 |
pdfMachine - Signing Server
For details on pdfMachine Signer please click here The pdfMachine Signing Server performs two functions: 1) Time Stamp Authority (TSA) 2) PDF signing server The URL's for the servers are: https://signer1.broadgun.com:7070
What is a Time Stamp Authority (TSA) ?
This is described in detail in RFC 3161 at
http://www.ietf.org/rfc/rfc3161.txt The pdfMachine Signing Server synchronizes its time every few minutes with the time servers at the National Institute of Standards and Technology (NIST) in the USA. The NIST is the official timekeeper in the USA and uses atomic clocks to calculate time. When a PDF file is time stamped, a little "clock" symbol is shown on on the signature property pages within Adobe Reader. e.g.
Policy ID: 1.2.3.4.5.6.6449.1.2.1.3.8
-
See "permitted usage" below. Timestamping Certificate: We are currently using a timestamping certificate signed by the Quovaids Certificate Authority (CA). The Quovaids Root certificate is a "windows root" and is pre-installed in a lot of windows machines. However, if you do not have them installed you can download the certificates you need from: http://www.quovadisglobal.co.uk/en-GB/Repository/~/media/Files/Roots/quovadis_rca_der.ashx http://www.quovadisglobal.co.uk/en-GB/Repository/~/media/Files/Roots/quovadis_ica2_der.ashx Once the Quovadis roots are in place, the broadgun software timestamping certificate will automatically validate. Our Quovadis signed timestamping certficate is: http://broadgun.com/broadgun_software_timestamp_cert_quovadis_signed.cer and also in PKCS 7 format: http://broadgun.com/broadgun_software_timestamp_cert_quovadis_signed.p7b Once downloaded double click on them and install them to their default locations. Prior to pdfMachine 13.06 : Versions of pdfMachine prior to 13.06 were configured to use a Broadgun Software self signed certificate.
There are two certificates - the timestamping certificate and the root
certificate.
Click here to
install the Broadgun Software root certificate in the Windows certificate
store. Make sure you
choose which store to place it into (the "Trusted Root Certification
Authorities Store") rather than let the Wizard automatically place it. Click here to view/download the Broadgun Software time stamping certificate Server signing allows you to get up and running with signing PDF's immediately. You sign your PDF's with a digital certificate that resides on a pdfMachine server. This works without sending the PDF or any private data to the pdfMachine servers. Only a 20 byte "message digest" of the PDF is sent from the pdfMachine client application to the pdfMachine Signing Server, where it is signed and time stamped. The signature is then sent back to the client machine to and inserted into the PDF. The servers are only intended to be used by pdfMachine customers using the pdfMachine software. Any other use without permission of Broadgun Software Pty Ltd (Broadgun) is not allowed.
A document signed with a Broadgun Timestamping Certificate indicates that
the pdfMachine Signing process has been followed - that is all. It
does not mean the Broadgun agrees to the content of the signed document in
any way. Broadgun never sees any document content, nor is any document
content passed to any Broadgun server. |
|
|
