Bug 88427 - PDF signatures - RFC3161 timestamps - Add configuration option for TSA URLs
Summary: PDF signatures - RFC3161 timestamps - Add configuration option for TSA URLs
Status: RESOLVED FIXED
Alias: None
Product: LibreOffice
Classification: Unclassified
Component: Printing and PDF export (show other bugs)
Version:
(earliest affected)
Inherited From OOo
Hardware: Other All
: medium enhancement
Assignee: Not Assigned
QA Contact:
URL:
Whiteboard:
Keywords:
Depends on:
Blocks: 84881 88428 88429
  Show dependency treegraph
 
Reported: 2015-01-15 00:46 UTC by Markus Wernig
Modified: 2015-03-28 13:03 UTC (History)
2 users (show)

See Also:
Crash report or crash signature:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Markus Wernig 2015-01-15 00:46:29 UTC
In order to enable timestamped PDF signatures it is necessary for the signing code to know about at least one URL where such timestamps can be obtained.
Since in most countries there are multiple of those timestamping services (called Time Stamping Authorities TSA) available, the user should be given
1) the possibility to enter multiple URLs
2) select one TSA as the "default" one

This request (not really a bug) is for adding a separate configuration option for configuring multiple Timestamping URLs and selecting one as default (presumably under Options->Security). The items entered are plain http URLs.
Comment 1 Robinson Tryon (qubit) 2015-01-15 03:42:53 UTC
Part of Bug 84881 - Add RFC 3161 timestamp when digitally signing PDF (tracker)
Status -> NEW
Severity -> enhancement
Comment 2 Tor Lillqvist 2015-02-12 12:45:27 UTC
Would it not be enough to simply have a field on the "Digital Signatures" tab of the "PDF Options" dialog for the TSA URL? A URL entered into that field would be stored in the settings and used as the default contents of the field the next time the dialog is displayed.

But hmm, yeah, this is problematic if you want to do digital signatures alternatively with and without a signed timestamp. So maybe additionally a checkbox "Generate timestamp"?

Or is it essential to be able to keep a list of TSA URLs in LO's settings (and then select one of them, or none, when doing a digitally signed PDF)?
Comment 3 Markus Wernig 2015-02-13 08:01:02 UTC
The way other programs do it is to let the user choose between the stored TSAs and the option "Time from local computer" (which is the default behaviour if none is set).

So the idea of having the user enter the TSA URL and automatically saving it is a very good one.

In the long run, we will need to be able to manage multiple TSA URLs. But for now, I believe that the solution proposed by you will be just fine.
Comment 4 Tor Lillqvist 2015-02-13 08:32:10 UTC
OK. Well, I already started working on being able to enter multiple TSA URLs into LO (and have them persisted in the user configuration), so unless that turns out to be horribly complicated, I'll continue on that. Then when doing the PDF export, there will be the possibility to choose one of them, or none (= local computer).
Comment 5 Markus Wernig 2015-03-28 13:03:23 UTC
This will be in 4.5 (It's in nightly since about March 1st). Thanks for the excellent work!