Invisible certification signature followed by invisible approval sig

I must clarify one very important point : in the document received, the invisible signatures were not added into pre-existing signature fields.
Francois

Hi Francois,

Whomever initially certified the file set the permission to No Changes Allowed, and thus you cannot sign.

Steve

Hi Steve, unfortunately the certification signature was performed with DocMDP=2 (and not 1).
After long hours of research which have led nowhere, we believe that the reason for this problem is either:
- Acrobat developers did not want to go through the trouble of allowing people to create invisible signature form fields on the fly because of the amount of work involved;
- A bug in the verification process if it should actually detect that invisible signature form fields have been created after certification when in fact this is not possible (?).
In any case, the documentation is clearly missing an explanation on this subject.
Regards,
Francois

Hi Francois,

Now you mention it, once a document is certified the only allowable changes (provided any are allowed) are form fill in and maybe commenting. What you are trying to do is more than sign, but actually create a new form field. The signature field is a special purpose type of form field, and because editing the PDF is not allowed on certified files invisible signing is not allowed. The only way you can sign a certified document is in an existing signature field.

It's a bit esoteric, but a PDF file is comprised of multiple layers. Some you can't see, like the underlying COS objects, and some are part of the visible PDF layer (don't confuse the PDF layer with the PDF file itself, I know we could have come up with better nomenclature when the PDF specification was created 20+ years ago, but alas it is what it is today), and on top of that lies the Annotation layer. The Annotation layer is comprised of the data entered into form fields, and the comments that sit on top of the PDF file, but aren't part of the PDF layer.

All that said, adding form fields to a certified PDF is verboten and that's exactly what creating an invisible signature does.

Steve

Hi Steve, thank you for your explanation.
But if you are saying this is verboten, why was the file verified perfectly with such signatures?
You see the problem is that Acrobat prevents something which can be done programmatically AND accepted by Acrobat during verification...
Francois

What version of the Acrobat was used to create the first set of signatures. If you look on the Summary tab of the Signature Properties dialog it should say. Earlier versions weren't as strict and it caused problems. I realize that the strict interpretation is causing problems for you, but this is a case where we erred on the side of preserving the integrity of the certified PDF file.

The first set of signatures were not created by Acrobat.
To my knowledge, this feature has NEVER been available with Acrobat.
What I am trying to find out is why this feature is available via other products and not by Acrobat OR why Acrobat does not return an error saying that there is an integrity violation of some sort.
In either case there is some inconsistency which I would like to sort out.
Regards,
Francois

I explained why Acrobat won't let you add an invisible signature to a certified document so hopefully that question is answered.

We have no control over what third party signature handlers do, so if they allow invisible signatures we can't stop them.

As far as the validation of the document goes, Acrobat will do a "doc mod analysis" as part of the signature validation routine to determine if the MDP (modification, detection and prevention) rules have been violated, or are the changes legal as far as Acrobat is concerned. There is a possibility that the document has been corrupted and the doc mod analysis is failing to detect the change and the signature should be invalid. Without seeing the file it's hard to know what the third party signature handler did and whether or not the changes are legal. Also, are you sure Acrobat is doing the validation. If the third party signature handler is install on your machine, it will have responsibility for doing the validation. It will only fall to Acrobat if the signing handler is not available at validation time.

I quote "There is a possibility that the document has been corrupted and the doc mod analysis is failing to detect the change and the signature should be invalid". Can this really happen ? Should not this be considered as a bug ?
There are no signature handlers involved in this process. I would be delighted to send you the file so you could see for yourself if this is possible.
Francois

Sure it can happen. The doc mod analysis function is only as smart as we make it, after all it is just computer code. We think it covers all of the bases, but there is always a possibility something we've never seen before has fallen below the radar. Could it be a bug, sure, it's possible.

Once you mentioned third party signature handlers all guesses go out the window because I have no idea what is really going on.

You're welcome to send me the file at Steven [dot] Madwin [at] adobe [dot] com, but I can't make any promises about when I can get to it.

Hi Steve, Have you been able to take a look at the file ? Thanks, Francois

Hi cosmik and smadwin!
How did this issue end? It got quite interesting, but there is no resolution!
Regards!
Elis