|
|
|
|
|
|
by gettalong
1346 days ago
|
|
|
Verifying digital signatures is quite hard. Yeah, checking whether the stored hash is valid is simple but all the other things are hard, for example, whether the additions done to a signed PDF are actually allowed or not. Or whether the signature is correct in all the small details, e.g. used algorithm, the included information. And then it sometimes depends on the environment. For example, sometimes a digital signature is only considered valid if all the revocation information and all the certificates are included in the PDF. |
|
|