(In reply to Andre Guerreiro from comment #97) > Quoting from ISO 32000-1 section 12.8.1: > "This range should be the entire file, including the signature dictionary > but excluding the signature value itself (the Contents entry). Other ranges > may be used but since they do not check for all changes to the document, > their use is not recommended."
This advice is for PDF producers. As a PDF consumer we should accept PDFs that don't follow this advice. https://en.wikipedia.org/wiki/Robustness_principle -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to poppler in Ubuntu. https://bugs.launchpad.net/bugs/740506 Title: verify digital signatures Status in Evince: Confirmed Status in Poppler: Confirmed Status in poppler package in Ubuntu: Triaged Bug description: Binary package hint: evince This is a feature request to verify digital signatures. I'm receiving more and more digitally signed PDF's and evince already acknowledges them with: Signature Not Verified Digitally signed by <signer> Date: <time stamp> Reason: <reason> Location: <location> but it would be great if Evince would be integrated into the distro's ca-certificate infrastructure to verify these signatures. To manage notifications about this bug go to: https://bugs.launchpad.net/evince/+bug/740506/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
