When saving a new version of a Digitally Signed document, the signature is removed.
This is different from how a paper document is signed, a signature does not get unsigned.
This is a shame as 'versions' are made read only anyway and could easily have the old signature intact.
Keeping revisions inside one document makes sense, but for document control purposes (ISO9001) essential information (who approved the doc and when) is now lost.
Thus the originally signed first version should remain available.
(In reply to Ferry Toth from comment #0)
> This is a shame as 'versions' are made read only anyway and could easily
> have the old signature intact.
I'm not sure if the file structure of a 'versioned' document supports the needs of digital signatures. But it's an interesting thing indeed.
(Can test later, I think)
(In reply to Cor Nouws from comment #1)
> (In reply to Ferry Toth from comment #0)
> > This is a shame as 'versions' are made read only anyway and could easily
> > have the old signature intact.
> I'm not sure if the file structure of a 'versioned' document supports the
> needs of digital signatures. But it's an interesting thing indeed.
> (Can test later, I think)
Did you have the chance to test it?
A popup appears:
" Saving will remove all existing signatures. Do you want to ... "
Build ID: 7a6df88f2579c4fcfa81eb27f6db9e8e21c9a6f8
CPU threads: 4; OS: Linux 4.13; UI render: default; VCL: gtk2;
TinderBox: Linux-rpm_deb-x86_64@70-TDF, Branch:master, Time: 2018-01-14_22:46:48
Locale: nl-NL (nl_NL.UTF-8); Calc: group threaded
@miklos, @samuel: what are your ideas
Signing happens at an ODF package level, while versions add new streams in the ODF package, so this works as expected.
You can't really swap this (sign first, versions later) as an unsigned stream invalidates the signature in ODF. I would suggest to close this as a not-a-bug.
In theory you could have this feature (if you ignore backwards compatibility), but then you would loose the ability to say that if a stream is not signed, the signature is not valid.
(In reply to Miklos Vajna from comment #4)
> Signing happens at an ODF package level, while versions add new streams in
> the ODF package, so this works as expected.
In addition, saving (even if nothing has changed in the document)
never reuses the xml streams, but creates them from internal state. So
it is not guaranteed that the same xml is written at two different
times, or even less so from two different libreoffice versions. So
likely the signature will be inadvertedly invalidated.
per advice: NotABug
I get that it is not a bug, it is a request for enhancement.
To me it sounds logical that currently the file (package) is signed, while it sounds more logical that the document (stream) needs to be signed. Opening a previous version (other stream) should then just show the signature of the previous version.
The current behaviour restricts the usefulness of versions and forces users to keep different files for each signed version.
(In reply to Ferry Toth from comment #7)
> The current behaviour restricts the usefulness of versions and forces users
> to keep different files for each signed version.
Reading comments, I conclude that it is doubtful if can work at all.