Jump to content
Main menu
Main menu
move to sidebar
hide
Navigation
Main page
Recent changes
Random page
Help about MediaWiki
Special pages
Niidae Wiki
Search
Search
Appearance
Create account
Log in
Personal tools
Create account
Log in
Pages for logged out editors
learn more
Contributions
Talk
Editing
PDF
(section)
Page
Discussion
English
Read
Edit
View history
Tools
Tools
move to sidebar
hide
Actions
Read
Edit
View history
General
What links here
Related changes
Page information
Appearance
move to sidebar
hide
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
=== Encryption and signatures === A PDF file may be [[encrypted]], for security, in which case a password is needed to view or edit the contents. PDF 2.0 defines 256-bit AES encryption as the standard for PDF 2.0 files. The PDF Reference also defines ways that third parties can define their own encryption systems for PDF. PDF files may be digitally signed, to provide secure authentication; complete details on implementing digital signatures in PDF are provided in ISO 32000-2. PDF files may also contain embedded [[digital rights management|DRM]] restrictions that provide further controls that limit copying, editing, or printing. These restrictions depend on the reader software to obey them, so the security they provide is limited. The standard security provided by PDF consists of two different methods and two different passwords: a ''user password'', which encrypts the file and prevents opening, and an ''owner password'', which specifies operations that should be restricted even when the document is decrypted, which can include modifying, printing, or copying text and graphics out of the document, or adding or modifying text notes and [[#Forms|AcroForm]] fields. The user password encrypts the file, while the owner password does not, instead relying on client software to respect these restrictions. An owner password can easily be removed by software, including some free online services.<ref>{{cite web |url = http://freemypdf.com/ |title = FreeMyPDF.com β Removes passwords from viewable PDFs |website = freemypdf.com |access-date = June 23, 2009 |archive-date = February 20, 2021 |archive-url = https://web.archive.org/web/20210220014724/https://freemypdf.com/ |url-status = live }}</ref> Thus, the use restrictions that a document author places on a PDF document are not secure, and cannot be assured once the file is distributed; this warning is displayed when applying such restrictions using Adobe Acrobat software to create or edit PDF files. Even without removing the password, most freeware or open source PDF readers ignore the permission "protections" and allow the user to print or make copies of excerpts of the text as if the document were not limited by password protection.<ref>{{cite web|url=http://www.macworld.com/article/1137343/pdf.html|title=Adobe admits new PDF password protection is weaker|first=Jeremy|last=Kirk|date=December 4, 2008|website=[[Macworld]]|publisher=IDG Communications Inc.|access-date=September 14, 2016|archive-date=January 17, 2017|archive-url=https://web.archive.org/web/20170117225255/http://www.macworld.com/article/1137343/pdf.html|url-status=live}}</ref><ref>{{cite web|url=https://www.cs.cmu.edu/~dst/Adobe/Gallery/PDFsecurity.pdf|title= How secure is PDF|first=Bryan|last=Guignard|url-status=dead|archive-url=https://web.archive.org/web/20051024235303/https://www.cs.cmu.edu/~dst/Adobe/Gallery/PDFsecurity.pdf|archive-date=October 24, 2005|publisher=Carnegie Mellon University}}</ref><ref>{{Cite conference|last=Merz|first=Thomas|date=November 2001|url=http://www.planetpdf.com/planetpdf/pdfs/pdf2k/01W/merz_securitykeynote.pdf|title=PDF Security Overview: Strengths and Weaknesses|conference=PDF 2001 conference|location=Scottsdale/Arizona |url-status=usurped|archive-url=https://web.archive.org/web/20101011050457/http://www.planetpdf.com/planetpdf/pdfs/pdf2k/01W/merz_securitykeynote.pdf|archive-date=October 11, 2010}}</ref> Beginning with PDF 1.5, Usage rights (UR) signatures are used to enable additional interactive features that are not available by default in a particular PDF viewer application. The signature is used to validate that the permissions have been granted by a [[bona fide]] granting authority. For example, it can be used to allow a user:<ref name="iso32000" /> * To save the PDF document along with a modified form or annotation data * Import form data files in FDF, XFDF, and text (CSV/TSV) formats * Export form data files in FDF and XFDF formats * Submit form data * [[wikt:instantiate|Instantiate]] new pages from named page templates * Apply a [[digital signature]] to existing digital signature form field * Create, delete, modify, copy, import, and export annotations For example, Adobe Systems grants permissions to enable additional features in Adobe Reader, using [[public-key cryptography]]. Adobe Reader verifies that the signature uses a [[Public key certificate|certificate]] from an Adobe-authorized certificate authority. Any PDF application can use this same mechanism for its own purposes.<ref name="iso32000" /> Under specific circumstances including non-[[Patch (computing)|patched]] systems of the receiver, the information the receiver of a [[Digital signature|digital signed]] document sees can be manipulated by the sender after the document has been signed by the signer.<ref>{{Cite web|url=https://pdf-insecurity.org/signature-shadow/shadow-attacks.html|title=PDF Insecurity Website|website=pdf-insecurity.org|access-date=January 12, 2023|archive-date=March 26, 2023|archive-url=https://web.archive.org/web/20230326024850/https://pdf-insecurity.org/signature-shadow/shadow-attacks.html|url-status=live}}</ref> [[PAdES]] (''PDF Advanced Electronic Signatures'') is a set of restrictions and extensions to PDF and ISO 32000-1<ref name="ISO 32000-1">{{cite web|title=ISO 32000-1:2008 Document management -- Portable document format -- Part 1: PDF 1.7|url=http://www.iso.org/iso/catalogue_detail.htm?csnumber=51502|publisher=International Organization for Standardization ISO|access-date=March 22, 2016|archive-date=February 10, 2017|archive-url=https://web.archive.org/web/20170210072051/http://www.iso.org/iso/catalogue_detail.htm?csnumber=51502|url-status=live}}</ref> making it suitable for [[advanced electronic signature]]s. This is published by [[ETSI]] as TS 102 778.<ref name="ETSI TS 102 778-1 V1.1.1">{{cite web|title=ETSI TS 102 778-1 - Electronic Signatures and Infrastructures (ESI); PDF Advanced Electronic Signature Profiles; Part 1: PAdES Overview - a framework document for PAdES|version=1.1.1|date=July 2009|url=http://www.etsi.org/deliver/etsi_ts%5C102700_102799%5C10277801%5C01.01.01_60%5Cts_10277801v010101p.pdf|publisher=European Telecommunications Standards Institute ETSI|access-date=January 12, 2023|archive-date=March 8, 2023|archive-url=https://web.archive.org/web/20230308052536/https://www.etsi.org/deliver/etsi_ts%5C102700_102799%5C10277801%5C01.01.01_60%5Cts_10277801v010101p.pdf|url-status=live}}</ref>
Summary:
Please note that all contributions to Niidae Wiki may be edited, altered, or removed by other contributors. If you do not want your writing to be edited mercilessly, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource (see
Encyclopedia:Copyrights
for details).
Do not submit copyrighted work without permission!
Cancel
Editing help
(opens in new window)
Search
Search
Editing
PDF
(section)
Add topic
