Signing Off Digital Style

The Certificate Security option in the Security Method drop-down list in the Document Properties dialog box enables you to digitally sign a PDF document or to verify that a digital signature in a PDF document is valid. Certificate Security is what is known in the trade as a signature handler that uses a private/ public key (also known as PPK) system. In this system, each digital signature is associated with a profile that contains both a private key and a public key.
The private key in your profile is a password-protected number that enables you to digitally sign a PDF document. The public key, which is embedded within your digital signature, enables others who review the document in Acrobat to verify that your signature is valid. Because others must have access to your public key in order to verify your signature, Acrobat puts your public key in what’s called a certificate that is shared. The Certificate Security uses what is known as a direct trust system for sharing certificates, because it doesn’t use a third-party agent (like VeriSign) to do this.

Checking a document’s security settings

You can check the security settings in effect for any PDF document you open in Acrobat 6 or Adobe Reader 6 (of course, you can tell immediately if the file requires a user password because you must supply this password before you can open the document in Acrobat or Adobe Reader). To check the security settings in effect, you choose Document➪Security➪Display Restrictions and Security.
When you select this command in Acrobat, the program opens a Document Properties dialog box with the security settings showing, where you can both review and change the settings. When you select this command in Adobe Reader (choose File➪Document Properties and click Security in the list box to display the security settings), the program simply lists all the settings in effect. The security settings in the Document Properties dialog box contain the Security Method drop-down list that shows you the type of security in effect.
This list can contain one of these three options:

• No Security: The document uses no protection at all.
• Password Security: The document uses a user password and/or master password and possibly restricts the type of edits.
• Certificate Security: The document is encrypted so that only trusted associates with digital certification can open and change it.

Beneath the Security Method drop-down list, you find a Document Restrictions Summary area that lists all the security options in effect. To the right of the Security Method drop-down list, you find the Change Settings button that enables you to change the security settings when either the Password Security or the Certificate Security option is selected in the Security Method drop-down list.

Protecting PDF Files

You can password-protect the opening and editing of PDF documents at the time you first distill them (as part of their Security Settings) or at anytime thereafter in Acrobat 6. When you set the security settings, you can choose between two different levels of encryption:

• 40-bit RC4: Used for PDF files created when you set the encryption level to 40-bit RC4 (Acrobat 3.x, 4.x)
• 128-bit RC4: Used when you set the encryption level to 128-bit RC4 (Acrobat 5.x, 6.0)

40-bit RC4 encryption offers a lower level of file security but is compatible with Acrobat 3 and Acrobat 4. 128-bit RC4 offers a higher level of security (it’s a lot harder to hack into) but is compatible only with Acrobat 5 and Acrobat 6. If you’ll be sharing secured PDF documents with coworkers who haven’t yet upgraded to Acrobat 5 or 6, you’ll have to content yourself with the less secure, 40-bit RC4 encryption. However, if you’re dealing with highly sensitive, “for-your-eyes-only” material, you may want to upgrade everybody to Acrobat 6 as soon as possible, so that you can start taking advantage of the
more secure 128-bit RC4 encryption.