Slightly OT - i need the proper wording for a signed document

Stefan Claas stefan.claas at posteo.de
Sat Nov 3 10:43:49 CET 2018


On Fri, 2 Nov 2018 15:42:40 +0100, Stefan Claas wrote:
> Am 02.11.18 um 15:20 schrieb Dirk Gottschalk:
> > Hello Stefan.
> >
> > Am Freitag, den 02.11.2018, 12:53 +0100 schrieb Stefan Claas:  
> >> Hi Wiktor,
> >>
> >> thanks a lot! Now this is awesome... i just timestamped my already
> >> signed .pdf with Adobe Reader DC and this does not invalidate my
> >> qualified signature, when saving the document again! :-) I must
> >> admit i did  not know this.  
> > You mean, you "tampered" with the file and the signature is still
> > valid? Are you sure? Then Adome does sometging really bad, IMHO.
> >
> > Such a signature should ensure that the file is unmodified
> > completely. otherwise somebody can modify it in a way that could be
> > used as a backdoor to the signature, at least in theory.  
> Hi Dirk,
> 
> i did not tampered with the file, i simply used the function
> in Adobe Reader DC to let it *add* a time stamp to my
> document and then saved it again.
> 
> I strongly assume that it is also possible that someone
> else can sign my .pdf too with a qualified signature and
> this will also not invalidate my qualified signature, unless
> of course someone would *edit* my document.

Just did a test with an older .pdf, which was signed with my
non-qualified D-Trust certificate and time stamped with
freetsa. Now i signed it again with my qualified D-Trust certificate
and time stamped again.

Works perfect! :-)

Regards
Stefan

-- 
https://www.behance.net/futagoza
https://keybase.io/stefan_claas
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 228 bytes
Desc: Digitale Signatur von OpenPGP
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20181103/ce27e0e9/attachment.sig>


More information about the Gnupg-users mailing list