I am confused about LTV in iText. I have read the paper, discussions but there is one thing still unclear. What is the connection between LTV and document timestamps? Or more precisely, how do I make pdf LTV enabled without using timestamps? One thing I know for sure, to make an LTV enabled document, I do not need timestamps. I tried signing a document with a digital certificate in acrobat and when opened it says the document is LTV enabled, I did not use any timestamp.
LTV (Long Term Validation) provides a record of what state the Certificate was at the time of signing. In order to validate a certificate, the time and date when the PDF document was signed needs to be known. For this to be undisputable, the signature has to be digitally timestamped.
The answer to this problem is long-term validation (LTV). By including all necessary information about the status of your certificate and its chain of trust at the time of signing, LTV allows your digital signatures to live on long after your original signing certificate has expired.
The last time I looked Adobe had not publicly defined what they mean by "LTV enabled" technically.
Adobe's PDF evangelist Leonard Rosenthol gave this definition on the iText mailing list this January:
LTV enabled means that all information necessary to validate the file (minus root certs) is contained within.
which has been clarified as
the PDF is signed correctly and contains all necessary certificates, a valid CRL or OSCP response for every certificate [except for the root certificate]
but as
"a valid CRL or OSCP response for every certificate" also includes signatures over CRLs and OCSPs., not just the signature certificate.
he pointed out quoting one of the Adobe engineers
LTV may be enabled when all collaterals are embedded in the signatures and not DSS (I just fixed a bug that did not handle this case correctly). In this case there may be no DSS. However, this is very unusual, because signatures over CRLs and OCSPs do not contain embedded rev info which is Adobe extension. Yet, this is a distant possibility.
Using iText to add LTV information, on the other hand, is an attempt to add such information to a signed document which misses the required information.
Missing a concrete technical definition by Adobe to go by, though, this essentially is a best effort attempt, not something one can definitively claim to have done. It especially turned out that the interpretation of the specification of the DSS sections to add these information was inconsistent.
Maybe Bruno can report the current state of the endeavor.
What is the connection between LTV and document timestamps?
Document time stamps and LTV information have initially been defined in the same PAdES specification part ETSI TS 102 778-4 and some ping-pong between them has been defined there:
Thus, it had been assumed sometimes that each time you add DSS you also have to add a document time stamp. This in turn may give rise to some hen-egg issue because the time stamp also relates to some certificate for which additional DSS information might be required.
As Leonard also wrote back in January on the topic of "DSS for LTV-enabled"
No timestamp (regular or document level) is required.
Thus, getting back to your questions,
Or more precisely, how do I make pdf LTV enabled without using timestamps?
Add validation information for all involved certificates except root certificates, also including certificates used in the validation information. And whenever you time stamp, add validation information for the time stamp, too.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With