Bug 88427 - PDF signatures - RFC3161 timestamps - Add configuration option for TSA URLs
Summary: PDF signatures - RFC3161 timestamps - Add configuration option for TSA URLs
Status: RESOLVED FIXED
Alias: None
Product: LibreOffice
Classification: Unclassified
Component: Printing and PDF export (show other bugs)
Version:
(earliest affected)
Inherited From OOo
Hardware: Other All
: medium enhancement
Assignee: Not Assigned
URL:
Whiteboard:
Keywords:
Depends on:
Blocks: 84881 88428 88429
  Show dependency treegraph
 
Reported: 2015-01-15 00:46 UTC by Markus Wernig
Modified: 2015-03-28 13:03 UTC (History)
2 users (show)

See Also:
Crash report or crash signature:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Markus Wernig 2015-01-15 00:46:29 UTC 
In order to enable timestamped PDF signatures it is necessary for the signing code to know about at least one URL where such timestamps can be obtained.
Since in most countries there are multiple of those timestamping services (called Time Stamping Authorities TSA) available, the user should be given
1) the possibility to enter multiple URLs
2) select one TSA as the "default" one

This request (not really a bug) is for adding a separate configuration option for configuring multiple Timestamping URLs and selecting one as default (presumably under Options->Security). The items entered are plain http URLs.
Comment 1 Robinson Tryon (qubit) 2015-01-15 03:42:53 UTC 
Part of Bug 84881 - Add RFC 3161 timestamp when digitally signing PDF (tracker)
Status -> NEW
Severity -> enhancement
Comment 2 How can I remove my account? 2015-02-12 12:45:27 UTC 
Would it not be enough to simply have a field on the "Digital Signatures" tab of the "PDF Options" dialog for the TSA URL? A URL entered into that field would be stored in the settings and used as the default contents of the field the next time the dialog is displayed.

But hmm, yeah, this is problematic if you want to do digital signatures alternatively with and without a signed timestamp. So maybe additionally a checkbox "Generate timestamp"?

Or is it essential to be able to keep a list of TSA URLs in LO's settings (and then select one of them, or none, when doing a digitally signed PDF)?
Comment 3 Markus Wernig 2015-02-13 08:01:02 UTC 
The way other programs do it is to let the user choose between the stored TSAs and the option "Time from local computer" (which is the default behaviour if none is set).

So the idea of having the user enter the TSA URL and automatically saving it is a very good one.

In the long run, we will need to be able to manage multiple TSA URLs. But for now, I believe that the solution proposed by you will be just fine.
Comment 4 How can I remove my account? 2015-02-13 08:32:10 UTC 
OK. Well, I already started working on being able to enter multiple TSA URLs into LO (and have them persisted in the user configuration), so unless that turns out to be horribly complicated, I'll continue on that. Then when doing the PDF export, there will be the possibility to choose one of them, or none (= local computer).
Comment 5 Markus Wernig 2015-03-28 13:03:23 UTC 
This will be in 4.5 (It's in nightly since about March 1st). Thanks for the excellent work!