[NTG-context] PDF Digital Signatures

Michael Hallgren m.hallgren at free.fr
Tue Mar 20 22:25:32 CET 2012

Le mardi 20 mars 2012 à 20:23 +0100, Mojca Miklavec a écrit :
> On Mon, Mar 19, 2012 at 23:12, Hans Hagen wrote:
> > On 19-3-2012 22:08, Mojca Miklavec wrote:
> >>
> >> Out of curiosity: is inability to create password-protected PDF files
> >> with pdfTeX/LuaTeX due to legal issues or due to nobody caring enough
> >> to implement it?
> >
> > it's not worth the trouble. Afaik it's a second pass issue and would
> > complicate the code much.
> >
> > Just use qpdf to do it ... pretty fast.
> If qpdf exists it is probably not a legal issue to do password protection then.

You mean strong encryption? Some countries, regimes I should rather say,
are not in favour of such... Sad fact, IMHO.

Signing a document digitally, should never be much of an issue, in your
mentioned legal context, though. Well, needs to be honoured by the
receiving party... but... hey, make regimes modern ! :)


> But from the same perspective ... one first needs PDF to be (almost)
> finished before being able to sign it. One needs to read as-good-as
> the whole PDF, read the certificate from somewhere on the disk and
> then sign with that certificate. If certificate is password-protected,
> one also needs to provide the password somehow.
> The usecase would be sending documents to officials (proving that the
> document really comes from the person claiming the ownership). But it
> is also true that in principle one can sign emails with PDF
> attachments. It is not the same, but it comes close. Another usecase
> could be, say, sending invoices to clients.
> We have a company that sells crappy software for signing PDFs and XML
> for over 1000 EUR per version per browser per OS (each new version for
> each supported browser on a single OS costs that much; and they have a
> lot of clients). And of course it never works since of course it only
> supports Mac OS X 10.6 (10.7 still doesn't work), on Windows only IE 7
> or Firefox 3.6 (latest Firefox won't work and it is awfully difficult
> to find the old versions), on Linux probably a similar story (never
> tried). And that is the only possible way to send any document to the
> government. On the other hand they could just as well have used some
> standard tool and it would work out of the box. So much about signing
> ...
> Mojca
> ___________________________________________________________________________________
> If your question is of interest to others as well, please add an entry to the Wiki!
> maillist : ntg-context at ntg.nl / http://www.ntg.nl/mailman/listinfo/ntg-context
> webpage  : http://www.pragma-ade.nl / http://tex.aanhet.net
> archive  : http://foundry.supelec.fr/projects/contextrev/
> wiki     : http://contextgarden.net
> ___________________________________________________________________________________

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
URL: <http://www.ntg.nl/pipermail/ntg-context/attachments/20120320/8df17d2e/attachment.pgp>

More information about the ntg-context mailing list