9 Replies Latest reply on Oct 27, 2015 11:39 PM by Beijing_Mac

    Electronically signing PDF file increases file size by approximately 3 MB

    Beijing_Mac

      We are using certificates from our Smart Badge to electronically sign PDF documents.  Recently this action is adding ~3 MB to each file for each signature.  This is a recent occurrence.  This did not happen last month.  At that time, you could have several signatures on a 1 page PDF document and the overall file size was very small, like in the 200-300kb size.  What could have been changed and any suggestions on how to reset it? 

        • 1. Re: Electronically signing PDF file increases file size by approximately 3 MB
          Beijing_Mac Level 1

          Just to clarify, we have Adobe Acrobat XI, version 11.0.12 installed.  I have seen some old postings with recommendations to change some of the settings in Edit/Preferences, but the directions are for Version X and it seems that XI has a different appearance for Preferences (no tabs in some of the sections).

          • 2. Re: Electronically signing PDF file increases file size by approximately 3 MB
            Test Screen Name Most Valuable Participant

            This is normal, by default. You can change settings in a way which makes the signatures not viable in the long term.

             

            Preferences have changed little, and have identical tabs. The trick is that in Acrobat's preferences, the "tabs" is the list running down the left hand side.

            • 3. Re: Electronically signing PDF file increases file size by approximately 3 MB
              Beijing_Mac Level 1

              Thanks for the response.  I'm not sure if you fully read my first note.  The increasing the file size is a recent occurrence.  Prior to the past 6 weeks or so, we could sign a PDF document and it did not add 3 MB to the file size.  The file size stayed fairly small.  So this is not a "normal" result.  I have PDF documents which are signed and the size did not increase.  Now when I sign PDF documents, the file size increases dramatically. 

               

              Below is a screen shot of my Preferences Window, showing the Security & Security (Enhanced) options.  As mentioned earlier, there does not appear to be any "tab" under these sections, as per the Adobe X help section.  I don't see any setting to change that could reduce the information for each signature. 

               

               

              Any sound advice would be appreciated.

              26-Oct-15 12-57-38.png26-Oct-15 12-58-06.png

              • 4. Re: Electronically signing PDF file increases file size by approximately 3 MB
                Beijing_Mac Level 1

                I actually found a possible solution:

                 

                Edit / Preferences / Signatures

                1. Creation & Appearance:  Uncheck "Include signature's revocation status"
                2. Verification: Uncheck "Require certificate revocation checking to succeed......."

                 

                See screen shots below:

                26-Oct-15 17-46-31.png

                26-Oct-15 17-46-46.png

                26-Oct-15 17-47-08.png

                 

                Note, this is from Adobe XI and am using certificates from a SmartBadge.  It seems to keep the file size fairly consistent (not dramatically increasing the file size).,

                • 5. Re: Electronically signing PDF file increases file size by approximately 3 MB
                  Test Screen Name Most Valuable Participant

                  Yes, it is normal. My guess is that this option was off for you but turned on, perhaps by an update. (Older versions of Reader didn't do it). Possibly something else changed causing the need to store a huge certificate chain.

                   

                  Be sure you understand the consequences of turning this off. I can't explain them in sufficient detail.

                  • 6. Re: Electronically signing PDF file increases file size by approximately 3 MB
                    Beijing_Mac Level 1

                    You appear to not know what "normal" should be.  If you read my first posting, the act of using a SmartBadge to electronically sign a PDF file did NOT increase the file size.  This had been the case for several years.  Very recently, such as in the past 6 weeks, this act caused the file size to increase by 3 MB for each signature.  This is a change from normal.   If your type of assistance is the the "normal" assistance to be expected on this support forum, I can see why I've never tried to use it before, because it is surely not normal assistance, maybe even sub-normal.

                    • 7. Re: Electronically signing PDF file increases file size by approximately 3 MB
                      IsakTen Level 4

                      If you turn off "Include signature's revocation status" the recipients of your signed PDFs will lose ability to validate signatures after the signing certificate expires. If your signed PDFs have short lifespan than it is OK. If their lifespan is several years than you risk that the signatures cannot be validated in the future. This was the reason that in Acrobat 9.1 the default for this preference was changed from "off" to "on".

                      It is your decision as the document's signer to choose between smaller file size or ability to validate your signatures for along time.

                      • 8. Re: Electronically signing PDF file increases file size by approximately 3 MB
                        IsakTen Level 4

                        There are two sources of revocation status: OCSP and CRL. Both are maintained by the Certificate Authority that issued the signing certificate and are transmitted on Internet. OCSPs are small in size, CRLs are big, and their size increases with time. One of the reasons that signed PDF size increases substantially is that Acrobat starts to use CRLs instead of OCSPs.

                        There could be several reasons why Acrobat uses CRLs instead of OCSPs.

                        1. Acrobat cashes CRLs in Acrobat installation. If it finds an applicable CRL in the cache it uses it and does not go online for OCSP. Check C:\Users\<your user id>\AppData\Roaming\Adobe\Acrobat\11.0\Security folder if it has CRLCache sub-folder. If it does, delete it. Somehow OCSP may not have been found during some signing, Acrobat went for CRL, cached it and then started to use for all subsequent signing.

                        2. The firewall settings have changed and the OCSP server is not reachable from behind the firewall but the CRL server is reachable. This is unlikely but possible.

                        3. There are preferences that control the OCSP/CRL use. They can turn off OCSP and/or CRL lookup. So, if OCSP lookup is turned off then Acrobat does not look for OCSP and uses only CRL. These preferences are not accessible with UI. They can only be changed in the registry by system administrator, so in general cases this does not happen. This is a very unlikely case.

                        • 9. Re: Electronically signing PDF file increases file size by approximately 3 MB
                          Beijing_Mac Level 1

                          like I said in my first explanation, my company uses certificates from everyone's Smart Badge, we don't use a server such as Adobe or MS or other such system.  Our certificates do not come via the internet.......