desktop-packages team mailing list archive

[Albert Astals Cid <albert.astals@xxxxxxxxxxxxx>]

(In reply to Adrian Johnson from comment #80)
> (In reply to Albert Astals Cid from comment #70)
> > For the pdfsigverify it seems we kind of agreeed on the compromise to call
> > it pdfsig that only does verification right now but in the future may
> > suppport signing?
> 
> This is the only thing left that I think needs fixing before the initial
> release. A couple of questions:
> 
> - Given that we want to keep the option open for using pdfsig to perform
> other signature operations, should the default behavior when only a pdf file
> is specified be to verify the signature? Or should we just indicate whether
> the pdf is signed and use an option to enable verification?

I think defaulting to verification makes sense as the "non destructive
thing to do".

> - Is '-c' the best option name for "don't perform certificate
validation"?

Honestly i don't think spending much time on discussing the option name
makes much sense, we just need to document it properly and that's it.

> 
> We also need a man page.

Yep.

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to poppler in Ubuntu.
https://bugs.launchpad.net/bugs/740506

Title:
  verify digital signatures

Status in Evince:
  Confirmed
Status in Poppler:
  Confirmed
Status in poppler package in Ubuntu:
  Triaged

Bug description:
  Binary package hint: evince

  This is a feature request to verify digital signatures.  I'm receiving more and more digitally signed PDF's and evince already acknowledges them with:
  Signature Not Verified
  Digitally signed by <signer>
  Date:  <time stamp>
  Reason: <reason>
  Location: <location>
  but it would be great if Evince would be integrated into the distro's ca-certificate infrastructure to verify these signatures.

To manage notifications about this bug go to:
https://bugs.launchpad.net/evince/+bug/740506/+subscriptions