Table of Contents
Advertisement
USING ACROBAT 9 PRO
Digital signatures
More Help topics
"Validate a timestamp
certificate" on page 268
"Sign in Preview Document
"View previous versions of a signed
Establish long-term signature validation
Long-term signature validation allows you to check the validity of a signature long after the document was signed. To
achieve long-term validation, all the required elements for signature validation must be embedded in the signed PDF.
Embedding these elements can occur when the document is signed, or after signature creation.
Without certain information added to the PDF, a signature can be validated for only a limited time. This limitation
occurs because certificates related to the signature eventually expire or are revoked. Once a certificate expires, the
issuing authority is no longer responsible for providing revocation status on that certificate. Without conforming
revocation status, the signature cannot be validated.
The required elements for establishing the validity of a signature include the signing certificate chain, certificate
revocation status, and possibly a timestamp. If all the required elements are available and embedded at signing, the
signature can be validated without going to outside resources for validation information. Acrobat and Reader can
embed all the required elements, as long as the elements are available. The PDF creator must enable usage rights for
Reader users (Advanced > Extend Features In Adobe Reader).
Note: Embedding timestamp information requires a properly configured timestamp server. In addition, the signature
validation time must be set to Secure Time (Preferences > Security > Advanced Preferences > Verification tab).
More Help topics
"Validate a timestamp
certificate" on page 268
"Configure a timestamp
server" on page 259
"Set signing
preferences" on page 259
Add verification information at signing
Make sure that your computer can connect to the appropriate network resources.
1
2
Check that the preference Include Signature's Revocation Status When Signing is still selected. (Preferences >
Security > Advanced Preferences > Creation tab.) This preference is selected by default.
3
Sign the PDF.
If all the elements of the certificate chain are available, the information is added to the PDF automatically. If a
timestamp server has been configured, the timestamp is also added.
Add verification information after signing
In some workflows, signature validation information is unavailable at signing, but can be obtained later. For example,
suppose a company official signs a contract using a laptop while traveling by air. The computer cannot communicate
with the Internet to obtain timestamping and revocation information to add to the signature. Later, when Internet
access becomes available, anyone who validates the signature can add this information to the PDF. All subsequent
signature validations can also use this information.
Make sure that your computer can connect to the appropriate network resources, and then right-click the signature
1
in the PDF.
mode" on page 263
document" on page 269
Last updated 9/30/2011
266
Advertisement
Table of Contents
