PDF Forms & FDF - Create and use PDF & FDF forms, PDF XML Forms Architecture (XFA) Specification, FDF Reference, PDF Reference

Chapter 14, Security, Control, and Digital Signatures

XFA Specification

Signed Forms

407

1. The form is opened using an XFA-processing application.

2. The person fills out the form.

3. The user submits the form by selecting a submit button. In response, the XFA processing application

bundles the designated parts of the form into an XDP package and submits that package to a server.

(This statement assumes a simpler form submission process.)

Integrity

Digital signatures enable recipients to verify the integrity of an electronic document used in one-way or

round-trip workflows. For example, when a digital signature is applied to a quarterly financial statement,

recipients have more assurance that the financial information has not been altered since it was sent.

A primer on electronic document security

[ElectronicSecurity]

Using XML digital signatures for integrity

XML digital signatures can establish the integrity of a form, by incorporating

relevant objects in the

signature. For example, if there is a concern only about the integrity of a form’s data, the signature would

incorporate only the form’s data. If there is a concern about other aspects of the form, the signature would

incorporate those other aspects, too.

An XML digital signature can incorporate the PDF object used in a form, but this is useful only for archiving.

It is not useful in a workflow where other individuals subsequently validate the original signature. This

limitation applies only to forms whose signature manifests include a PDF object. This limitation exists

because PDF objects contain volatile information, such as date and time. If a PDF processing application

such as Acrobat reopens and saves forms whose signatures include the PDF object, those signatures are

voided, even if no changes are made.

Using PDF Digital signatures for integrity

The PDF language provides several ways to support document integrity through various types of

signatures:

●

Ordinary signatures, which can associate a signer with part or all of the PDF document.

Modification Detection and Prevention (MDP) signatures, which specify what changes are permitted to

be made the document and what changes invalidate the author’s signature.

Usage rights (UR) signatures, which identify the authorizing agent and enable capabilities in special

PDF-viewing applications.

●

1. The term "incorporating" refers to the creation of hash code (or other representative binary number) that reflects the por-

tions of the form specified in the signData manifest element. This code is then stored in the signature property created when

the form is actually signed.