Hi Jacob, The best way to view what CDS is, is via the Adobe Website. It's a medium assurance hardware based identity credential that we, and others, supply. It's ultimately rooted through to the Adobe Root CA...ie. A root in all Adobe reader versions from Version 6 onwards. http://www.adobe.com/security/partners_cds.html
We, along with other well known names in the CA industry, offer CDS certificates to the market. If anyone is interested then please mail me separately and I'd be happy to provide more details away from the list, but an example is the best way to quickly show you the differences. This one is certified with a CDS certificate http://www.globalsign.co.uk/resources/documentsign-creating-trusted-document s.pdf and this one is self signed to allow you to compare the difference in the GUI on whatever version of Adobe Acrobat you are using http://www.globalsign.co.uk/document-security-compliance/adobe-cds/ You can use the certificate viewer built into Adobe Acrobat or Reader to examine the profile of the certificates. Thanks. Steve -----Original Message----- From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Jakob Bohm Sent: 16 August 2010 15:52 To: openssl-users@openssl.org Subject: Re: Adobe Acrobat Certificates? On 16-08-2010 11:51, Steve Roylance wrote: > Ivo, > > GlobalSign offers Adobe CDS based certificates to the market so we are very > familiar with Adobe Acrobat. If you want to create a simple PKCS#12 self > signed certificate and you have Acrobat Pro, then go into the 'Advanced' > settings menu 'Security Settings' and simply click on 'Add ID' and a wizard > will guide you through the process to end up with a PKCS#12 or an exportable > certificate in your Windows PC cert store. It's very easy. > Nice feature for test signatures, but I don't think that's what the OP wanted (see below). > If you ever then need a real CDS (Recognizable by PDF reader worldwide) > certificate GlobalSign would be pleased to help get one for you. Nice plug, but I guess the OP wanted to issue locally trusted certificates signed by an in-house enterprise CA that runs on a Linux machine and is based on OpenSSL (such as tinyCA, or Red Hat CA). So maybe you (based on your experience) can tell the rest of us exactly what makes an Adobe PDF Cert different from a generic X.509 cert? ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
