• Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
    Dedicated community for Japanese speakers
  • 한국 커뮤니티
    Dedicated community for Korean speakers
Exit Search
0

Kind of security for signature removal

Community Beginner ,
Feb 24, 2023 Feb 24, 2023

Copy link to clipboard

Copied

I realize that Acrobat only allows the person who added a digital signature to remove it. Is this is implemented in a way that no software by any vendor could remove it, similar to a document open password? Or is it implemented in a way that Adobe products will not remove it, but some other vendor could create software that would delete it, similar to a permissions password?

 

My use case is a notary public. The person who created a document signs it. The notary signs to witness the signature of the creator, and gives the file back to the creator. Later, some unknown person removes the creator signature, making it appear the notary didn't do his/her job properly.

TOPICS
Security digital signatures and esignatures

Views

2.3K

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines

correct answers 1 Correct answer

Enthusiast , Feb 26, 2023 Feb 26, 2023

If proper digital signatures are used by the parties (and not simple electronic ones as in normal Adobe Acrobat Sign or DocuSign workflows), then the second signature in particular cryptographically signs the whole source document including the first signature. Actually removing the first signature from the file, therefore, will invalidate the second one which every validator should show.

Alternatively the first signature may be "removed" by adding an incremental update in which the first signatu

...

Votes

Translate

Translate
Community Expert ,
Feb 24, 2023 Feb 24, 2023

Copy link to clipboard

Copied

"Or is it implemented in a way that Adobe products will not remove it, but some other vendor could create software that would delete it, similar to a permissions password?"

 

This is correct.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Enthusiast ,
Feb 26, 2023 Feb 26, 2023

Copy link to clipboard

Copied

quote

My use case is a notary public. The person who created a document signs it. The notary signs to witness the signature of the creator, and gives the file back to the creator. Later, some unknown person removes the creator signature, making it appear the notary didn't do his/her job properly.

 

If the notary signed using a digital signature, the removal of the previous signature will invalidate the notary signature. In your use case it will be clear that the document has been manipulated afterwards, so the notary won't be blamed.

 

(Of course assuming the notary uses trustworthy software to sign. Furthermore, exploits of bugs in the signature validator used - e.g. Adobe Acrobat - may in the short term seem to indicate differently; eventually, though, an analysis of the PDF will show what happened.)

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Beginner ,
Feb 26, 2023 Feb 26, 2023

Copy link to clipboard

Copied

In my experiment, I found that I could clear the first signature using Adobe Reader and the second signature remained valid.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Enthusiast ,
Feb 26, 2023 Feb 26, 2023

Copy link to clipboard

Copied

quote

In my experiment, I found that I could clear the first signature using Adobe Reader and the second signature remained valid.

Then there is an issue with the way the second signature is applied. Can you share example documents illustrating the issue for analysis? (with first signature, with first and second signature, with second signature but first removed)

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Expert ,
Feb 26, 2023 Feb 26, 2023

Copy link to clipboard

Copied

Later, some unknown person removes the creator signature, making it appear the notary didn't do his/her job properly.

By @Geber

 

The notary uses a raised seal that will only be in the original document, not in a copy. They have also entered it in a book that has been signed by the notary and the person who is getting the document notarized.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Beginner ,
Feb 26, 2023 Feb 26, 2023

Copy link to clipboard

Copied

I intended to discuss pdf documents which are electronically signed, and provided to the signer and the ultimate recipients in electronic form. Of course a raised seal cannot be applied to an electronic document. (Well, I suppose you could apply it to a DVD but then the DVD would be destroyed.)

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Expert ,
Feb 26, 2023 Feb 26, 2023

Copy link to clipboard

Copied

Or is it implemented in a way that Adobe products will not remove it, but some other vendor could create software that would delete it

By @Geber

 

We cannot predict into the future as to what software other vendors could or might create. Of course it is possible.

 

Jane

Forum volunteer

 

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Beginner ,
Feb 26, 2023 Feb 26, 2023

Copy link to clipboard

Copied

In the case of the basic, running text of the document, we know it is protected by the PKI signature such as RSA in combination with a  symmetric key cipher such as AES. No vendor would be able to create software that would alter the running text without making the signature invalid, unless the vendor was able to defeat one of those two crypto algorithms. We all rely on those algorithms to be secure. In the case of a permissions password, it isn't a matter of cryptographic protection, it's just an instruction to Adobe software to not permit certain operations on the PDF. Other vendors have written software that ignores that instruction.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Enthusiast ,
Feb 26, 2023 Feb 26, 2023

Copy link to clipboard

Copied

If proper digital signatures are used by the parties (and not simple electronic ones as in normal Adobe Acrobat Sign or DocuSign workflows), then the second signature in particular cryptographically signs the whole source document including the first signature. Actually removing the first signature from the file, therefore, will invalidate the second one which every validator should show.

Alternatively the first signature may be "removed" by adding an incremental update in which the first signature field is cleared. This keeps the second signature (which covers the revision before that addition) cryptographically valid, so validators may show green in that regard. But every validator should show that changes have been applied to the document after the second signature, making clear that the notary's version of the document has been manipulated.

In regard to that second option I'd propose the notary locks the existing fields in the document when signing. That should make validators checking MDP display the second signatures as invalid even in that case.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Beginner ,
Feb 27, 2023 Feb 27, 2023

Copy link to clipboard

Copied

@MikelKlinkthanks for the explanation. For the strategy of "the notary locs the existing fields", I suppose that would be done in Adobe Acrobat Reader by checking the "lock document after signing" box while signing. This strategy is fine if there is only one signing session. But if the document must be sent to a different place for additional signatures by signers and an additional notary, it wouldn't work. In my experience, an need for multiple signing sessions only occurs for roughly 1% of documents that need notarization.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Enthusiast ,
Feb 27, 2023 Feb 27, 2023

Copy link to clipboard

Copied

LATEST
quote

For the strategy of "the notary locs the existing fields", I suppose that would be done in Adobe Acrobat Reader by checking the "lock document after signing" box while signing.

 

PDF-wise there also is the option to only lock certain fields, not the whole document. Unfortunately I do not see how to make use of that option in your use case with Adobe Acrobat.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines