What is the connection between LTV and document ti

2019-01-26 15:10发布

问题:

I am confused about LTV in iText. I have read the paper, discussions but there is one thing still unclear. What is the connection between LTV and document timestamps? Or more precisely, how do I make pdf LTV enabled without using timestamps? One thing I know for sure, to make an LTV enabled document, I do not need timestamps. I tried signing a document with a digital certificate in acrobat and when opened it says the document is LTV enabled, I did not use any timestamp.

回答1:

LTV enabled in Adobe Reader

The last time I looked Adobe had not publicly defined what they mean by "LTV enabled" technically.

Adobe's PDF evangelist Leonard Rosenthol gave this definition on the iText mailing list this January:

LTV enabled means that all information necessary to validate the file (minus root certs) is contained within.

which has been clarified as

the PDF is signed correctly and contains all necessary certificates, a valid CRL or OSCP response for every certificate [except for the root certificate]

but as

"a valid CRL or OSCP response for every certificate" also includes signatures over CRLs and OCSPs., not just the signature certificate.

he pointed out quoting one of the Adobe engineers

LTV may be enabled when all collaterals are embedded in the signatures and not DSS (I just fixed a bug that did not handle this case correctly). In this case there may be no DSS. However, this is very unusual, because signatures over CRLs and OCSPs do not contain embedded rev info which is Adobe extension. Yet, this is a distant possibility.

Adding LTV information in iText

Using iText to add LTV information, on the other hand, is an attempt to add such information to a signed document which misses the required information.

Missing a concrete technical definition by Adobe to go by, though, this essentially is a best effort attempt, not something one can definitively claim to have done. It especially turned out that the interpretation of the specification of the DSS sections to add these information was inconsistent.

Maybe Bruno can report the current state of the endeavor.

Your questions

What is the connection between LTV and document timestamps?

Document time stamps and LTV information have initially been defined in the same PAdES specification part ETSI TS 102 778-4 and some ping-pong between them has been defined there:

Thus, it had been assumed sometimes that each time you add DSS you also have to add a document time stamp. This in turn may give rise to some hen-egg issue because the time stamp also relates to some certificate for which additional DSS information might be required.

As Leonard also wrote back in January on the topic of "DSS for LTV-enabled"

No timestamp (regular or document level) is required.

Thus, getting back to your questions,

Or more precisely, how do I make pdf LTV enabled without using timestamps?

Add validation information for all involved certificates except root certificates, also including certificates used in the validation information. And whenever you time stamp, add validation information for the time stamp, too.