Step 3: Verify the Signature
Suppose you send this document to someone else. When she opens the PDF file, the blue message bar will appear indicating that at least one signature has a problem. If she was to click on the signature area, a dialog box would appear indicating that the signature validity is unknown (see Figure 17). It indicates that the document hasn’t been changed since it was signed (which is good), but that her identity hasn’t been added to your list of trusted identities. What does that mean?
Figure 17 A signature that is not valid
In order to truly validate a signature, the recipient needs the public certificate (key) to match against the private key data used to sign the document. This public certificate (key) is sent or requested, in a simpler self-sign workflow, via email as an FDF file. The recipient then adds that file to their Reader or Acrobat list of trusted identities (Tools > Sign & Certify > More Sign & Certify > Manage Trusted Identities) and the certificate is stored. Acrobat allows the user to create a list of trusted identities, store her contact and certificate information, and set different trust levels for each identity. Users can obtain and exchange certificates by one of three methods:
- Exchange a public certificate (key) as an FDF file by e-mail or a shared network folder
- Extract data embedded in a signed document
- Search a directory server that contains the required certificates
To learn more about the signature validation process and the different methods you can use, check out the Adobe blogs.