Are digital signatures 21CFR11 compliant?

Similar Messages

• Where are digital signatures stored?

  I can't find the digital signature I created a while back. I know the password but can't find where it is stored.
  Help would be appreciated.
  Thanks.
  PS. Mac OSX 10.5.5
  Acrobat 9

  In previous versions of Acrobat, it put them here, a non-standard location on the Mac:<br /><br /><yourname> > Library > Acrobat User Data > 8.0 or 8.0_86 [or previous version #] > Security<br /><br />In Acrobat 9, they're stored here:<br /><br /><yourname> > Library > Application Support > Adobe > Acrobat > 9.0 or 9.0_x86 > Security

• Allowing Digital signatures for Reader

  I've come across an issue that I have not been able to figure out. I have created a pdf on my computer which has Acrobat X. Within my document I have portions where there are digital signature. Now I can sign the blocks when I use my computer, but when I transfer the documents to another computer, which only has Reader 9, the document properties change to "SIGNING: NOT ALLOW". What can I do to fix this situation?

  You have to run the form via Reader Extension Server.
  Or the user have to use the Acrobat Standard/Prof. Edition.
  /Ulf
  www.dtp-tjanst.se
  www.dtp-tjanst.com

• Process Route-Digital Signature

  Hi,
  For the process route functionality for SAP DMS in PLM7.01 are digital signatures possible? If not , is it possible to build in this functionality using customization?
  Also if an approver in a route rejects approval how does the system handle this?
  thanks
  Rahul

  Hi Bill,
  did you get the answer or able to resolve this problem? I am also having similar problem. Please let me know if you have resolved this problem. My email id is: [email protected]
  Thanks,
  Shaun

• When trying to send a pdf for multiple digital signatures, it keeps erroring out.  What are some reasons?

  I am having trouble sending out a document for digital signatures for multiple people.  I enter the signature fields and click on Distribute.  It then allows me to choose the receiving parties.  I click on <SEND> and it processes for a moment and then I receive the following two errors:  "Failed to send" followed by "Form distribution is aborted".  It was working for me earlier and isn't now.  I am fairly new to Acrobat and especially Digital Signatures.  What are some possible reasons I am getting this error?

  I finally got the document to send out by unclicking the "Collect name & email from recipients to provide optimal tracking" button, however, the responses come in as anonymous, so it's not real helpful with tracking my responses.  Plus, I don't know if I'll encounter problems with follow up.  The normal tracking system allows me to resend a message to those who have not responded.  Now I guess I would just resend the request to those I have determined have not signed.  Still working through the bugs but I'll update what I know and figure out here.  Perhaps I will come to a solid solution and give a better summary.  
  As of now, I am sending and receiving responses... but the recipients have to change the received file to save as it is coming to them as read-only.  Seems like this should be a whole lot less complicated.

• Digital Signatures signed by Gemsign are not getting retained if we save and open the pdf

  Please let me know what to do to make the digital signatures signed by Gemsign signature to be in visible mode if we save, close and reopen the pdf deisgned using Adobe Licecycle designer ES3 version.

  Are production and development systems are on different versions?
  Can you explain more about the workflow? What do you mean by not retained ? Is signature getting cleared?
  --Santosh

• Digital Signatures signed by Gemsign are not getting retained on flattened document in production

  Hi,
  Anyone please help me in solving the below issue.
  Digital Signature are not getting retained in the flattened version of Production which is designed by Adobe livecycle designer ES3 version. But if we use the same xdp file in development the Digital Signatures are getting retained on the flattened version. The Digital SIgnature are signed by Gemsign signature pad.

  Are production and development systems are on different versions?
  Can you explain more about the workflow? What do you mean by not retained ? Is signature getting cleared?
  --Santosh

• How to ensure Digital Signatures are not faked?

  We are currently using some fairly archaic processes, whereby dynamic forms are completed digitally, printed, signed by hand, and then rescanned as static PDFs back onto our shared server. We are considering ways of streamlining this process, and one consideration is to use Digital Signatures. The one worry I have however is in how simple it appears to me to fake a digital signature of someone else. For example, a shared folder on the network contains PDF forms that must be approved by being signed off on by the CEO. If I add a digital signature field on this form, what would keep anyone with access to that folder from being able to open the file, click the signature field, but instead of using their own digital ID, creating a NEW digital ID with the name of the CEO, thereby making it appear that the CEO signed the form? I tested it and there doesn't seem to be any safeguard to keep this from happening.
  Jo

  You won't be able to fully verify a digital signature unless you add a user's certificate to your list of trusted certificates. You would only do this if you are certain of the source. See this previous discussion for more info: http://forums.adobe.com/thread/1118748

• Need help making digital signature field read only if required fields are null

  Using Adobe LiveCycle Designer, I have a digital signature field.  I want to prevent users from being able to digitally sign the pdf if any required fields in the pdf are null or blank.  I'm a newbie to scripting so any detailed help would be greatly appreciated.  The required fields in the pdf include radio buttons, check boxes, text field, etc.  I appreciate any help anyone can provide.
  Thanks

  Exactly how you check a field for being empty depends on what type of field it is. For text fields, you should get the field's value as a string and compare it to an empty string, something like:
  var val = getField("Text1").valueAsString;
  if (val) {
      app.alert("Field is not empty");
  If there is a default value that needs to be changed, you would compare to the default value:
  var f = getField("Text1");
  var val = f.valueAsString;
  if (val !== f.defaultValue) {
      app.alert("Field value is OK");
  For check boxes and radio buttons, you'd compare to the string "Off", which means none in the group is selected.
  For dropdowns (combo boxes) and list boxes, there is normally one value selected, so you would have to get the value and check against the default value (or something else) to see if the field is properly filled in.
  You could place the script there, but I usually use a separate button that I encourage the user to click in order to check the field. The problem with using the Will Save event is you can't prevent the save from happening.
  The script can loop through all of the fields (and test all required ones), or you could set up an array of field names to check.

• Issue with multiple digital signatures disabling fast web view

  Hello, I'm using acrobat 9.1 pro and have some questions regarding an issue using multiple signatures on a pdf.
  Why am I asking the question below? My job involves preparing pdf's for submission to FDA. The FDA requires, among other things, that electronically submitted docs have fast web view enabled.
  I am currently exploring ways of using digital signatures to sign pdf reports and still make sure they are FDA spec compliant. My issue involves a document that would have multiple signature fields. What I do is create at least two signature fields in the doc and then save and optimize while enabling fast web view. When I sign the first box and save, the file retains the fast web view status. Yet, when I apply and signatures past the first one, the file is subsequently set to fast web view off without any obvious way of turning it back on. I am confused as to why it gets disabled only after the second, and not right after even the first one was signed. And, of course, I would like to know if it is possible to maintain fast web view and how to do it. I'll gladly accept "tinkering under the hood" of the file suggestions if they exist as well.
  Please let me know if anything is unclear or you need further information.
  Thanks for your time and help.
  ~Vlad

  Hi Vlad,
  Michael actual had the correct answer. The purpose of a "Linearized" file (i.e. a file that has been Optimized for Fast Web View) is to get the first page to display as soon as possible so you can start reading without waiting for the rest of the file to download. As an aside, the designated first page doesn't necessarily have to be page 0 (PDF's use a zero based counting system for pages), but usually it is. To quote the PDF specification, "The primary focus of Linearized PDF is optimized viewing of read-only PDF documents. It is intended that the Linearized PDF be generated once and read many times. Incremental update is still permitted, but the resulting PDF is no longer linearized and subsequently is treated as ordinary PDF."
  When you sign a PDF file the first time the Save process is a "full save", that is the entire document is rewritten so there are no more than two %%EOF (end-of-file) markers in it. The first EOF designates which page to show first and the second EOF designates the end of the rest of the file (so the browser knows when to stop downloading). However, when you add a second (or subsequent) signature the file is saved as an "incremental save" and all of the new data is tacked onto the the end of the original file. This is so you can do a rollback to the previous signed version and allows Acrobat/Reader to check the integrity of each signature independent of any other signatures. It's the incremental save that breaks the linearized optimization of the file.
  Steve

• Invalid Digital Signatures

  Hi
  I have a HP Spectre xt 13-2100ea windows 8 and i recently uploaded windows 7 instead of 8 and all is good except my Card reader and high speed USB 3.0 are not working. I am getting an message saying that windows cannot verify the digital signature required for this driver.
  Realtek PCIe GBE Family Controller - 
  Generic USB xHCI Compliant Host Controller
  Any help would be appreciated. Do i have to just install it back to windows 8 ?
  Thanks.

  Thank for advice do that I do not confrom yet. Thanks

• Digital signature Filter / SubFilter

  Hi,
  i have a question regarding the use of digital signatures.
  As a filter value i am usingAdobe.PPKLite but i am not quite sure about the SubFilter. As i understand there are three possible values:
  - adbe.pkcs7.detached
  - adbe.pkcs7.sha1
  - adbe.x509.rsa.sha1
  Now i need to create PDF/A compliant pdfs and i read somewhere that it is not recommended (or not compliant?) to use
  'adbe.x509.rsa.sha1' (pkcs#1 format). Instead one of the other two should be used.
  Now since SHA1 is too weak only 'adbe.pkcs7.detached' (pkcs#7 format) remains.
  But what does the 'detached' stands for?
  Does it mean that the digest or the certicate have to be stored in an extra file? (Similar to the xml signing mechanism: "Enveloping signatures are over   data within the same XML document as the signature; detached signatures are over data external to the   signature element.") ?
  Thanks for clarifying,
  ToM

  thank you for the input.
  So if i understand the spec correct it is like this:
  1.)
  If i use adbe.x509.rsa_sha1 (=PKCS#1 format) then:
  Contents = contains the crypted message digest
  Cert = contains the X509 certificate
  2.)
  If i use adbe.pkcs7.detached (=PKCS#7 format) then:
  Contents = signed message digest (in PKCS#7 SignedData field) + the x509 certificate according to rfc2315
  Cert = not to be used
  3.) But i can't figure out what the spec means by:
  "adbe.pkcs7.detached: The original signed message digest over the document’s byte range shall be incorporated as the normal PKCS#7 SignedData field. No data shall be encapsulated in the PKCS#7 SignedData field."
  Does that mean, that the data being signed is not included in the PKCS#7 structure? (But isn't that what the ByteRange is for?)
  I couldn't find any other info in  ISO 32000 - maybe i need to study PKCS#7, too :-/
  Thanks
  ToM

• Digital signature in QM

  Hi all,
  I have some douts pls help me to solve it
  1)The digital signature ensures that certain tasks are only performed by specially authorized users and documented in a signed document together with the name of the undersigned person, and the date and time.
            But this can also be met by using basis tools providing authorisation to restricted usere only for UD and Result recording
            then what is the use of Digital signature?
  2)If i am using digital signature it is not reflecting any where.
    i can olny see logs for that under Tcode DSAL
  ASD

  I pasted below the help file info from SPRO on digitial signatures.  This gives you a good overview.  You can find more info on this by searching help for information on SSF Settings for the System Signature.  SSF = Secure Store and  Forward and you will help files on this as well.  These areas are set up by BASIS folks, not QM.  You may want to inquire in a BASIS forum for more specific info on setting this up.
  Craig
  The basis application component Secure Store and Forward (SSF) is used to realize digital signatures in the SAP System. This section tells you how to make the following settings:
  SSF settings for the digital signature
  Which settings you make here depends on the signature method you use (see Specify Signature Method for Approval Using Simple Signature and Define Signature Strategies)
  The complete names of the users that are supposed to execute the signatures as well as their personal time zones
  When a signature is executed, the system copies the signatory name together with the local time according to the signatory's personal time zone to the signed document.
  Caution
  All users can maintain their address data and defaults by choosing System -> User profile -> Own data. The general user settings along with the SSF settings for the user are part of this data. Therefore if you use digital signatures, do not assign the authorization to maintain own data to all users.
  Requirements
  If you use the user signature as your signature method, you need an external security product that islinked to your SAP System by way of SSF.
  Note that you should not store the users' Personal Security Environment (PSE) in a file system but rather, for example, on a smart card. The PSE software does not comply with legal requirements for digital signatures.
  Standard settings
  The SSF settings for the system signature are contained in the standard system.
  Activities
  SSF Settings for the User Signature
  1. Go to Customizing for Basis Components, choose System Administration -> Digital Signature and carry out activity Application-Dependent Parameters for SSF Functions.
  2. Enter the SSF information for the users that are supposed to execute digital signatures. If you want, you can also make the general user settings now (see below).
  a) Go to user maintenance.
  b) Enter the user ID of the user whose data you want to maintain and choose Change.
  c) Go to the Address tab page.
  d) Choose Other communication and double-click SSF (Secure Store & Forw.).
  e) Enter the user's SSF information.
  How the entries must be structured depends on the security product you use.
  f) Choose Continue and save your entries.
  SSF Settings for the System Signature
  Check and, if required, maintain the standard settings. To do so, go to Customizing for Basis Components, choose System Administration -> Digital Signature and carry out the following activities:
  Application-Dependent Parameters for SSF Functions
  SAPSECULIB Maintenance Information
  General User Settings
  1. Go to user maintenance.
  2. Enter the user ID of the user whose data you want to maintain and choose Change.
  3. Go to the Address tab page and enter the user's first and last names.
  4. Go to the Defaults tab page and enter the user's personal time zone.
  5. Save your entries.

• Applying a timestamp to a Digital Signature in Office

  Hello,
  I want to apply een digital signature to a Worddocument or to the macromodule of a Worddocument.
  Because the certificate expires after a year, i want to add a timestamp.
  Now I read in the article "Digital signatures in Office 2010" that there are two registry settings to control the type of signature Office creates: XAdESLevel and MinXAdESLevel.
  So if I want to a signature with a timestamp i have to add the registry settings:
  XAdESLevel = 2 (REG_DWORD)
  MinXAdESLevel = 2 (REG_DWORD).
  Is that all, or do i need tot provide Office with a time stamp server?
  (I don't think i have a time stamp server).
  Kind regards,

  Hi,
  As far as I know, if we want to use the time stamp functionality with digital signatures, we must complete the following:
  Set up a time stamp server that is compliant with RFC 3161
  Use the Group Policy setting, Specify server name, to enter the location of the time stamp server on the network.
  On the other words, we need a time stamp server.
  Quote From:
  http://technet.microsoft.com/en-us/library/cc545900(v=office.14).aspx
  Hope it's helpful.
  Regards,
  George Zhao
  TechNet Community Support
  It's recommended to download and install
  Configuration Analyzer Tool (OffCAT), which is developed by Microsoft Support teams. Once the tool is installed, you can run it at any time to scan for hundreds of known issues in Office
  programs.

• Update on 10.6.8 fails due to digital signature on update is missing

  wanting to install the Parallels version 10 and it won't work on 10.6.8 version of my Mac OS so I learned how to go to the software update which indicates an update is available. When I go ahead and load the update it runs fine and then stops with a message that the Macbook Pro EFI Firmware Update can't be saved. It says the digital signature on the update is missing or invalid.
  I don't know if the digital signature is on my computer or the update? I would upgrade to a more recent version of the OS but don't know what will work.
  Can anyone help?
  Dan

  Parallels 10 isn't compatible with 10.6 according to the web site.
  Mac Requirements
  Hardware:
  A Mac computer with an Intel Core 2 Duo, Core i3, Core i5, Core i7, or Xeon processor (Core Solo and Core Duo processors are no longer supported)
  Minimum 2 GB of memory (4 GB of memory is recommended to run Windows 7 in a virtual machine or if your host OS is Lion)
  About 850 MB of disk space on the boot volume (Macintosh HD) for Parallels Desktop installation
  About 15 GB of disk space for each virtual machine
  Software:
  OS X Yosemite 10.10 or later
  OS X Mavericks 10.9.4 or later
  Mac OS X Mountain Lion 10.8.5 or later
  Mac OS X Lion 10.7.5 or later
  Check that your computer is compatible with Mountain Lion/Mavericks/Yosemite.
  To check the model number hold down the option/alt key, go to the Apple menu and select System Information.
  MacBook (Late 2008 Aluminum, or Early 2009 or newer) model number 5,1 or higher
  MacBook Pro (Mid/Late 2007 or newer) model number 3,1 or higher
  Your Mac needs:
  OS X v10.6.8 or OS X Lion already installed
  2 GB or more of memory (More is better - 4 GB minimum seems to be the consensus)
  8 GB or more of available space
  Check to make sure your applications are compatible. PowerPC applications are no longer supported after 10.6.      
  Application Compatibility
  Applications Compatibility (2)
  Do a backup before installing. 
  If you can/do upgrade, I recommend you make a copy of the installer and move it out of your Applications folder. The installer self-destructs. The copy will keep you from having to download the installer again.  You can make a bootable USB stick to install using this free program.
  Bootable USB Flash Drive – Diskmaker X
  Mountain Lion
  Note - Mavericks is no longer available.