7 Replies Latest reply on Jun 12, 2013 1:59 AM by cb122

    Risks associated with digital signatures


      We are looking to develop a process to use digital signatures on PDF documents, send them via email to a line manager, who adds his digital signature as a "stamp of approval" who then emails them to a specific department for processing. Are there any risks associated with using digital signatures in adobe, and general best practices for their usage, or best practices to mitigate the risks associated with them.

        • 1. Re: Risks associated with digital signatures
          Dave Merchant MVP & Adobe Community Professional

          What type of 'risk' are you thinking of?


          Can a digital ID be faked? Yes - if it's self-signed and you're daft enough to trust it without checking.

          Can a commercially-issued ID be forged? Not easily, as the issuer will normally require identity documents to be sent.

          Can it be stolen from inside the signed document? No.

          Can you tell if the file's been changed after signing? Yes.

          • 2. Re: Risks associated with digital signatures
            cb122 Level 1

            I am new to this kind of thing so didnt have any sort of risk in mind, I was hoping for some examples to enlighten me. Aside from risk then, are there any general best practices for setting up a digital certificate process for PDF's that require a high degree of integrity. The PDF's will only ever be "shared" internally.


            I am guessing if we procured a corporate certificate from verisign that self signed is not a concern?

            • 3. Re: Risks associated with digital signatures
              IsakTen Level 4

              If you procure and use commercially-issued credentials (not self-signed), digital signatures are much safer than any other signatures.

              1. They tell you whether the signed document has been altered. The document's author may specify which alterations (like form fill or signing) are acceptable. A digital signature tells you what kind of alterations in the document occurred after signing. In Acrobat you can always get the signed version before any alterations occurred.

              2. The digital signature tells you who the signer is (not only from the appearance but from the signing credential which is present in the signatures).

              3. The signing credential of a digital signature can be verified on-line that it has not been revoked and is still good. Acrobat has a feature to embed revocation information in the document, so that you can get verification that the signing credential was good at the signing time even if you do not have Internet access.

              4. In Acrobat the last signer can lock the signature, so that no other modifications of the document are allowed.

              So, there are many advantages to using digital signatures. The only risk that you have is that a signing credential can be stolen if someone has an access to the computer or token where the credential is stored AND gets hold of the credential's password. Each credential is password protected, so you guard this password as you guard any other password. If you suspect that someone got hold of your credential and password you can always ask the credential's issuer to revoke this credential and to issue you a new one. In this case the only time span when someone may use your credential is the time lag between the time the credential was stolen and the time the issuer revoked it.

              • 4. Re: Risks associated with digital signatures
                Dave Merchant MVP & Adobe Community Professional

                If you're only ever going to be handling documents internally then you can implement your own management policy of self-signed IDs (created in Acrobat or Adobe Reader) and avoid the need to purchase commercial IDs (which are issued per-person, not per-company, so they're not trivial to manage).


                A self-signed ID by default is not trusted by other installations of the Acrobat Family and will show a warning message, but you can collect self-signed IDs from your workers (via a reliable route so you know they're genuine) and add them to the trust list on your other computers. Someone else creating a self-signed 'fake' ID with the same email address would be detectable as that ID won't be trusted. If you're managing deployments of the Acrobat Family you can pre-arrange the trust options to stop people messing about with them.


                The disadvantage with self-signed IDs is that they won't be trusted outside your company, but that doesn't seem to matter in your case.

                • 5. Re: Risks associated with digital signatures
                  cb122 Level 1

                  Can I ask what prevents another user applying their collegues digital signature to a document?

                  Are passwords used to prove intent of applying the signature, if so who applies the password, last thing you would want is if all employees have the same password for the signature.

                  How would you be able to see if a digitally signed PDF had then been tampered with? How does it appear?

                  • 6. Re: Risks associated with digital signatures
                    Dave Merchant MVP & Adobe Community Professional

                    Yes, when you create a self-signed ID you are prompted for the password, and you must re-enter it whenever you sign something. In addition, the key's private file must be available on the computer used to sign (so simply guessing the password doesn't get you very far).


                    If a document has been signed and subsequently altered, information on the status and what was changed is shown in the Signatures panel:



                    • 7. Re: Risks associated with digital signatures
                      cb122 Level 1

                      Is it possible to integrate a digital signature with the users active directory username/password, i.e. when it comes to signing a PDF, you are prompted again for your active directory username/password, or worse still once authenticated onto the domain removes the need to re-enter a password when signing a PDF?


                      These are commercially procured certificates from verisign not self-signed.