Date: prev next · Thread: first prev next last
2015 Archives by date, by thread · List index


The current version "5.0.2.2" of LibreOffice does include an "Export as
PDF" included, and that is very nice.

Even nicer it includes also "Digital signature" dedicated tab!

But...

It could include many more advanced features that can greatly improved its
security!

And since LibreOffice is a free project that publishes its source code, you
should be able to meet the license requirements from the iText (
http://itextpdf.com/functionality and for example:
http://itextpdf.com/functionalitycomparison . License for the free and open
source: http://itextpdf.com/agpl and where is the necessary code to
implement in the LibreOffice core: http://itextpdf.com/product/itext ) that
has many, many more features that can make your "Export as PDF" feature
much better.

I have seen iText version implemented in a free and open source program
called: JSignPDF ( http://jsignpdf.sourceforge.net ) and it includes
several important addional features that don't exist in LibreOffice, but
could exist. And also based on the features I have also seen in another
tool (paid one), I suggest:

- User can choose the Hash algorithm to apply in the digital certificate to
be created (between: SHA1, SHA256, SHA384 and SHA512);
- User can have the file encrypted with a password or use a certificate
file for encryption;
- The "Keystore type" isn't just the windows one, their are lots more of
them available to the user;
- The user can make a visible signature and also preview the result (the
place and area) before he/ she apply it to the document it self;
- Encryption set between 40-bit RC4 [Low], 128-bit RC4 [Medium], 128-bit
AES [High], 256-bit AES [Very High]

- In TSA (Time Stamping Service):
  - Users can also setup the type of authentication like "Without
authentication" (default), "Username/ password" and "Client certificate"
(PKCS12 key file);
  - Users can set the Policy (OID);
  - Users can enabe OCSP;
  - Users can enable CRL;
  - Users can choose proxy settings;
  - "NONCE" feature to avoid Key Replay attacks on servers (some may demand
this enable);
  - Hash algorithm used for the request to the Time Stamping Service,
between: SHA1, SHA256, SHA384 and SHA512.


I hope this helps make the LibreOffice even better!
Best regards,
Joao

-- 
To unsubscribe e-mail to: users+unsubscribe@global.libreoffice.org
Problems? http://www.libreoffice.org/get-help/mailing-lists/how-to-unsubscribe/
Posting guidelines + more: http://wiki.documentfoundation.org/Netiquette
List archive: http://listarchives.libreoffice.org/global/users/
All messages sent to this list will be publicly archived and cannot be deleted

Context


Privacy Policy | Impressum (Legal Info) | Copyright information: Unless otherwise specified, all text and images on this website are licensed under the Creative Commons Attribution-Share Alike 3.0 License. This does not include the source code of LibreOffice, which is licensed under the Mozilla Public License (MPLv2). "LibreOffice" and "The Document Foundation" are registered trademarks of their corresponding registered owners or are in actual use as trademarks in one or more countries. Their respective logos and icons are also subject to international copyright laws. Use thereof is explained in our trademark policy.