Certification Workflow For Documents With Multiple Signers - Adobe 22002486 User Manual

Acrobat 9 Family of Products
Security Feature User Guide
Legal Attestations and Warnings Comments
For documents with dynamic content, signer's may want to add a legal attestation or comment indicating
the included content has been reviewed is specifically permitted. A legal attestation can only be added on
certified documents and during signing. When this option is enabled by the signer's application settings,
the Certify Document dialog displays a Review button which invokes the PDF Signature Report dialog.
The dialog display a Warnings Comment field that allows the signer to choose from a default comment or
to create a custom comment.
The Enable Reviewing of Document Warnings and Prevent Signing Until Document Warnings Are
Reviewed settings function in tandem and should be set together. Setting both these options to Always
results in the highest degree of assurance that the signing process is not adversely impacted by malicious
content. For details, see

6.2.1 Certification Workflow for Documents with Multiple Signers

Certification allows document authors to define what changes are legal (possible), and it allows the
recipient to identify whether a document's problematic features (content that could change the
document appearance) originated with the certifier or not. More importantly, this gives the recipient the
assurance that if these features in the document are indeed malicious, the certifier can be proven to be at
fault. The recommended workflow for defensible signatures can then be described as follows:
1. The document author adds the requisite form fields and any other document customizations.
Preventing certain future actions (e.g. to form fill in and signing) can be accomplished ahead of time via
JavaScript or during signing.
2. The document is signed with a certification signature. If there is problematic content in the document,
the certifier chooses Review and adds a Warnings Comment explaining why the content is OK.
3. The document is routed to the next person in the workflow.
4. The document recipient manually validates the certification signature if the application is not set up to
validate signatures automatically.
5. Document integrity is verified by right clicking on the certification signature and then choosing Show
Signature Properties > Legal tab > View Document Integrity Properties. This action invokes the
PDF Signature Report dialog which displays a list of problematic content as well as the certifier's
comment about that content (if any). For example, a certifier might state why they have added a link to
a corporate web site, JavaScript, or some other item.
Figure 63 Certified document indicators
"Setting up the Signing Environment" on page
Certification Workflow for Documents with Multiple Signers
46.
Signing Documents
92