Reply to post: Re: Perfection

Contract killer: Certified PDFs can be secretly tampered with during the signing process, boffins find

ThatOne Silver badge

Re: Perfection

It's d) Tell people they're not allowed to do that!

Seriously, if the solution is a) (unlikely, too sensible), nothing prevents the smart ones to use an older, unfixed version. As for b), detecting tampering, it's very difficult to distinguish between permitted (annotations, additional information) and malicious tampering. On hastily pieced together documents (meaning most of them) it will still be possible to cheat, because a field overflows, or at least is placed in a way allowing you to make believable additions to the otherwise inert main text.

IMHO the only safe way would be to make special, dedicated and certified programs for just that use. They might use PDFs, but they would have to be built in a way allowing you to make sure a document hasn't been unnecessarily tampered with. Separate cryptographic signatures for the different fields (main body, annotations party A, annotations party B, signature party A, signature party B) would be a good start, allowing you to know in a glance what has been changed and by whom. In-document versioning (allowing to know what was there initially) would be useful too.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon