What is a Certified Document and when should you use it?

Bruce Morton

I found this article on the Adobe Security Matters website, What is a Certified Document and when should you use it? For those who need to certify documents, you may find it interesting.

As a quick summary, it states that here are two frequent use cases for Certified Documents:

  • Publishing files and want the recipients to know that the files really did originate from you and they have not been accidentally or maliciously modified since you published them.
  • Distribution of electronic forms with pre-populated information, and want to make sure recipients are not accidentally or maliciously modifying your form data when returning them to you.

Entrust issues Adobe CDS Signing certificates which will help you meet the Adobe recommendations:

  • Make sure your signing certificate is trusted by your recipient community.
  • When certifying a document, make sure that all certificates from the trust chain are available on the signing system (desktop or server).
  • When publishing a certified document with a digital signature, make sure you are online and able to reach the revocation information published by the certificate authorities.
  • Utilize an RFC3161 based timestamp authority as part of the digital signature process.
Bruce Morton
Bruce Morton
Director, Certificate Technology & Standards

Bruce Morton has worked in the public key infrastructure and digital certificate industry for more than 15 years and has focused on SSL and other publicly trusted certificates since 2005. He has been an active member of the CA/Browser Forum that released guidelines for extended validation (EV) certificates and Baseline Requirements for SSL certificates. Bruce oversees the governance and compliance of Entrust’s publicly trusted PKI.


Add to the Conversation