digital signatures

Last week, iText Software and Inbatek were invited by the Electronic Transactions Development Agency (ETDA) in Bangkok (Thailand) for a full day of talks and sessions about PDF and e-invoicing. ETDA is a Public Organization in Thailand that functions as the main agency responsible for developing, promoting and supporting electronic transactions in order to create trust, opportunity and equity for all. We were honored to be included in this conference and were impressed with the quality of questions that stemmed from the pannel discussion. If you want to...
Tags: digital signatures
Last week there was a huge buzz surrounding SHA-1. The hashing algorithm has been deemed unsafe for many years, but is still used in outdated software for digital signatures. Recently a team of researchers was able to break SHA-1, proving definitively that the algorithim should be replaced . The attack was orchestrated on a PDF file that contained an image, which they exploited to generate a collision. A collision can be quite scary as it allows an attacker to generate two files that have the same digest value. If a victim was to sign one of these files using SHA-1, the signed digest would be...
How do I make a PDF document LTV enabled without using timestamps? I tried signing a document with a digital certificate in acrobat and when opened it says the document is LTV enabled. I did not use any timestamp. How can I do this using iText?
I'm using iText to sign and timestamp PDF documents. It works very well. But I recently switched from Acrobat Pro X to XI and now I see this new line: the signature is not LTV enabled and will expire after Now I'm a little bit confused: since the signature was declared valid at a known and certified date, why would it become invalid in the future?
I'm using iText to sign PDF documents. I need these documents to be timestamped and LTV-enabled. I followed the instructions and used the addLtv() method. I get a PDF with 2 signatures, which is normal: the first is my own signature, the second is the document-level timestamp. However, Acrobat tells me my signature is LTV enabled, but the timestamp signature is not.
Using iText, I've successfully created a document containing an empty signature field. Now I want to allow people to sign this document in Adobe Reader. I've read that I need to Reader enable my document, but I can't find how to do this using iText.
iText founder Bruno is featured over at GlobalSign with an interesting and extensive piece about electronic document signing. Starting from an issue caused by invoice fraud causing someone to lose €30.000, Bruno guides the reader through the steps for making electronic signatures work with PDF. Its three major advantages are integrity, authenticity and non-repudiation, which prevent people from getting defrauded. Bruno then gets into the more technical nitty-gritty and offers practical examples for creating and using PDF signatures - the entire article is well worth a read...
Using iText, I've successfully created a document containing an empty signature field. Now I want to allow people to sign this document in Adobe Reader. I've read that I need to Reader enable my document, but I can't find how to do this using iText.