A friend of mine pointed me to a good article on securing PDF documents. http://secforall.info/2009/06/29/securing-pdfs/ It’s a good tutorial on how to password protect, digitally sign and certify PDF documents. Now if only we could have some intelligence in email clients (or maybe a setting in Acrobat Reader?) that would prohibit or at least strongly warn when a user tries to open an un-signed PDF. This would make my life much easier from a malware perspective…..I think.
July 24th, 2010 at 10:44 pm
Fully securing PDFs is a bit harder than that. Those instructions only stop someone editing the document with *Adobe* software. But there are freely available alternatives that don't honour Adobe's "no edit" honesty bit. Any software that lets you view the document (with read password if necessary) has the potential ability to make a copy that can be edited.
The certification options should be OK. It should be a simple matter of programming to create a wrapper for Acrobat Reader, bound to your email client's "PDF" handler, probably using such alternatives to check the certificate.
Like or Dislike:
0 
0