Validating PDF digital signatures

Whenever you add your own signature to a PDF document, Acrobat automatically uses your user Digital ID information to verify your signature as valid (indicated by the green check mark and the text Signature Valid underneath it). When you receive a document that has been signed by other people, their signatures will not automatically be recognized as valid when you open the PDF file.
You can then validate their signatures. As part of this process, you need to get in contact with the signatory and verify that one or both of the two socalled fingerprint numbers stored in the public key attached to the signature in your PDF document match the fingerprint numbers in the signatory’s public key stored as part of his or her certificate attributes on his or her hard drive. (The two fingerprints are made up of a combination of letters and numbers that make your software serial number look short; the first is called the MD5 Fingerprint, and the second is called the SHA-1 Fingerprint.) To validate a signature in a PDF document that you have open, follow these steps:

1. Open the Signatures palette and select the name of the unknown signatory you want to validate (indicated by a blue question mark before the name), and then select Validate Signature on the Signature palette Options pop-up menu.
2. If the unknown signatory has not been added to your list of trusted certificates, Acrobat next displays the Signature Validation Status dialog box.
3. Click the Signature Properties button. The Signature Properties dialog box appears.
4. Use the contact information (if listed) to get a hold of the signatory (preferably by telephone) to verify the MD5 and/or the SHA-1 Fingerprint numbers listed at the bottom of the Certificate Attributes dialog box. Click the Show Certificate button to view these numbers. To find these numbers to read off to you, the signatory must choose Advanced➪Manage Digital IDs➪My Digital ID, select their Digital ID in the Manage My Digital IDs dialog box, and click the Settings button to open the Set Digital ID Usage dialog box. The signatory then clicks the Show Certificate Details button to open the Certificate Attributes dialog box and view their MD5 and SHA-1 Fingerprint numbers.
5. If the fingerprint numbers on your screen match the numbers given to you over the phone, click the Trust Identity button. The Certificate Security-Alert dialog box opens, telling you that Trusting Certificates directly from a document is unwise.
6. Click OK to close the Alert box and open the Import Contact Settings dialog box.
7. Click the Import button and then click OK in the Import Complete dialog box to add the person to your list of trusted certificates and to validate the selected signature in the PDF document.

You can quickly validate individual signatures for the people you’ve added to your Trusted Certificates list by simply double-clicking their signature fields. Acrobat will quickly search your list and, upon finding the person’s certificate, display a Signature Validation Status alert dialog box, informing you that the signature is valid. You can also use this technique on your own signatures in the event that they show up as unknown signatures when you reopen the PDF document, even when your Digital ID file is open. To update all the signatures in your PDF at one time, simply choose Document➪Digital Signatures➪ Validate All Signatures in Document, or select the Validate All Signatures in Document option on the Signatures palette Options pop-up menu.