Rights Management Server Settings 172 10.2.3.7 Importing Roaming ID Account
  • Adobe 22002486 | Digital Signature User Guide - Page 8
    and use the application user interface. Because system administrators may be responsible for deploying and supporting the Adobe Acrobat family of products (including Adobe Reader) in digital signature workflows, leverage this guide to help your clients use the product correctly and effectively. This
  • Adobe 22002486 | Digital Signature User Guide - Page 9
    Acrobat 9 Family of Products Security Feature User Guide Getting Started How Should You Use This Guide? 9 1.3 How Should You Use This Guide instructions reader PDF documents. They read specifications and API documents to figure out how to solve real-world enterprise problems without requiring manual
  • Adobe 22002486 | Digital Signature User Guide - Page 10
    & end users Acrobat and Adobe Reader Document Security User Guide Adobe Administrators & end users Acrobat and Adobe Reader For information about A guide to the documentation in the Adobe Acrobat SDK. A description of the APIs for Acrobat and Adobe Reader® plug-ins, as well as for PDF Library
  • Adobe 22002486 | Digital Signature User Guide - Page 11
    with one key can only be decrypted by the other corresponding key. When you sign PDF documents, you use the private key to apply your digital signature. You distribute the certificate on a signing server (for roaming IDs). Acrobat applications can access digital IDs from any of these locations. 11
  • Adobe 22002486 | Digital Signature User Guide - Page 12
    Acrobat 9 Family of Products Security Feature User Guide via digital ID service providers (sometimes called Cryptographic Service Providers or CSPs). A service provider is simply by Adobe applications and other Windows applications and the Acrobat store which is used only by the Acrobat family
  • Adobe 22002486 | Digital Signature User Guide - Page 13
    Guide Getting and Using Your Digital ID Registering a Digital ID for Use in Acrobat acrobat security PKCS#12: .pfx (Win), . p12 (Mac) .fdf PKCS#7: .p7b, .p7c .cer Description 5.x An XML format encapsulated in a PDF Adobe Profile Files (Legacy): Not used after Acrobat (Acrobat) or Document (Reader)
  • Adobe 22002486 | Digital Signature User Guide - Page 14
    Management and the Security Settings Console The Security Settings Console enables users to manage their own digital IDs. Choosing Advanced (Acrobat) or Document (Reader) > Security Settings opens a dialog for adding, removing, and setting the usage preferences for digital IDs stored on .pfx files
  • Adobe 22002486 | Digital Signature User Guide - Page 15
    User Guide Getting and Using Your Digital ID Generic ID Operations 15 1. Choose one of the following.  Acrobat (Windows): Edit > Preferences > Identity  Acrobat (Macintosh): Acrobat > Preferences > Identity  Adobe Reader (Windows): Edit > Preferences > Identity  Adobe Reader (Macintosh): Adobe
  • Adobe 22002486 | Digital Signature User Guide - Page 16
    Acrobat 9 Family of Products Security Feature User Guide Getting and Using Your Digital ID ID becomes the new "default." To select a default digital ID file: 1. Choose Advanced (Acrobat) or Document (Reader) > Security Settings. 2. Select Digital IDs in the left-hand tree (Figure 2.2.1). 3.
  • Adobe 22002486 | Digital Signature User Guide - Page 17
    Acrobat 9 Family of Products Security Feature User Guide Getting and Using Your Digital ID Customizing a you are asked to select an ID. To provide a friendly name: 1. Choose Advanced (Acrobat) or Document (Reader) > Security Settings. 2. Select Digital IDs in the left-hand tree (Figure 4). 3.
  • Adobe 22002486 | Digital Signature User Guide - Page 18
    Acrobat 9 Family of Products Security Feature User Guide Getting and Using Your Digital ID Viewing Digital ID whether a revocation check occurred and the result. Allows users to initiate a manual check and analyze problems.  Trust tab: Displays the certificate's trust level. If it does not
  • Adobe 22002486 | Digital Signature User Guide - Page 19
    Acrobat 9 Family of Products Security Feature User Guide 2.3 Managing PKCS#12 Digital ID Files PKCS#12 digital In enterprise settings, you may be instructed by your administrator to get a digital ID from a specific location or to customize Acrobat or Adobe Reader to work with software supplied by
  • Adobe 22002486 | Digital Signature User Guide - Page 20
    Acrobat 9 Family of Products Security Feature User Guide Getting and Using Your Digital ID and choose Finish. 2.3.3 Adding and Removing Digital ID Files from the File List Adobe Acrobat and Adobe Reader only allow deletion of user-created self-signed digital IDs created with those applications.
  • Adobe 22002486 | Digital Signature User Guide - Page 21
    Acrobat 9 Family of Products Security Feature User Guide Getting and Using Your Digital ID Changing a PKCS# Timeout options are disabled. To change the password timeout: 1. Choose Advanced (Acrobat) or Document (Reader) > Security Settings. 2. Highlight Digital ID Files in the left-hand tree
  • Adobe 22002486 | Digital Signature User Guide - Page 22
    Acrobat 9 Family of Products Security Feature User Guide Figure 11 Digital ID files: Timeout settings automatically and bypass normal user interface actions, do the following: 1. Choose Advanced (Acrobat) or Document (Reader) > Security Settings. 2. Select Digital ID Files in the left-hand tree (
  • Adobe 22002486 | Digital Signature User Guide - Page 23
    Acrobat 9 Family of Products Security Feature User Guide and always password protected. This common format is supported by most security software applications, including web browsers. is C:\Documents and Settings\ \Application Data\Adobe\\\Security\ .  Windows
  • Adobe 22002486 | Digital Signature User Guide - Page 24
    Guide Figure 13 Digital ID: Configuration Getting and Using Your Digital ID Creating a Self-Signed Digital ID 24 6. Configure the digital ID. The dialog is prepopulated if the Identity preferences have been previously configured: Tip: If you use non-Roman characters, choose Enable Unicode Support
  • Adobe 22002486 | Digital Signature User Guide - Page 25
    9 Family of Products Security Feature User Guide Figure 14 Digital ID: PKCS#12 location and password Getting and Using Your Digital ID Deleting a PKCS#12 Digital ID 25 2.3.8 Deleting a PKCS#12 Digital ID Adobe Acrobat and Adobe Reader only allow deletion of user-created, self-signed digital
  • Adobe 22002486 | Digital Signature User Guide - Page 26
    Guide Getting and Using Your Digital ID Managing Windows Digital IDs 26 2.4 Managing Windows Digital IDs For the Acrobat family of products, a "Windows digital ID" is an ID that resides in the Windows certificate store rather than the Acrobat store. Windows supports as Acrobat and Adobe Reader.
  • Adobe 22002486 | Digital Signature User Guide - Page 27
    provide detailed instructions. However, the steps below may be used as a general guide. IDs into a smart card reader or the token is inserted directly into an USB port. Adobe products can be configured external hardware: 1. Choose Advanced (Acrobat) or Document (Reader) > Security Settings. 2. Expand
  • Adobe 22002486 | Digital Signature User Guide - Page 28
    Acrobat 9 Family of Products Security Feature User Guide Getting and Using Your Digital ID Changing Passwords 28 2.5.2 Changing Passwords A card or token may contain or PINs may or may not be required. The login interface may be provided by the Adobe application or by the device supplier.
  • Adobe 22002486 | Digital Signature User Guide - Page 29
    9 Family of Products Security Feature User Guide Getting and Using Your Digital ID Logging in to a Device 29 To log in to a device: 1. Choose Advanced (Acrobat) or Document (Reader) > Security Settings. 2. Expand the tree under PKCS#11 Modules and Tokens. 3. Highlight any module. 4. A card or
  • Adobe 22002486 | Digital Signature User Guide - Page 30
    are set can help you set up streamlined workflows and troubleshoot problems. For example, you can add trusted identities ahead of is complex, and it may mean different things in different contexts. In Acrobat security workflows, trust can mean the following:  Trusting participants in your
  • Adobe 22002486 | Digital Signature User Guide - Page 31
    Acrobat 9 Family of Products Security Feature User Guide Managing Certificate Trust and Trusted Identities What is a Trusted Extract the data from an FDF file. Double-clicking on an FDF file causes Acrobat to automatically import the information.  Search a server directory. Users can add directory
  • Adobe 22002486 | Digital Signature User Guide - Page 32
    Acrobat 9 Family of Products Security Feature User Guide Managing Certificate Trust and Trusted Identities action. Users manage contacts, groups, and certificates by choosing Advanced (Acrobat) or Document (Reader) > Manage Trusted Identities and opening the Trusted Identities Manager. Figure
  • Adobe 22002486 | Digital Signature User Guide - Page 33
    Acrobat 9 Family of Products Security Feature User Guide Managing Certificate Trust and Trusted Identities Requesting a From a File Acrobat and Adobe Reader are can export certificates to a file so that they can be shared as needed. To import certificates, follow the instructions described in "
  • Adobe 22002486 | Digital Signature User Guide - Page 34
    Acrobat 9 Family of Products Security Feature User Guide Managing Certificate Trust and Trusted Identities is populated through three mechanisms:  The default server settings that ship with Adobe Acrobat and Adobe Reader.  The Windows Certificate Store if the user has turned on this option
  • Adobe 22002486 | Digital Signature User Guide - Page 35
    Acrobat 9 Family of Products Security Feature User Guide 6. Select a name from the search results. 7. Choose OK. 8. If the desired entries are found, choose Import. 9. Choose OK when the confirmation dialog appears. Figure 26
  • Adobe 22002486 | Digital Signature User Guide - Page 36
    Acrobat 9 Family of Products Security Feature User Guide Figure 27 Untrusted signature Managing Certificate the following:  If you already have the certificate: 1. Choose Advanced (Acrobat) or Document (Adobe Reader) > Manage Trusted Identities. 2. Choose Certificates in the Display drop down list
  • Adobe 22002486 | Digital Signature User Guide - Page 37
    Acrobat 9 Family of Products Security Feature User Guide Managing Certificate Trust and Trusted Identities Certificate Trust Settings 37 1. Right click and choose Signature Properties. 2. Choose Show Certificate. 3. Select the Trust tab. 4. Choose Add
  • Adobe 22002486 | Digital Signature User Guide - Page 38
    certificate. For details, see "Certificate Security" in the Document Security User Guide. 3.5 Using Directory Servers to Add Trusted Identities Businesses often use a centrally expand your list of trusted identities. Both Adobe Acrobat and Adobe Reader for Windows ship with default servers:
  • Adobe 22002486 | Digital Signature User Guide - Page 39
    Acrobat 9 Family of Products Security Feature User Guide Managing Certificate Trust and Trusted Identities Manually Configuring a Directory Server 39  Versions 7.x:  VeriSign Internet Directory Service  GeoTrust Directory Service  IDtree Directory Service  Version 8.x and 9x:  VeriSign
  • Adobe 22002486 | Digital Signature User Guide - Page 40
    Acrobat 9 Family of Products Security Feature User Guide Managing Certificate Trust and Trusted Identities Editing Directory at any time. To edit directory server information: 1. Choose Advanced (Acrobat) or Document (Reader) > Security Settings. 2. Select Directory Servers in the left-hand list
  • Adobe 22002486 | Digital Signature User Guide - Page 41
    User Guide Managing Certificate Trust and Trusted Identities Deleting a Directory Server 41 3.5.3 Deleting a Directory Server Previously configured directory servers can be removed from the server list at any time. To delete a directory server: 1. Choose Advanced (Acrobat) or Document (Reader
  • Adobe 22002486 | Digital Signature User Guide - Page 42
    Acrobat 9 Family of Products Security Feature User Guide Managing Certificate Trust and Trusted Identities in the Trusted Identity Manager. To change a contact's details: 1. Choose Advanced (Acrobat) or Document (Reader) > Manage Trusted Identities. 2. Choose a contact in the left-hand list.
  • Adobe 22002486 | Digital Signature User Guide - Page 43
    Acrobat 9 Family of Products Security Feature User Guide Managing Certificate Trust and Trusted Identities Emailing contact information. To associate a certificate with a contact: 1. Choose Advanced (Acrobat) or Document (Reader) > Manage Trusted Identities. 2. Choose a contact in the left-hand
  • Adobe 22002486 | Digital Signature User Guide - Page 44
    Acrobat 9 Family of Products Security Feature User Guide Managing Certificate Trust and Trusted Identities Changing simply replace the old certificate association with a new one. 1. Choose Advanced (Acrobat) or Document (Reader) > Manage Trusted Identities. 2. Choose a contact in the left-hand list
  • Adobe 22002486 | Digital Signature User Guide - Page 45
    9 Family of Products Security Feature User Guide Managing Certificate Trust and Trusted Identities Deleting Contacts and Certificates 45 1. Choose Advanced (Acrobat) or Document (Reader) > Manage Trusted Identities. 2. Choose Contacts from the Display drop-down list. 3. Choose a contact in the
  • Adobe 22002486 | Digital Signature User Guide - Page 46
    4 Authoring Signable Documents Acrobat's digital signature capabilities allow authors to set up a secure status icon in the message bar. If there are any issues or problems, read the text. You may also wish to view the document the PDF signature report, view modifications, and so on. 4.2 Setting up
  • Adobe 22002486 | Digital Signature User Guide - Page 47
    Acrobat 9 Family of Products Security Feature User Guide Authoring Signable Documents Setting Acrobat (Windows): Edit > Preferences > Security  Acrobat (Macintosh): Acrobat > Preferences > Security  Adobe Reader (Windows): Edit > Preferences > Security  Adobe Reader (Macintosh): Adobe Reader
  • Adobe 22002486 | Digital Signature User Guide - Page 48
    Security Feature User Guide Authoring Signable Documents Setting Signing Preferences 48 To use preview mode automatically: 1. Choose one of the following:  Acrobat (Windows): Edit > Preferences > Security  Acrobat (Macintosh): Acrobat > Preferences > Security  Adobe Reader (Windows): Edit
  • Adobe 22002486 | Digital Signature User Guide - Page 49
    instructed to do so by your administrator. 4.2.1.3 Embedding Signature Revocation Status 1. Choose one of the following:  Acrobat (Windows): Edit > Preferences > Security  Acrobat (Macintosh): Acrobat > Preferences > Security  Adobe Reader (Windows): Edit > Preferences > Security  Adobe Reader
  • Adobe 22002486 | Digital Signature User Guide - Page 50
    Acrobat 9 Family of Products Security Feature User Guide Authoring Signable Documents Setting Acrobat (Windows): Edit > Preferences > Security  Acrobat (Macintosh): Acrobat > Preferences > Security  Adobe Reader (Windows): Edit > Preferences > Security  Adobe Reader (Macintosh): Adobe Reader
  • Adobe 22002486 | Digital Signature User Guide - Page 51
    Acrobat 9 Family of Products Security Feature User Guide Authoring Signable Documents Setting Signing Preferences 51  Adobe Reader (Macintosh): Adobe Reader > Preferences > Security 2. Choose Advanced Preferences. 3. Choose the Creation tab (Figure 39). 4. Set Enable Reviewing of Document
  • Adobe 22002486 | Digital Signature User Guide - Page 52
    that appears "behind" a signature. By default, the watermark is the Adobe PDF logo. Line (vector) art that is simple and unobtrusive often works best. 1. Import a logo or create a new one in a program such as Adobe Illustrator. 2. Set a low transparency level and flatten the transparency: 1. Select
  • Adobe 22002486 | Digital Signature User Guide - Page 53
    White Margins. 7. Save the file as SignatureLogo.pdf in:  Windows: C:\Documents and Settings\\Application Data\Adobe\Acrobat\\ Security.  Macintosh: \Users\\Library\Application Support\Adobe\Acrobat\\Security 4.2.2.3 Creating a Custom Signature Appearance Users
  • Adobe 22002486 | Digital Signature User Guide - Page 54
    Acrobat 9 Family of Products Security Feature User Guide Authoring Signable Documents Customizing Signature Appearances 54  timestamp server is used.  Location: The location associated with the identity configured in Acrobat.  Reason: The reason for signing.  Distinguished name: A name with
  • Adobe 22002486 | Digital Signature User Guide - Page 55
    Security Feature User Guide Authoring Signable Documents Using Timestamps During Signing 55 1. Choose Edit > Preferences (Windows) or Acrobat > Preferences ( their services, Acrobat does not automatically set a default timestamp server if multiple servers are listed. Users must manually specify
  • Adobe 22002486 | Digital Signature User Guide - Page 56
    Feature User Guide Authoring Signable Documents Working with Signature Fields 56 Configuring Acrobat to use . To manually set up a timestamp server: 1. Choose Advanced (Acrobat) or Document (Reader) > Acrobat and Adobe Reader ignore whether they are authored with Forms Designer or Acrobat
  • Adobe 22002486 | Digital Signature User Guide - Page 57
    Acrobat 9 Family of Products Security Feature User Guide Authoring Signable Documents Creating a Blank Signature Field 57 For are stored in a signature field embedded on the page. A signature field is an Acrobat form field. Signature fields are automatically created at the time of signing, but it
  • Adobe 22002486 | Digital Signature User Guide - Page 58
    Acrobat 9 Family of Products Security Feature User Guide Authoring Signable Documents Specifying General Field Properties 58 tooltip. However, the field can be given a unique name, provided with tooltip instructions for an eventual signer, and configured to display only in the Signatures tab and
  • Adobe 22002486 | Digital Signature User Guide - Page 59
    Acrobat 9 Family of Products Security Feature User Guide Figure 48 Signature field: General properties Authoring Signable Documents Customizing Field Appearances 59 4.3.3 Customizing Field Appearances Field border properties, fill color, fonts, and so on
  • Adobe 22002486 | Digital Signature User Guide - Page 60
    Acrobat 9 Family of Products Security Feature User Guide Authoring Signable Documents Changing the Default Field Appearance 60 4.3.4 Changing the Default Field Appearance The default appearance of a blank signature field is a light blue box
  • Adobe 22002486 | Digital Signature User Guide - Page 61
    Acrobat 9 Family of Products Security Feature User Guide Authoring Signable Documents Creating Multiple Copies of a  The overall field size.  The overall position. 5. Choose OK. Tip: Acrobat automatically names the fields by numbering them. Providing unique and intuitive names helps signers
  • Adobe 22002486 | Digital Signature User Guide - Page 62
    Acrobat 9 Family of Products Security Feature User Guide Authoring Signable Documents Authoring Signable Forms 62 4.4 Authoring Signable Forms Many documents that require signatures are forms. Some forms may have multiple signatures fields, with
  • Adobe 22002486 | Digital Signature User Guide - Page 63
    Acrobat 9 Family of Products Security Feature User Guide Authoring Signable Documents Making a Field a Required Part of document. When the signature is validated, the viewing application validates the bytes of the PDF file AND compares the object hash in the signature to the object hash from the
  • Adobe 22002486 | Digital Signature User Guide - Page 64
    Acrobat 9 Family of Products Security Feature User Guide Authoring Signable Documents Specifying a Post-Signing Action 64 a signature field is inadvisable. Field actions change the underlying bytes of a PDF and could adversely affect document security as well as content integrity. Caution: Using
  • Adobe 22002486 | Digital Signature User Guide - Page 65
    Acrobat 9 Family of Products Security Feature User Guide Figure 54 Signature field: Action properties Authoring Signable from the field.  Select Action: See Table 6. 4. Choose Add. 5. Follow the action instructions that appear in the action dialog. 6. Optional: Move actions Up, Down, Edit, or
  • Adobe 22002486 | Digital Signature User Guide - Page 66
    Feature User Guide Authoring Signable Documents Unlocking a Field Locked by a Signature 66 Table 6 Actions that can be associated with a signature field Action Description Open a File Launches and opens a file. If you are distributing a PDF file with a link to a non-PDF file, the reader needs
  • Adobe 22002486 | Digital Signature User Guide - Page 67
    Acrobat's seed value feature helps authors control document behavior once it has been routed to the signer. Seed values can be used to embed certificate requirements and other instructions . To set seed values for LiveCycle Forms, the Adobe LiveCycle Designer user interface can be used to set seed
  • Adobe 22002486 | Digital Signature User Guide - Page 68
    Acrobat 9 Family of Products Security Feature User Guide Controlling Signing with Seed Values Changes Across Releases are objects that have multiple properties. 5.1.1 Changes Across Releases Each Acrobat release results in support for additional seed values as shown in Table 7. Table 7 Seed
  • Adobe 22002486 | Digital Signature User Guide - Page 69
    Supported Seed Values 69 5.1.2 Supported Seed Values Note: The examples in this document demonstrate the simplest case. For more information, refer to the Acrobat JavaScript Scripting Guide and JavaScript for Acrobat more details, refer to the PDF Reference. (Acrobat 7.0) A list of legal
  • Adobe 22002486 | Digital Signature User Guide - Page 70
    (Acrobat 8) This must be set to 2 if this seed value object contains any Acrobat 8-specific content that is marked as required. lockDocument name (Optional; PDF 1.7- Optional; PDF 1.7-ADBE-3) A text string naming the appearance to be used when signing the signature field. Conforming readers may
  • Adobe 22002486 | Digital Signature User Guide - Page 71
    9 Family of Products Security Feature User Guide Controlling Signing with Seed Values Forcing a Certification Signature 71 3. Check Enable JavaScript. 4. Check Enable JavaScript debugger after Acrobat is restarted. 5. Restart Acrobat. To set seed values with the console (JavaScript debugger
  • Adobe 22002486 | Digital Signature User Guide - Page 72
    Acrobat 9 Family of Products Security Feature User Guide Controlling Signing with Seed Values Forcing a Certification a signed document) during signing. The Review button in the signing dialog runs the PDF/SigQ Conformance Checker which reports on rich content. Signers can then enter a Warnings
  • Adobe 22002486 | Digital Signature User Guide - Page 73
    Acrobat 9 Family of Products Security Feature User Guide Controlling Signing with Seed Values Giving Signers the Option set at the document level and cannot become more restrictive as signatures are applied. Acrobat 9 provides a seed value that adds a Lock Document checkbox to the signing dialog
  • Adobe 22002486 | Digital Signature User Guide - Page 74
    Acrobat 9 Family of Products Security Feature User Guide Controlling Signing with Seed Values Forcing Signers to Use a Specific Signature Appearance 74  false: A false value indicates that the document should not be locked after
  • Adobe 22002486 | Digital Signature User Guide - Page 75
    Acrobat 9 Family of Products Security Feature User Guide Controlling Signing with Seed Values Adding Custom Signing appearanceFilter:"Example Appearance Name", flags:0x100}); 5.5 Adding Custom Signing Reasons Acrobat predefines several common signing reasons such as "I am approving this document."
  • Adobe 22002486 | Digital Signature User Guide - Page 76
    Acrobat 9 Family of Products Security Feature User Guide Controlling Signing with Seed Values Specifying Timestamps for Signing 76 can be controlled at the document level instead of relying on the signer's Acrobat configuration. Adding a seed value to the signature field with the timestamp server
  • Adobe 22002486 | Digital Signature User Guide - Page 77
    Acrobat 9 Family of Products Security Feature User Guide Controlling Signing with Seed Values Specifying Alternate Signature to all their desktops and may choose to use the Entrust signature plug-in with Acrobat. Two seed values allow authors to specify which signature handler and format to use.
  • Adobe 22002486 | Digital Signature User Guide - Page 78
    Acrobat 9 Family of Products Security Feature User Guide of functions including signature validation. While Acrobat ships with a default handler (Adobe.PPKLite), custom or third-party signature dictionary. For more information, refer to the PDF Reference. To specify a signature handlers and format
  • Adobe 22002486 | Digital Signature User Guide - Page 79
    Acrobat 9 Family of Products Security Feature User Guide Controlling Signing with Seed Values Specifying a Signature Hash Algorithm 79 5.8 Specifying a Signature Hash Algorithm When a signer's digital ID contains RSA public and private keys, it
  • Adobe 22002486 | Digital Signature User Guide - Page 80
    Acrobat 9 Family of Products Security Feature User Guide Controlling Signing with Seed Values Specifying Certificate Properties for Signing 80 4. Run the JavaScript, save the document, and test the field. Example 5.8 Hash algorithm seed
  • Adobe 22002486 | Digital Signature User Guide - Page 81
    Acrobat 9 Family of Products Security Feature User Guide Controlling Signing with Seed Values Specifying Certificate identified by a path to a discrete file in the format of ["/c/test/root.cer"]. (Acrobat 8.0) Integers in HEX or decimal that specify the keyUsage extension that must be present in the
  • Adobe 22002486 | Digital Signature User Guide - Page 82
    Acrobat 9 Family of Products Security Feature User Guide Controlling Signing with Seed Values Specifying Signing a HTML site. There are two supported types: HTML: An HTML website. Acrobat uses the Web browser to display its contents. ASSP: A URL to a web service using the ASSP protocol for roaming
  • Adobe 22002486 | Digital Signature User Guide - Page 83
    Acrobat 9 Family of Products Security Feature User Guide Controlling Signing with Seed Values Specifying Certificates by Key Usage ], flags: 3 } } ) 5.10.2 Specifying Certificates by Key Usage Acrobat's default signature handler allows signing with certificates where the Key usage field is
  • Adobe 22002486 | Digital Signature User Guide - Page 84
    Acrobat 9 Family of Products Security Feature User Guide Controlling Signing with Seed Values Specifying Certificates by Policy 84 1. Specify 00, 01, 10, or 11 for each of the keyUsage values beginning with the
  • Adobe 22002486 | Digital Signature User Guide - Page 85
    Acrobat 9 Family of Products Security Feature User Guide Figure 62 Policy OID Controlling Signing with Seed Values Specifying a URL Specify the URL. The URL can point to a certificate server or to instructions for getting a certificate. 5. Run the JavaScript, save the document, and test the field.
  • Adobe 22002486 | Digital Signature User Guide - Page 86
    Acrobat 9 Family of Products Security Feature User Guide Controlling Signing with Seed Values Restricting Signing to a Roaming ID 86 is beyond the scope of this document. However, keep in mind that Acrobat's security APIs allow users many opportunities for customization. Document developers
  • Adobe 22002486 | Digital Signature User Guide - Page 87
    and the field's seed values are set. Note: For more information, refer to the online Acrobat JavaScript Scripting Guide, JavaScript for Acrobat API Reference, PDF Reference, and the Acrobat SDK. Example 5.14 Automating signing tasks //File: seedValue.js //Purpose: Demo how to set certificate
  • Adobe 22002486 | Digital Signature User Guide - Page 88
    Acrobat 9 Family of Products Security Feature User Guide Controlling Signing with Seed Values Custom Workflows and Beyond 88 value //3.1 set up issuer's certificate object var myissuerDN = {CN:"Enterprise Services CA", OU:"VeriSign Trust Network", O:"Example Systems Incorporated"}; var mykeyUsage
  • Adobe 22002486 | Digital Signature User Guide - Page 89
    6 Signing Documents Like a conventional, handwritten signature, digital signatures identify the signer. However, digital signatures also enhance security because they store information about the signer as well as the signed document. For example, signatures can be used to verify signed content has
  • Adobe 22002486 | Digital Signature User Guide - Page 90
    Acrobat 9 Family of Products Security Feature User Guide Signing Documents Signing User Interface 90  Approval Signature: An approval signature is any signature that was applied without choosing Certify Document. Any signature other the
  • Adobe 22002486 | Digital Signature User Guide - Page 91
    Acrobat 9 Family of Products Security Feature User Guide Signing Documents Signing With a Certification Signature attestation dictionary, described in Section 8.7.4 of the PDF Reference manual. Note that aside from when a signer is certifying, Acrobat does not actively inform the user about the
  • Adobe 22002486 | Digital Signature User Guide - Page 92
    Acrobat 9 Family of Products Security Feature User Guide Document dialog displays a Review button which invokes the PDF Signature Report dialog. The dialog display a Warnings Comment person in the workflow. 4. The document recipient manually validates the certification signature if the application is
  • Adobe 22002486 | Digital Signature User Guide - Page 93
    Acrobat 9 Family of Products Security Feature User Guide Signing Documents Setting up a Document for Certification 93 Note: The certifier's warning comment is not viewable via preview mode. 6. The recipient decides whether or not
  • Adobe 22002486 | Digital Signature User Guide - Page 94
    9 Family of Products Signing Documents Security Feature User Guide You can customize the way a certified document behaves for signers by giving form fields additional features 2. Choose View Report to invoke the PDF Signature Report dialog. Acrobat checks to see if the document contains dynamic
  • Adobe 22002486 | Digital Signature User Guide - Page 95
    Acrobat 9 Family of Products Security Feature User Guide Figure 64 Certifying a document: Document integrity warnings Signing Documents Certifying a Dynamic Form 95 8. If there are any document warnings in the PDF custom comment. A comment should tell the reader why the content is there and that
  • Adobe 22002486 | Digital Signature User Guide - Page 96
    be configured to support certification. To configure a dynamic form for certifying: Choose File > Form Properties and display the Defaults tab. In the Scripting panel, set Preserve Scripting Changes to Form When Saved to Manual. When the form is subsequently opened in Acrobat or Adobe Reader (with
  • Adobe 22002486 | Digital Signature User Guide - Page 97
    of Products Security Feature User Guide Signing Documents Signing Documents in Acrobat 97 To sign a document with an the top of the document. 2. Choose View Report to invoke the PDF Signature Report dialog. Acrobat checks to see if the document contains dynamic content that could adversely impact
  • Adobe 22002486 | Digital Signature User Guide - Page 98
    Acrobat 9 Family of Products Security Feature User Guide Figure 68 Signing a document: Signature details Signing Documents Signing in a Browser 98 5. , and then follow the steps described in Signing Documents in Acrobat. 2. To retain a copy of the signed document, choose the File > Save A Copy.
  • Adobe 22002486 | Digital Signature User Guide - Page 99
    Acrobat 9 Family of Products Security Feature User Guide Signing Documents Clearing One or More Signatures 99 6.3.3 Clearing One or More Signatures Clearing a signature field deletes the signature but leaves the empty field. Not
  • Adobe 22002486 | Digital Signature User Guide - Page 100
    manually as well as what signature components are analyzed during the validation process can facilitate trouble-free workflows and mitigate signature status problems  "Validating Signatures Manually" on page 106  "Troubleshooting a Signature or validation process, Acrobat and Adobe Reader verify the
  • Adobe 22002486 | Digital Signature User Guide - Page 101
    Acrobat 9 Family of Products Security Feature User Guide on computer or security device) ... PDF Document %PDF (PDF content) signature dictionary /ByteRange { . if a document has changed after signing (has integrity), Acrobat or Adobe Reader must have a way to uniquely identify what was signed
  • Adobe 22002486 | Digital Signature User Guide - Page 102
    Acrobat 9 Family of Products Security Feature User Guide Validating Adobe Acrobat or Adobe Reader, the current version always displays. Note: To learn more about how each signature results in a new version of the document, refer to http: //www.adobe.com/devnet/acrobat/pdfs/DigitalSignaturesInPDF.pdf
  • Adobe 22002486 | Digital Signature User Guide - Page 103
    Acrobat 9 Family of Products Security Feature User Guide Validating Signatures Setting Digital Signature Validation Preferences instructed to do so by a system administrator. Signatures are created and validated by plugins. These options specify which plugin is used. Both Acrobat and Adobe Reader
  • Adobe 22002486 | Digital Signature User Guide - Page 104
    Acrobat 9 Family of Products Security Feature User Guide Validating Signatures Using Root Certificates in the Windows Certificate Store 104 5. Check or uncheck Require that certificate revocation checking be done whenever possible during signature
  • Adobe 22002486 | Digital Signature User Guide - Page 105
    Acrobat 9 Family of Products Security Feature User Guide Validating Signatures Validating Signatures with Timestamps and Certificate Policies 105 Figure 71 Trusting Windows root certificates 2. Specify the trust level for all root certificates in
  • Adobe 22002486 | Digital Signature User Guide - Page 106
    ?" on page 100  "Status Icons and Their Meaning" on page 113 7.3.1 Validating Signatures with Adobe Reader The process for validating one or more signatures in Adobe Reader is similar to Acrobat. However, the top level menu item is labelled Document instead of Advanced. Therefore, the validation
  • Adobe 22002486 | Digital Signature User Guide - Page 107
    9 Family of Products Security Feature User Guide Validating Signatures Validating All Signatures in Acrobat 107  Highlight a signature in the Signatures tab, and choose Advanced > Sign & Certify > Validate Signature or open the Signature Properties dialog and choose Validate Signature. Figure
  • Adobe 22002486 | Digital Signature User Guide - Page 108
    Acrobat 9 Family of Products Security Feature User Guide Validating Signatures Validating an Problematic Signature (trusting a signer on-the-fly) 108 7.3.4 Validating an Problematic Signature (trusting a signer on-the-fly) If a signer's digital ID
  • Adobe 22002486 | Digital Signature User Guide - Page 109
    Acrobat 9 Family of Products Security Feature User Guide Validating Signatures Validating an Problematic Signature (trusting a signer on-the-fly) 109 willing to trust. Revocation checking starts at the bottom of a chain (begins with
  • Adobe 22002486 | Digital Signature User Guide - Page 110
    Acrobat 9 Family of Products Security Feature User Guide Validating Signatures Validating Signatures for other Document version of itself as it existed at the time of signing. In other words, Acrobat and Adobe Reader "remembers" that version A is signed, that changes were made to version B, and
  • Adobe 22002486 | Digital Signature User Guide - Page 111
    Acrobat 9 Family of Products Security Feature User Guide Validating Signatures Validating Signature Timestamps 111 What is a and that its certificate is valid. In order to validate a timestamp, you need to manually verify:  The timestamp was applied: If a timestamp fails for some reason (the
  • Adobe 22002486 | Digital Signature User Guide - Page 112
    Acrobat 9 Family of Products Security Feature User Guide Validating Signatures Validating Signature Timestamps 112 Note: The following steps add a timestamp certificate to your list of trusted identities. 3. Choose Show Certificate. 4. When the Certificate
  • Adobe 22002486 | Digital Signature User Guide - Page 113
    Acrobat 9 Family of Products Security Feature User Guide Validating Signatures Status Icons and Their Meaning 113 7.4 Status Icons and Their Meaning By default, signatures are validated automatically when a document opens. You can change
  • Adobe 22002486 | Digital Signature User Guide - Page 114
    Acrobat 9 Family of Products Security Feature User Guide 7.4.2.1 Signature status cheat sheet Validating Signatures Document Status Definitions 114
  • Adobe 22002486 | Digital Signature User Guide - Page 115
    Acrobat 9 Family of Products Security Feature User Guide Validating Signatures Troubleshooting a Signature or Document Status 115 7.5 Troubleshooting could be the result of actions by Adobe, your administrator, or you. To troubleshoot authenticity problems, open the signature panel and expand the
  • Adobe 22002486 | Digital Signature User Guide - Page 116
    Acrobat 9 Family of Products Security Feature User Guide Validating Signatures Troubleshooting an Identity Problem 116 Show Signature to check revocation manually.  If online revocation checking is required, it may have failed as a result of no online access or an application problem. 3. If
  • Adobe 22002486 | Digital Signature User Guide - Page 117
    Acrobat 9 Family of Products Security Feature User Guide Validating Signatures Troubleshooting an Identity Problem (Table 12). 1. Choose Advanced (Acrobat) or Document (Reader) > Manage Trusted Identities. 2. . Allows users to initiate a manual check and analyze problems.  Trust tab: Displays the
  • Adobe 22002486 | Digital Signature User Guide - Page 118
    Acrobat 9 Family of Products Security Feature User Guide Figure 83 Certificate Viewer Validating Signatures Troubleshooting an Identity Problem 118 7.5.1.3 Verifying the Identity of Self-Signed Certificates Certificates are usually issued by a trusted, third-party certificate authority such as
  • Adobe 22002486 | Digital Signature User Guide - Page 119
    Acrobat 9 Family of Products Security Feature User Guide Figure 84 Certificates: Verifying originator Validating Signatures Troubleshooting an Identity Problem or the owner of the ID might have left the company. Adobe applications check revocation status as part of its public key authentication. To
  • Adobe 22002486 | Digital Signature User Guide - Page 120
    Acrobat 9 Family of Products Security Feature User Guide Validating Signatures Troubleshooting a Document Integrity Problem 120 Figure 85 Trusted Identities: Viewing revocation status 7.5.1.5 Exporting a Certificate Other than Yours to a File Users in enterprise settings can send problem
  • Adobe 22002486 | Digital Signature User Guide - Page 121
    Acrobat 9 Family of Products Security Feature User Guide Validating Signatures Troubleshooting a Document Integrity Problem 121  Right click on a signature and choose View Signed Version or choose Click to view this version in the Signature pane to view the version
  • Adobe 22002486 | Digital Signature User Guide - Page 122
    Guide Validating Signatures Troubleshooting a Document Integrity Problem 122 7.5.2.2 Viewing and Comparing Changes and Versions Document authors and recipients often need to know if a document has changed since it was signed. Acrobat signing is stored in the PDF as an incrementally numbered version
  • Adobe 22002486 | Digital Signature User Guide - Page 123
    Security Feature User Guide Validating Signatures Troubleshooting a Document Integrity Problem 123 Figure 86 Digital Signature Properties: Modifications panel 7.5.2.4 Comparing a Signed Version to the Current Version Note: The Compare feature is not available in Adobe Reader. As you revise
  • Adobe 22002486 | Digital Signature User Guide - Page 124
    Acrobat 9 Family of Products Security Feature User Guide Figure 87 Compare: By page summary report Validating Signatures Document Behavior After In many cases, it's better to accept the application defaults unless instructed to change them by someone knowledgeable about Acrobat's security features.
  • Adobe 22002486 | Digital Signature User Guide - Page 125
    Acrobat 9 Family of Products Security Feature User Guide Validating Signatures JavaScript and Dynamic Content Won't certificate for such actions. Because scripts and dynamic content represent a security risk, Acrobat prevents some of those operations by default. For details, see "Certificate Trust
  • Adobe 22002486 | Digital Signature User Guide - Page 126
    Acrobat has defined PDF features that should be avoided when producing a document that has a deterministic and repeatable visual rendering. Acrobat . In general, documents that contain no dynamic content (and only recognizable PDF content) are safer to sign that documents with content that can impair
  • Adobe 22002486 | Digital Signature User Guide - Page 127
    Acrobat 9 Family of Products Security Feature User Guide 8.2 Preview Mode and Validation (View Signed Version) Acrobat and Adobe Reader store in signed documents a unique document version for Signature Properties: Document Versioning panel 8.3 PDF Signature Reports Signature workflows often require
  • Adobe 22002486 | Digital Signature User Guide - Page 128
    Acrobat 9 Family of Products Security Feature User Guide Document Integrity and Preview Mode PDF Signature Reports 128 Content preview mode cannot suppress Documents that contain content or behaviors which are dynamic or invisible and which cannot be suppressed in
  • Adobe 22002486 | Digital Signature User Guide - Page 129
    Acrobat 9 Family of Products Security Feature User Guide Figure 93 PDF Signature Report: Suppressed content Document linked files, and so on.  Uncategorized content: Unrecognized or malformed PDF content. Table 13 dynamic feature warnings String Code Description Document contains hidden
  • Adobe 22002486 | Digital Signature User Guide - Page 130
    or hidden on the fly. Table 14 PDF Content with variable rendering String Code Description in standard Acrobat installations. For example, the document may be protected by the Adobe Policy Server Mac plist settings. See the Security Administration Guide for more details. Disallowed font type:
  • Adobe 22002486 | Digital Signature User Guide - Page 131
    drawing operator: The document contains PDF content or custom content not supported by the current version of Acrobat. The document may have been created by a later version of Acrobat. PDF content contains errors 4002 Malformed drawing instructions: Syntax error. Page content violates
  • Adobe 22002486 | Digital Signature User Guide - Page 132
    administrators should either preconfigure client installations or distribute instructions for setting up the application correctly. For a PDF from your company has an embedded script, it downloads; otherwise, it is blocked. Acrobat and Reader provide two ways to block potentially unsafe PDFs: 
  • Adobe 22002486 | Digital Signature User Guide - Page 133
    Acrobat 9 Family of Products Security Feature User Guide domain data access: Different origin data downloads (from where the current PDF resides) to the PDF.  Data injection: Injection of root URL only. For example, enter www.adobe.com but not www. adobe.com/products. To only allow higher privileges
  • Adobe 22002486 | Digital Signature User Guide - Page 134
    Acrobat 9 Family of Products Security Feature User Guide usually involves some mechanism such as data injection into a PDF form field, installing files, executing a script, and so environment for enhanced security or need to troubleshoot FDF workflows that may not be working as expected, see "Enhanced
  • Adobe 22002486 | Digital Signature User Guide - Page 135
    User Guide External Content and Document Security Changes in FDF Behavior 135 Table 17 Rules for opening a PDF via FDF Action FDF PDF location location Data injection n/a n/a 8.x behavior Allowed Data injection server browser Allowed Data injection server Acrobat/ Reader Allowed
  • Adobe 22002486 | Digital Signature User Guide - Page 136
    refer to the Security Administration Guide for Acrobat 9.0 and Adobe Reader 9.0. 9.2 Controlling Multimedia The Acrobat family of products have a notion Membership on the trusted document list is permanent until the list is manually cleared. Therefore, once a document is on that list, changing the
  • Adobe 22002486 | Digital Signature User Guide - Page 137
    Acrobat 9 Family of Products Security Feature User Guide Figure 97 Multimedia behavior workflow External Content and Open the Multimedia Trust Manager:  Acrobat and Adobe Reader (Windows): Edit > Preferences > Multimedia Trust  Acrobat and Adobe Reader (Macintosh): (Application) > Preferences >
  • Adobe 22002486 | Digital Signature User Guide - Page 138
    Acrobat 9 Family of Products Security Feature User Guide External Content and Document Security Controlling Multimedia in mode. Note: Membership on the trusted document list is permanent until the list is manually cleared. Choose Clear to remove all documents from that list. 4. Choose OK.
  • Adobe 22002486 | Digital Signature User Guide - Page 139
    Acrobat 9 Family of Products Security Feature User Guide External Content and Document Security Setting JavaScript Options 139 method indicates the events during which the method can be executed. Beginning with Acrobat 6.0, security-restricted methods can execute in a non-privileged context if the
  • Adobe 22002486 | Digital Signature User Guide - Page 140
    Guide External Content and Document Security Adobe Trusted Identity Updates 140 For unsigned documents, you can control JavaScript from the Preferences panel. To block or allow execution of all JavaScript from the menu bar: 1. Choose one of the following:  Acrobat and Adobe Reader or manually
  • Adobe 22002486 | Digital Signature User Guide - Page 141
    Acrobat 9 Family of Products Security Feature User Guide Figure 100 Automatic updates External Content Black Lists and White Lists Black Lists and White Lists  The Acrobat family of products always allow you to open and save PDF and FDF file attachments. However, (Table 4)File types on the white
  • Adobe 22002486 | Digital Signature User Guide - Page 142
    Acrobat 9 Family of Products Security Feature User Guide External Content and Document Security Default Behavior: Black and .ins IIS Internet Communications Settings (Microsoft) .isp IIS Internet Service Provider Settings (Microsoft) .its Internet Document Set, International Translation
  • Adobe 22002486 | Digital Signature User Guide - Page 143
    Acrobat 9 Family of Products Security Feature User Guide External Content and Document Security Default Behavior: Black and White Lists 143 Table 4 Default prohibited file types Extension Description .mau Media Attachment Unit .mav Access
  • Adobe 22002486 | Digital Signature User Guide - Page 144
    can be extended one at a time as each attached file is opened. Administrators can modify the registry directly (refer to the Acrobat Security Administration Guide).When the Launch Attachment dialog appears, choose one of the following (Figure 101):  Open this file: Opens the files without changing
  • Adobe 22002486 | Digital Signature User Guide - Page 145
    Trust Manager in the Categories panel. 3. Configure Allow opening of non-PDF file attachments with external applications (Figure 102):  Checked: Default. The application uses its stored black list to determine whether Acrobat should let the attachment invoke the launch an application action so the
  • Adobe 22002486 | Digital Signature User Guide - Page 146
    Acrobat 9 Family of Products Security Feature User Guide 5. Choose OK. Figure 103 Resource access External Content and Document Security Internet URL Access 146 9.7 Internet URL Access Your application can inform you when a PDF file is attempting to connect to an Internet site. Opening a Web page
  • Adobe 22002486 | Digital Signature User Guide - Page 147
    9 Family of Products Security Feature User Guide Figure 105 Manage Internet Access dialog External Content and Document Security Allowing and Blocking Specific Web Sites 147 9.7.2 Allowing and Blocking Specific Web Sites The Acrobat family of products maintain a white and black list of URLs
  • Adobe 22002486 | Digital Signature User Guide - Page 148
    access on a per-URL basis, add specific Web sites to the black and white lists: 1. Choose Edit > Preferences (Windows) or Acrobat (or Adobe Reader) > Preferences (Macintosh). 2. Select Trust Manager in the Categories panel. 3. Choose Change Settings in the Internet Access... panel. 4. Choose Let me
  • Adobe 22002486 | Digital Signature User Guide - Page 149
    was formerly an FDF user guide. Security settings can be complex supports the import and export of all settings including digital ID data, trust, server details, signing preferences, and so on. Settings can only be exported from Acrobat but settings can be imported by both Acrobat and Adobe Reader
  • Adobe 22002486 | Digital Signature User Guide - Page 150
    Acrobat 9 Family of Products Security Feature User Guide Figure 108 . Figure 109 Security settings: Encryption method 7. Follow the dialog instructions which will vary with your choice of the document security method be imported by both Acrobat and Adobe Reader. To import security settings:
  • Adobe 22002486 | Digital Signature User Guide - Page 151
    Acrobat 9 Family of Products Security Feature User Guide Migrating and Sharing Security Settings Importing Security Settings from a File 151 1. Choose Advanced > Security > Import Security Settings. 2. Browse to an .acrobatsecuritysettings file. 3. Choose Open. 4. acrobatsecuritysettings
  • Adobe 22002486 | Digital Signature User Guide - Page 152
    Guide Figure 112 Security setting import: Success dialog Migrating and Sharing Security Settings Importing Security Settings from a Server 152 10.1.3 Importing Security Settings from a Server If your organization distributes security settings periodically, you can set up Acrobat the instructions as
  • Adobe 22002486 | Digital Signature User Guide - Page 153
    Acrobat and Adobe Reader support the use of FDF files to exchange data between the Acrobat family of client and server products. FDF files use a .fdf extension, and like .pdf, it is registered by Adobe prone, manual configuration. return URL address. When Bob downloads the FDF file from the server
  • Adobe 22002486 | Digital Signature User Guide - Page 154
    Acrobat 9 Family of Products Security Feature User Guide involves some mechanism such as data injection into a PDF form field, installing files, executing a script, and configure your environment for enhanced security or need to troubleshoot FDF workflows that may not be working as expected,
  • Adobe 22002486 | Digital Signature User Guide - Page 155
    Acrobat 9 Family of Products Security Feature User Guide Migrating and Sharing Security Settings Exporting Application Settings with FDF Files 155 Table 5 Rules for opening a PDF via FDF Action FDF PDF PDF makes EFS POST/GET and FDF sends data in https response to same PDF from Acrobat involves
  • Adobe 22002486 | Digital Signature User Guide - Page 156
    Acrobat 9 Family of Products Security Feature User Guide Migrating and Sharing Security Settings Exporting Application 's chain and includes them in the FDF file. 1. Choose Advanced (Acrobat) or Document (Adobe Reader) > Manage Trusted Identities. 2. Choose Certificates in the Display drop-down
  • Adobe 22002486 | Digital Signature User Guide - Page 157
    someone: Emailing the data automatically creates an FDF file that other Adobe product users can easily import.  Save the exported data to a file: Acrobat FDF Data Exchange. FDF is a format recognized by the Acrobat family of products. 8. Choose Next. 9. (Optional) If the Identity Information dialog
  • Adobe 22002486 | Digital Signature User Guide - Page 158
    . Most users will likely need to manually set the imported certificate's trust level. When distributing a trusted root in a signed file that the FDF recipient can validate, set the certificate trust level: 1. Choose Advanced (Acrobat) or Document (Adobe Reader) > Manage Trusted Identities. 2. Choose
  • Adobe 22002486 | Digital Signature User Guide - Page 159
    Acrobat 9 Family of Products Security Feature User Guide Migrating and Sharing Security Settings your web-based email program. To email a digital ID certificate: 1. Choose Advanced (Acrobat) or Document (Adobe Reader) > Security Settings. 2. Select Digital IDs in the left-hand tree. 3. Highlight
  • Adobe 22002486 | Digital Signature User Guide - Page 160
    email problems only queue messages to be sent. You may need to start your email client program to cause the message to actually send. 10.2.2.5 Saving Your Digital ID Certificate to a File To save a digital ID certificate to a file: 1. Choose Advanced (Acrobat) or Document (Adobe Reader) > Security
  • Adobe 22002486 | Digital Signature User Guide - Page 161
    Acrobat 9 Family of Products Security Feature User Guide Migrating and Sharing Security Settings Exporting Application certificate. To request a certificate from someone: 1. Choose Advanced (Acrobat) or Document (Adobe Reader) > Manage Trusted Identities. 2. Choose Request Contact. Figure 119
  • Adobe 22002486 | Digital Signature User Guide - Page 162
    Acrobat 9 Family of Products Security Feature User Guide Migrating and Sharing Security Settings Exporting FDF file. To send directory server details in an email: 1. Choose Advanced (Acrobat) or Document (Adobe Reader) > Security Settings. 2. Select a server category from the left-hand list.
  • Adobe 22002486 | Digital Signature User Guide - Page 163
    Acrobat 9 Family of Products Security Feature User Guide Migrating and Sharing Security Settings Exporting . Review the export details. 12. Choose Finish. 10.2.2.8 Exporting Server Details Adobe LiveCycle Rights Management Server, directory server, roaming ID, and timestamp server details
  • Adobe 22002486 | Digital Signature User Guide - Page 164
    9 Family of Products Security Feature User Guide Migrating and Sharing Security Settings Importing Application Settings with FDF Files 164 1. Choose Advanced (Acrobat) or Document (Adobe Reader) > Security Settings. 2. Select a server category from the left-hand list. Note: For roaming ID server
  • Adobe 22002486 | Digital Signature User Guide - Page 165
    Acrobat 9 Family of Products Security Feature User Guide To respond to an email digital ID request: 1. Double click the attached FDF file. 2. Choose Email your Certificate. Figure 125 Emailing your certificate Migrating and
  • Adobe 22002486 | Digital Signature User Guide - Page 166
    Acrobat 9 Family of Products Security Feature User Guide Figure 127 Emailing your certificate Migrating and Sharing : 1. Click on the FDF file or from Acrobat or Adobe Reader choose File > Open. The digital ID certificate may be sent directly from Acrobat as an email attachment or may reside in a
  • Adobe 22002486 | Digital Signature User Guide - Page 167
    Acrobat 9 Family of Products Security Feature User Guide Migrating and Sharing Security Settings Importing Application Settings with FDF Files 167 list all at once: 1. Click on the FDF file or from Acrobat or Adobe Reader choose File > Open. The digital ID certificate may be sent directly from
  • Adobe 22002486 | Digital Signature User Guide - Page 168
    Acrobat 9 Family of Products Security Feature User Guide Figure 129 Importing multiple certificates Migrating and Sharing Security Settings Importing Application Settings with FDF Files 168 2. If the FDF file is signed, the signature
  • Adobe 22002486 | Digital Signature User Guide - Page 169
    Guide Figure 130 Making a contact a trusted identity Migrating and Sharing Security Settings Importing Application Settings with FDF Files 169 10.2.3.4 Importing Timestamp Server Settings In enterprise settings, servers do not usually have to be manually (Acrobat) or Document (Adobe Reader)
  • Adobe 22002486 | Digital Signature User Guide - Page 170
    Acrobat 9 Family of Products Security Feature User Guide Migrating and Sharing Security Settings Importing before timestamps can be used. To set a default timestamp server, Choose Advanced (Acrobat) or Document (Adobe Reader) > Security Settings > Time Stamp Servers, select a server, and choose Set
  • Adobe 22002486 | Digital Signature User Guide - Page 171
    Acrobat 9 Family of Products Security Feature User Guide Migrating and Sharing Security Settings Importing FDF can also be imported through the Security Settings Console by choosing Advanced (Acrobat) or Document (Adobe Reader) > Security Settings, selecting Directory Servers in the left-hand list,
  • Adobe 22002486 | Digital Signature User Guide - Page 172
    Acrobat 9 Family of Products Security Feature User Guide Migrating and Sharing Security Settings Importing Application Settings with FDF Files 172 10.2.3.6 Importing Adobe by choosing Advanced (Acrobat) or Document (Adobe Reader) > Security Settings, selecting Adobe LiveCycle Rights Management
  • Adobe 22002486 | Digital Signature User Guide - Page 173
    file system and double click on it. The FDF can also be imported through the Security Settings Console by choosing Advanced (Acrobat) or Document (Adobe Reader) > Security Settings, selecting Roaming ID Accounts in the left-hand list, and choosing Import. 2. Review the sender's details. Note the
  • Adobe 22002486 | Digital Signature User Guide - Page 174
    Acrobat 9 Family of Products Security Feature User Guide Migrating and Sharing Security Settings Importing Application a roaming ID server 7. Choose Next. 8. After the confirmation that you have downloaded the roaming ID(s) appears, choose Finish. The server settings and associated certificates are
  • Adobe 22002486 | Digital Signature User Guide - Page 175
    Acrobat 9 Family of Products Security Feature User Guide Migrating and Sharing Security Settings Importing Application Settings with FDF Files 175 Figure 139 Downloaded or a file on a network or your local system.  In Acrobat or Adobe Reader choose File > Open, browse to the FDF file, and choose
  • Adobe 22002486 | Digital Signature User Guide - Page 176
    Acrobat 9 Family of Products Security Feature User Guide Migrating and Sharing Security Settings Importing Application Settings with FDF Files 176 Tip: If Add to Trusted Identities is disabled, the identity is already on
  • Adobe 22002486 | Digital Signature User Guide - Page 177
    Acrobat 9 Family of Products Security Feature User Guide Migrating and Sharing Security Settings Importing Application Settings with .: Some operations represent a security risk more serious than others. Acrobat considers the following operations potential threats to a secure application operating
  • Adobe 22002486 | Digital Signature User Guide - Page 178
    assurance of the author's identity while also showing that the PDF document has not been modified. CDS is the only security solution that provides automatic validation of these attributes in Adobe Reader or Acrobat without also requiring additional software or configuration changes by the recipients
  • Adobe 22002486 | Digital Signature User Guide - Page 179
    Acrobat 9 Family of Products Security Feature User Guide Acrobat's CRL revocation checker adheres to RFC 3280 and NIST PKITS except for delta CRLs. CSP See Cryptographic Service Provider Cryptographic Service the CA. Message digest Before Acrobat or Adobe Reader can verify if a document the
  • Adobe 22002486 | Digital Signature User Guide - Page 180
    Acrobat 9 Family of Products Security Feature User Guide Glossary of Security Terms 180 Table 5 Security Terms MSCAPI OCSP Online Certificate Status Protocol (OCSP) Windows Microsoft Crypto API (MSCAPI) is the API that the application uses to access cryptographic service Adobe reader PDF downloaded
  • Adobe 22002486 | Digital Signature User Guide - Page 181
    Acrobat 9 Family of Products Security Feature User Guide Glossary of Security Terms 181 Table 5 Security Terms SSCD timestamp trust anchor See Secure signature-creation devices The date and time that a digital signature was
  • Adobe 22002486 | Digital Signature User Guide - Page 182
    Index . .ade 141 .adp 141 .apf 178 .apf Digital IDs no longer supported 14 .app 141 .asp 141 .bas 141 .bat 141 .bz 141 .bz2 141 .cer 142, 178 .chm 142 .class 142 .cmd 142 .com 142 .command
  • Adobe 22002486 | Digital Signature User Guide - Page 183
    Acrobat 9 Family of Products Security Feature User Guide Index 183 1005 130 1006 130 1007 130 1008 130 1009 Black and White Lists 144 Adding Someone to Your Trusted Identity List 32 Adobe Profile Files 178 Adobe Trusted Identity Updates 140 ALCRMS 178 Allowing and Blocking Specific Web Sites 147
  • Adobe 22002486 | Digital Signature User Guide - Page 184
    Guide Index 184 Certificates in the Trusted Identities list 158 Certification Signature 89 certification signature 178 Certification Workflow for Documents with Multiple Signers 92 certified document 178 Certified document indicators 92 Certified Document Services ) 143 Configuring Acrobat to use a
  • Adobe 22002486 | Digital Signature User Guide - Page 185
    Acrobat security 10 DOS CP/M Command file, Command file for Windows NT 142 Downloaded Guide? 9 Hypertext Application 142 I Identity preferences 15 IIS Internet Communications Settings (Microsoft) 142 IIS Internet Service Importing Adobe LiveCycle Rights Management Server Settings 172 Importing Adobe
  • Adobe 22002486 | Digital Signature User Guide - Page 186
    Acrobat 9 Family of Products Security Feature User Guide roaming ID server 174 Logging in to an Adobe LiveCycle Rights Management Server 173 Logging in to Windows Digital IDs 26 Manually Configuring a Directory Server 39 PDF content contains errors 131 PDF Content with variable rendering 130 PDF
  • Adobe 22002486 | Digital Signature User Guide - Page 187
    Acrobat 9 Family of Products Security Feature User Guide privileged context 180 Problems encountered 116 Program file 143 Providing Instructions to the Trusted ID server name and URL 174 root certificate 180 Rules for opening a PDF via FDF 134, 154 Run a JavaScript 66 S Saving Certificate or Contact
  • Adobe 22002486 | Digital Signature User Guide - Page 188
    Acrobat 9 Family of Products Security Feature User Guide 116 Supported Troubleshooting a Document Integrity Problem 120 Troubleshooting a Signature or Document Status 115 Troubleshooting an Identity Problem 115 Troubleshooting PDF content Manually 106 Validating Signatures with Adobe Reader
  • Adobe 22002486 | Digital Signature User Guide - Page 189
    Acrobat 9 Family of Products Security Feature User Guide Viewing All of Your Digital IDs 16 What is Trust? 30 What Makes a Signature Valid? 100 What's in this Guide? 8 When Timestamps Can't be Verified. . . 112 Who Should Read This Guide? 8 Why Attach a File that's on the Black List? 141 Why Can
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
PDF Creation Date:
November 17, 2008
b
c
Digital Signature User Guide
for Acrobat 9.0 and Adobe Reader 9.0
Acrobat® and Adobe® Reader®
Version 9.0