[Poppler-bugs] [Bug 99365] Certificate chain from PDF digital signature back to trusted root certificate not verified?
bugzilla-daemon at freedesktop.org
bugzilla-daemon at freedesktop.org
Sun Jan 15 19:28:56 UTC 2017
https://bugs.freedesktop.org/show_bug.cgi?id=99365
--- Comment #4 from Sebastian Rasmussen <sebras at hotmail.com> ---
Thanks for the explanations of where I misunderstood what's happening.
Sorry for the unnecessary noise.
> Maybe we can change the output string of pdfsig for the 1st validation to
> something more specific if people find the wording to be misleading:
> "Signature Validation: the document was not modified since the document was
> signed"
There is alos "Digest mismatch" though, which also says something about whether
the document was been modified.
As I understand it you basically have three booleans:
1. does the digest for the file match that in the signature dictionary?
2. does the signature in the dictionary sign the digest?
3. is the signature trusted?
And to lessen the confusion maybe these three cases should attempt to
not use overlapping terminology. I'm new to this certificate validation
things though, so maybe it's just me being confused because I'm not yet
clued in on the details. :)
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/poppler-bugs/attachments/20170115/22831507/attachment.html>
More information about the Poppler-bugs
mailing list