Late last week Adobe announced a new program targeted at empowering the verifying the authenticity of PDF file signatures. The Adobe Approved Trust List (AATL) is a program that enables users to create digital signatures that are trusted whenever the signed documents is opened in Adobe Acrobat 9 or Reader 9 software and later.
On its site, Adobe describes how both Acrobat and Reader have been programmed to reach out to a web page to periodically download a list of trusted ‘root’ digital certificates. According to the site, ‘Any digital signature rated with a credential that can trace a relationship (chain) back to the trustworthy certificates on the list is trusted by Acrobat and Reader 9 or later.’
John Harris, as quoted from a V3.co.uk story, said, ‘We have always felt that document signatures deserved a special value of trust, as a lot can ride on that signature.’ Harris is the manager of security alliances and electronic signatures at Adobe.
Certificate authorities that provide digital signing credentials to other organizations and users — as well as governments and businesses that provide certificates to their citizens and employees can apply directly to Adobe to join the AATL program by submitting application materials and their root certificates, according to Adobe.
Adobe will then verify the applicant’s services and credentials meet the assurance levels as outlined by the AATL technical requirements. Once the credentials are met Adobe will add the certificates to the Trust List itself, digitally signs the Trust List with an Adobe corporate digital ID that is linked to the Adobe Root certificate embedded in Adobe products, and then posts the list to a website hosted by Adobe.
The solution if successful will provide a way to enable content creators to produce complex PDF documents at the same time providing a measure of protection to end-users. In light of Adobe’s most recent issues with vulnerabilities in its popular PDF Reader, this program might restore confidence long-term in the format.
For users with Acrobat or Reader 9 and beyond the feature is enabled by default upon installation of the products and the Trust List is automatically updated every 90 days. If you wan to verify the Trust List is enabled, you can choose Edit (‘Acrobat’ on Mac)>Preferences> Trust Manager and be sure that the ‘Load trusted root certificates from an Adobe server’ checkbox is selected. You can click the Update Now button in the same dialog box to download the latest version of the Trust List from Adobe.
For more information you can visit Adobe.com.