Description: This is an inquire about digital signatures on PDF files. First, I would like to congratulate about the well done job which delivers digital signature to PDF at LibreOffice. The process has been implemented by a very good functionality; however, The departament of my city is not accepting the signed PDF once they intend to add notes and new signatures to the same PDF. Retrieving permissions of the signed PDF in another PDF reader, I realized that new comments and signatures are not allowed in their software. Some permissions that had been allowed before the signature process became restricted after the signature at LibreOffice. I also realized that their software are opening PDF in read-only status. To sum up, the signed PDF generated have been flagged with no comments, no new signatures and no editable permissions. Therefore, I would request you to provide new flags available through checkbox selection in PDF exportation or PDG signing process. PS.: a ICP Brasil token was used in the process. Steps to Reproduce: Steps to Reproduce: 1. Export PDF; 2. Sign PDF; 3. Open PDF in Third-part software. Actual Results: Actual Results: Third-party are not allowed to add comments or new digital signatures. Comments are not allowed; and the following message in Third-party software "The document was opened in read-only mode" Expected Results: Expected Results: It is expected that the Third-party could add new signatures and comments after PDF signing at LibreOffice. Reproducible: Always User Profile Reset: No Additional Info: Other Information: It would be great if we could deal with PDF restrictions/permissions flags.
I don't understand. Isn't it normal that you cannot add comments in signed file. Please be specific with which software it's possible, best attach such signed PDF and write in which PDF software it's possible to add comment and sign again.
(In reply to Timur from comment #1) > I don't understand. Isn't it normal that you cannot add comments in signed > file. Please be specific with which software it's possible, best attach such > signed PDF and write in which PDF software it's possible to add comment and > sign again. Full ACK - I also wouldn't want a PDF, which I signed, can be changed by any other software. From that very moment, I'd insist that my signature will be removed from that document.
Dear renatosen, This bug has been in NEEDINFO status with no change for at least 6 months. Please provide the requested information as soon as possible and mark the bug as UNCONFIRMED. Due to regular bug tracker maintenance, if the bug is still in NEEDINFO status with no change in 30 days the QA team will close the bug as INSUFFICIENTDATA due to lack of needed information. For more information about our NEEDINFO policy please read the wiki located here: https://wiki.documentfoundation.org/QA/Bugzilla/Fields/Status/NEEDINFO If you have already provided the requested information, please mark the bug as UNCONFIRMED so that the QA team knows that the bug is ready to be confirmed. Thank you for helping us make LibreOffice even better for everyone! Warm Regards, QA Team MassPing-NeedInfo-Ping
I consider we are discussing many aspects of signing. First, attending former comments, I am describing 2 forms of signing: keeping signatures outside of main file and keeping signatures within the main file. Then, I am returning to the point of signing PDF in LibreOffice. In this point, the details are pointing out several difficulties to sign within the main PDF file. Basically, the focus of this ticket is to verify the possibility to manage PDF flags and to perform more than one signature within the main file; First, there are 2 forms of storing signatures: - Keeping signatures in additional files; - Keeping signatures altogether within the main document; Keeping signatures in attached files It is well known that some projects keep signatures and fingerprints out of the main document. It is a very good option to implement new systems/tools. The reason is that the main file do not need interactions or additional changes to store signatures. This option prevents changes in fingerprint and file corruption through the signing process and other steps. This option is the easiest to implement and to maintain using common open source tools and well know concepts of signatures. Keeping signatures within the main document On the other hand, keeping all signatures in the same document delivers signatures for all users which received the only one - main file. The problem is that if signatures are kept all together in the same file, all signature recordings change the main document. Therefore, this might lead to fingerprint alterations, and in some cases the main fie might be susceptible to external changes or file corruption. The most risky part is that all signatures needs the user to interact with the main file. The user must download it, expose the file to the environment, sign it, and upload back to the server. Since, there are threats related to PDFs or any other files, changing files for signatures do not seems to be the securest solution. Considering the main file pass through internal and external users, multiple access might increase the risky changes or virus injections.. Another point, which might be good or not, is that this solution might depend on proprietary definitions. The advantage of this solution is that it is easy to store all signatures and data in one file. It is good for a long run. To sum up, to keep all signatures within the same file might bring some risks, however this option have been used for a long time. I would consider both options of signing are functional. Focusing in signing PDF After detailing the two options of keeping signatures, I am switching to the point of signing one main file in Libre Office. I highlight the option of keeping signatures in one main document. And, I consider the main document is a PDF file. Then, I move forward to the topic of signing PDF in LibreOffice. I am using an example to consolidate the scene. In my example: two people need to sign a PDF file. Unfortunately, the second one is reporting trouble. The second is an external user signing the same main PDF file. The problem is that If the first user signs via LibreOffice, the second can not sign successfully in other PDF reader. The last reader could use any program. In fact, we could focus in the flags. I guess that the blockage which the second user faces might be caused because of flags which LibreOffice sets in the first PDF signature. It seems that flags, which are written in first version of signed file, are not compatible with second access for the second signature. Other problems such as not having permissions to add stamps and not having permissions to add visual marks are seen for the second signer at the second access. Opposite to the difficulty presented in this environment, two different signatures are possible in proprietary PDF reader solution and have been used in my region. To check the possibility to edit flags and to execute multiple signatures in the LibreOffice. I would verify the possibility to include a function to allow multiple signatures and to allow specific flags to be available in the signature box. It is because the second signature depend on right flags such as Editable, Comments and Signatures to access the document properly. In fact, most of readers rely on those flags to add information, and other programs have managed all functionalities which can handle two signatures properly. Basically, other programs have allowed two people to sign PDF properly, and I would appreciate if LibreOffice could perform such way. That means placing a visual stamp and adding signatures in the second access.
I consider we are discussing many aspects of signing. First, attending former comments, I am describing 2 forms of signing: keeping signatures outside of main file and keeping signatures within the main file. Then, I am returning to the point of signing PDF in LibreOffice. In this point, the details are pointing out several difficulties to sign within the main PDF file. Basically, the focus of this ticket is to verify the possibility to manage PDF flags and to perform more than one signature within the main file; First, there are 2 forms of storing signatures: - Keeping signatures in additional files; - Keeping signatures altogether within the main document; Keeping signatures in attached files It is well known that some projects keep signatures and fingerprints out of the main document. It is a very good option to implement new systems/tools. The reason is that the main file do not need interactions or additional changes to store signatures. This option prevents changes in fingerprint and file corruption through the signing process and other steps. This option is the easiest to implement and to maintain using common open source tools and well know concepts of signatures. Keeping signatures within the main document On the other hand, keeping all signatures in the same document delivers signatures for all users which received the only one - main file. The problem is that if signatures are kept all together in the same file, all signature recordings change the main document. Therefore, this might lead to fingerprint alterations, and in some cases the main fie might be susceptible to external changes or file corruption. The most risky part is that all signatures needs the user to interact with the main file. The user must download it, expose the file to the environment, sign it, and upload back to the server. Since, there are threats related to PDFs or any other files, changing files for signatures do not seems to be the securest solution. Considering the main file pass through internal and external users, multiple access might increase the risky changes or virus injections.. Another point, which might be good or not, is that this solution might depend on proprietary definitions. The advantage of this solution is that it is easy to store all signatures and data in one file. It is good for a long run. To sum up, to keep all signatures within the same file might bring some risks, however this option have been used for a long time. I would consider both options of signing are functional. Focusing in signing PDF After detailing the two options of keeping signatures, I am switching to the point of signing one main file in Libre Office. I highlight the option of keeping signatures in one main document. And, I consider the main document is a PDF file. Then, I move forward to the topic of signing PDF in LibreOffice. I am using an example to consolidate the scene. In my example: two people need to sign a PDF file. Unfortunately, the second one is reporting trouble. The second is an external user signing the same main PDF file. The problem is that If the first user signs via LibreOffice, the second can not sign successfully in other PDF reader. The last reader could use any program. In fact, we could focus in the flags. I guess that the blockage which the second user faces might be caused because of flags which LibreOffice sets in the first PDF signature. It seems that flags, which are written in first version of signed file, are not compatible with second access for the second signature. Other problems such as not having permissions to add stamps and not having permissions to add visual marks are seen for the second signer at the second access. Opposite to the difficulty presented in this environment, two different signatures are possible in proprietary PDF reader solution and have been used in my region. To check the possibility to edit flags and to execute multiple signatures in the LibreOffice. I would verify the possibility to include a function to allow multiple signatures and to allow specific flags to be available in the signature box. It is because the second signature depend on right flags such as Editable, Comments and Signatures to access the document properly. In fact, most of readers rely on those flags to add information, and other programs have managed all functionalities which can handle two signatures properly. Basically, other programs have allowed two people to sign PDF properly, and I would appreciate if LibreOffice could perform such way. That means placing a visual stamp and adding signatures in the second access. – PS: @Timur and Comment2: Unfortunately, I can not provide official documents using others’ signatures; however I wish I could explained what is needed for comprehension in this comment. Mainly, specific flags are used for other programs to guarantee two times signatures. In addition, other programs, which probably follow some specification, access the signed PDF and can not sign the second time. Moreover, It is believed that those flags used in Libreoffice do not allow the second signature in other programs. I wish I could provide all information needed once I am not sure if I can provide any further details or files.
(In reply to [REDACTED] from comment #2) > (In reply to Timur from comment #1) > > I don't understand. Isn't it normal that you cannot add comments in signed > > file. Please be specific with which software it's possible, best attach such > > signed PDF and write in which PDF software it's possible to add comment and > > sign again. > > Full ACK - I also wouldn't want a PDF, which I signed, can be changed by any > other software. From that very moment, I'd insist that my signature will be > removed from that document. In my region, we have seen external users and companies signing contracts one after the other. This have guaranteed the digital validity of documents.
Do you have an example where changing/commenting the document does not invalidate signatures? Doubt it works anywhere like this.
(In reply to renatosen from comment #6) > In my region, we have seen external users and companies signing contracts > one after the other. This have guaranteed the digital validity of documents. This to me looks like a chain of signatures, and not uncommon. You refer to e.g. Adobe? Also, I think the summary of the bug report is too generic. Can you suggest a one sentence description that clearly tells which feature/behavior misses?
We discussed the topic in the design meeting. While it is surprising that signed documents can be modified, there might be special flags that makes comments possible. Ultimately this is a question to developers.