Hi,
i have a question regarding the use of digital signatures.
As a filter value i am using
- adbe.pkcs7.sha1
- adbe.x509.rsa.sha1
Now i need to create PDF/A compliant pdfs and i read somewhere that it is not recommended (or not compliant?) to use
'adbe.x509.rsa.sha1' (pkcs#1 format). Instead one of the other two should be used.
Now since SHA1 is too weak only 'adbe.pkcs7.detached' (pkcs#7 format) remains.
But what does the 'detached' stands for?
Does it mean that the digest or the certicate have to be stored in an extra file? (Similar to the xml signing mechanism: "Enveloping signatures are over data within the same XML document as the signature; detached signatures are over data external to the signature element.") ?
Thanks for clarifying,
ToM