Previous Next
733
SECTION 8.7 Digital Signatures
TABLE 8.104 Entries in the DocMDP transform parameters dictionary
KEY TYPE VALUE
Type name (Optional) The type of PDF object that this dictionary describes; if present, must be
TransformParams for a transform parameters dictionary.
P number (Optional) The access permissions granted for this document. Valid values are:
1 No changes to the document are permitted; any change to the docu-
ment invalidates the signature.
2 Permitted changes are filling in forms, instantiating page templates,
and signing; other changes invalidate the signature.
3 Permitted changes are the same as for 2, as well as annotation creation,
deletion, and modification; other changes invalidate the signature.
Default value: 2.
V name (Optional) The DocMDP transform parameters dictionary version. The only valid val-
ue is 1.2. (Note that this value is a name object, not a number.) (See implementation
note 145 in Appendix H.) Default value: 1.2.
UR
The UR transform method is used to detect changes to a document that would in-
validate a usage rights signature, which is referred to from the UR or UR3 entry in
the permissions dictionary (see Section 8.7.3, “Permissions). Usage rights signa-
tures are used to enable additional interactive features that are not available by
default in a particular viewer application (such as Adobe Reader). The signature
is used to validate that the permissions have been granted by a bonafide granting
authority. The transform parameters dictionary (see Table 8.105) specifies the ad-
ditional rights that are enabled if the signature is valid. If the signature is invalid
because the document has been modified in a way that is not permitted or the
identity of the signer is not granted the extended permissions, additional rights
are not granted.
Adobe Systems grants permissions, for example, to enable additional features in
Adobe Reader, using public-key cryptography. It uses certificate authorities to is-
sue public key certificates to document creators with which it has entered into a
business relationship. Adobe Reader verifies that the rights-enabling signature
uses a certificate from an Adobe-authorized certificate authority. Other PDF
viewer applications are free to use this same mechanism for their own purposes.
Previous Next