Problems in signature verification since march update?

New Here ,
May 04, 2022 May 04, 2022

Copy link to clipboard

Copied

Hello,

 

We have noticed two different problems with PDF signature verification since latest update (march).

 

First problem (less severe): If we open a perfectly valid signed PDF with the latest Reader / DC, the signature panel shows that the signature is valid, but there is always a warning indicating "changes have occurred". Clicking re-validation removes the warning. This is merely annoyance, but indicates that something has changed in Reader. No such warnings have been displayed with previous versions.

 

Screenshot 2022-05-04 at 9.49.24.png

Second problem (more severe): Signature may be validated correctly with latest OSX version of the Acrobat Reader, but fails to validate with latest Windows version. This is absolutely unacceptable. I cannot provide an example document because we cannot reproduce the problem and those few examples we have contain sensitive data. However, the problem is real and we have seen already two separate instances of this problem since March. 

 

Windows:

Screenshot 2022-05-04 at 10.05.26.png

 

OSX:

Screenshot 2022-05-04 at 10.05.55.png

We are now confused where to continue debugging this issue. Any ideas? I can see that the first issue is also happening with other signed PDF files too, not the ones that were have created and signed by ourselves.

 

 

 

 

 

TOPICS
Security digital signatures and esignatures

Views

74

Likes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
New Here ,
May 04, 2022 May 04, 2022

Copy link to clipboard

Copied

Just to add, the issues started after updating to versions:

 

OSX: 2022.001.20112

Windows: 2022.001.20117

Likes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Engaged ,
May 04, 2022 May 04, 2022

Copy link to clipboard

Copied

LATEST

There have been a few other posts pointing out changes in signature validation in the 2022 updates of Adobe Acrobat. Chances are that Acrobat signature validation code has been hardened against some signature forgery strategy, and some more signed documents with similar structures (even though not used for forgery purposes) also now are rejected.

Without examples, though, one cannot say whether these extra rejects are really false hits or whether they actually contain structures allowing forgery.

Likes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines