|
You can use the Signature service to validate signatures
that are added to PDF forms. To validate signatures, the certificate
can be checked for revocation, the timestamp of the signature can
be checked, and the document digest is verified. You can validate
signatures individually or validate all the signatures on a PDF document.
The following limitations apply to validating digital signatures
by using the Signature service:
The Signature service cannot accurately validate signatures
on dynamic Adobe PDF forms.
The Signature service cannot ensure that field-locking rules
for signature fields (MDP+ rules) are enforced for Adobe PDF forms
and Adobe XML forms.
When validating signatures, the following information can be
specified:
- Signature field:
- The name of the signature field that holds the signature
to verify.
- Revocation checking:
- Whether to check that the signer’s certificate is revoked. You
can specify information to enable OCSP and CRL types of checking.
- Time stamp checking:
- How to verify the timestamp of the signature.
- Path validation:
- Information that enables the verification of the certificates
in the certificate chain that the signer’s certificate includes.
The
validity status messages displayed depend on whether the Process Documents
With Acrobat 9 Compatibility option is selected for Signature service. (See
Signature service settings in LiveCycle Administration Console Help.)
The
following table describes the situations that cause the different
signature-validity states when the option is selected.
Values
|
Signature status
|
|---|
DynamicFormSignatureUnknown
DocumentSignatureUnknown
|
Status Unknown
The integrity of the
document or dynamic PDF form has not been verified.
|
CertifiedDynamicFormSignatureTamper
SignedDynamicFormSignatureTamper
CertifiedDocumentSignatureTamper
SignedDocumentSignatureTamper
|
Tamper
The document or dynamic form
has been altered or corrupted since the signature was applied.
|
SignatureFormatError
|
Invalid
The signature is invalid because
its formatting or the information it contains has errors.
|
DynamicFormSigNoChanges
DocumentSigNoChanges
|
Signed with no changes
The document
or dynamic form has not been modified since the signature was applied.
|
DynamicFormCertificationSigNoChanges
DocumentCertificationSigNoChanges
|
Certified with no changes
The document
or dynamic form has not been modified since it was certified.
|
DocSigWithChanges
|
Signed with changes
The revision of
the document that this signature covered has not been changed; however,
subsequent changes were made to the document.
|
CertifiedDocSigWithChanges
|
Signed with allowed changes
The document
has been changed since the signature was applied. However, the changes
are permitted by the document certifying party and do not invalidate
the signature.
|
CertificationSignWithChanges
|
Certified with changes
The document
has been changed since it was certified. However, the changes are
permitted by the document certifying party and do not invalidate
the signature
|
The following table describes the situations
that cause the different signature-validity states when the option
is not selected.
Value
|
Signature status
|
|---|
Invalid
|
Signature Invalid
The revision of
the document that is covered by the signature has been altered.
|
Unknown
|
Status Unknown
Signature validation
on the signed contents was not performed.
|
ValidAndModified
|
Signature valid but document modified
The
revision of the document that is covered by the signature was not
modified; however, subsequent changes were made to the document.
|
ValidUnmodified
|
Signature valid and document unmodified
The
revision of the document that is covered by the signature was not
modified. No subsequent changes were made to the document.
|
When validating signatures, you must know
whether you are validating a PDF signature or an XML signature.
|
|
|
