1 person found this helpful
You can only accept trusted certificates.
I want to get more clarity on this answer. Let's say I need digital signature from Person A, I can create a digital ID of person A by doing following in Adobe Acrobat:
Tools>More Sign & Certify>Security Settings>Digital IDs>Add ID
Follow the dialog box prompts to create a digital ID for 'Person A'.
Person A digital ID can be created. And now I am signing using Person A digital signature instead of Person A. How can forged signatures be avoided?
My question is how can I detect if person A is 'person A' and not someone else who created 'person A'? Is there a way to know if someone forged signature?
Answer is much appreciated.
1 person found this helpful
'Person A' should send you the public key of the certificate.
After receiving a signed document you can verify the certificate.
What is a Roaming ID Account? Can I create Roaming IDs and restrict by having only few people who can sign to be included in this account? Let's say 'Person A' is included in this account. Can this digital signature be forged? Please explain roaming ID account.
This can be found:
Tools>More Sign & Certify>Security Settings>Digital IDs
Roaming ID account provides access to a server that contains your roaming IDs. If you don't know the connection details, contact your administrator.
To log in or out of an account, expand the roaming ID account tree in the left-hand panel, select an account, and choose Login or Logout. Logging out guarantees that this account's roaming IDs cannot be used on this machine without re-authenticating.
Any answer is appreciated. Thanks.
Let's talk about digital signatures and forging, this is very important. All your users will need to understand this, otherwise they will be completely vulnerable to forging.
Digital signatures are based on a certificate, which has public and private parts.
The private part must be kept absolutely safe and private. If someone gets a copy they can sign anything as that person.
The public part is meant for sharing. And the sharing is crucial.
Let's imagine a paper based system for a moment. If a letter arrives asking for a million dollar transfer, you would want to check it. How would you check it? Perhaps the signature is in a filing cabinet. You assume the file has been kept safe - that people can't wander in and change the file. Then at least you can trust the paper signature to check it.
It's the same thing with digital certificates. The public certificate is shared FIRST. This process, done once, has to be trusted. If a certificate arrives claiming to be from someone, you must check, otherwise the certificate might be a fake. Human has to talk to human here.
Once you have the public certificate, you can check whether any future PDF used that exact certificate. NEVER look what it says on the page, that could be a fake.
Public certificate stores are an alternative to sharing public certificates. It basically means all the certificates are held by someone you trust who has already made all the checks.