Setting up digital signature validation, Set signature verification preferences, Set the trust level of a certificate – Adobe Acrobat XI User Manual

394

Electronic signatures

Last updated 1/14/2015

Setting up digital signature validation

When you receive a signed document, you may want to validate its signature(s) to verify the signer and the signed
content. Depending on how you have configured your application, validation may occur automatically. Signature
validity is determined by checking the authenticity of the signature’s digital ID certificate status and document integrity:

• Authenticity verification confirms that the signer's certificate or its parent certificates exist in the validator’s list of

trusted identities. It also confirms whether the signing certificate is valid based on the user's Acrobat or Reader
configuration.

• Document integrity verification confirms whether the signed content changed after it was signed. If content

changes, document integrity verification confirms whether the content changed in a manner permitted by the
signer.

Set signature verification preferences

1

Open the Preferences dialog box.

2

Under Categories, select Signatures.

3

For Verification, click More.

4

To automatically validate all signatures in a PDF when you open the document, select Verify Signatures When The
Document Is Opened. This option is selected by default.

5

Select verification options as needed and click OK.

Verification Behavior

When Verifying

These options specify methods that determine which plug-in to choose when verifying a signature.

The appropriate plug-in is often selected automatically. Contact your system administrator about specific plug-in
requirements for validating signatures.

Require Certificate Revocation Checking To Succeed Whenever Possible ...

Checks certificates against a list of

excluded certificates during validation. This option is selected by default. If you deselect this option, the revocation
status for approval signatures is ignored. The revocation status is always checked for certifying signatures.

Verification Time

Verify Signatures Using

Select an option to specify how to check the digital signature for validity. By default, you

can check the time based on when the signature was created. Alternatively, check based on the current time or the
time set by a timestamp server when the document was signed.

Use Expired Timestamps

Uses the secure time provided by the timestamp or embedded in the signature, even if the

signature’s certificate has expired. This option is selected by default. Deselecting this option allows discarding of
expired timestamps.

Verification Information

Specifies whether to add verification information to the signed PDF. Default is to alert user

when verification information is too large.

Windows Integration

specify whether to trust all root certificates in the Windows Certificates feature when

validating signatures and certified documents. Selecting these options can compromise security.

Note: It is not recommended to trust all root certificates in the Windows Certificate feature. Many certificates that are
distributed with Windows are designed for purposes other than establishing trusted identities.

Set the trust level of a certificate

In Acrobat or Reader, the signature of a certified or signed document is valid if you and the signer have a trust
relationship. The trust level of the certificate indicates the actions for which you trust the signer.