Archive for February, 2009

Please Sign Here…” and Help Us Develop the Best Electronic Signature Features in the Industry

If you have (and use) an electronic signature credential, and are interested in helping Adobe craft the next generation of Adobe Acrobat, Reader, and LiveCycle products and signature features, we are offering you the ability to participate in an Electronic Signature Survey.

There are three parts to this Survey.  The first part asks you to sign a signature field with your signature credential.  The second asks you a series of questions about your use of electronic signatures, and the third concerns technical details about your signature credential. 

IMPORTANT NOTICE:  All information you provide as part of the Electronic Signature Survey will only be used to test the compatibility of Adobe’s LiveCycle ES, Adobe Acrobat and Adobe Reader products with the signatures collected by way of this Electronic Signature Survey and to understand the ways in which signatures are used in our products, helping guide Adobe’s electronic signature product strategy.   Adobe will retain the information you submit as part of the Electronic Signature Survey as long as reasonably necessary but solely for testing and product development purposes as noted above.  The information you provide as part of the Electronic Signature Survey will not be publicly disclosed.  If at any time you wish to have the information you submit via the Electronic Signature Survey removed from Adobe’s database, please send an email to

All information submitted by you is subject to Adobe’s Online Privacy Policy located at:

Download the Survey here.  Thank you for participating! 


Primer on Server Base URL

One frequently asked question I get is about the “Base URL” setting within the LiveCycle Rights Management ES server configuration. What is this for? It’s a global setting that is used in several places where the server must identify its location to a remote client. The text is used as a “base” for deriving various types of server URLs. Here is a screenshot of the relevant configuration section of the administrative web console:

Here are two examples of its use in the system:

  • Have you ever wondered how, when somebody opens a RM protected document, the client determines your credentials and decrypts the document? “Baked” into each protected document are two important pieces of unencrypted information: a globally unique identifier (the document GUID), and the server address that the client contacts to receive authorization to decrypt and open the document. The server address is a derivative of the base URL that the administrator configured when setting up the server.
  • When an author or recipient performs a “web-based action” on a particular document, the client will automatically receive a single-sign-on-based redirect to a web age populated with the appropriate information. For example, the client-based request to view the audit history of a document opens a web browser showing which users have viewed, modified, or printed a protected document. The end-user experience is seamless, and the redirect instruction is derived from the base url of the document.


The advantage of deriving URLs from this base URL is that it simplifies the end-user experience, as outlined above, and gives flexibility to customers implementing a LiveCycle Rights Management server. This flexibility means that administrators can leverage DNS as a layer of indirection between client and ultimate server(s). DNS, for example, can provide different routes to a server depending on whether a document viewer is located inside or outside of a company’s network. It can also be used in with a load-balanced cluster to ensure that LiveCycle Rights Management runs as a high-availability and high-throughput system.

However, when configuring this URL you need to be careful: by changing settings on the server, you may orphan existing secured documents if you neglect to update DNS to point to the new server. Also, because of the sensitive information communicated between our server and clients (e.g., Adobe Acrobat, Adobe Reader, the LiveCycle Rights Management ES Extensions for Microsoft Office, PTC Pro/ENGINEER, …), we strongly advocate that the URL specified be HTTPS such that the communication is done over SSL. In fact, most of our clients will refuse to talk to a server URL that is not specified as HTTPS. (Specifying a HTTP-based URL will attempt to force the client to communicate over HTTP, however this is likely to fail because our clients generally do not support non-SSL connections.)

Need more information on how your organization can effectively manage and protect your intellectual property? Further information can be obtained at or by contacting Adobe

Adobe Secured Customer Showcase: Young Conaway Stargatt & Taylor, LLP

Click here to read about how this technology-savvy law firm improves operations, safeguards sensitive content, and builds stronger cases using Adobe® Acrobat® 9 software.

Using Acrobat, Young Conaway’s staff can go beyond the preservation of confidentiality. They can redact sensitive case information quickly and apply passwords and digital signatures to documents for added security. “We need to control who accesses documents and give people the assurance that the materials they receive have not been altered,” explains DiBianca. “With Acrobat, we can put controls on PDF files to limit access to information and restrict copying of data from files.”

SC Magazine article: Minding your documents

Do your employees know what “confidential” really means? Do you need an information classification system to better protect your sensitive documents?

Continue reading…

Packaging options for encrypted PDFs

Since Acrobat 2.0 in 1994, encryption has been available to protect a PDF document – restricting who can open it and what they can subsequently do with it. Today, there are a number of packaging options for distributing one or more protected PDF files.

Continue reading…

Adobe Secured Customer Showcase: Australian Government Department of Health and Ageing

Read about how Adobe LiveCycle RIghts Management ES is helping the Australian government secure forms in an automated process for collecting information from individuals participating in a National Bowel Cancer Screening Program.

“Today, doctors can download a form from the cancer screening website, complete the form on their computers and submit the completed form to the National Bowel Cancer Screening Program Register via a secure electronic process.”

Click here for the full story and additional ROI statistics.

Adobe Secured Customer Showcase: Antwerp Port Authority

The Antwerp Port Authority manages Europe’s second biggest port and is guided by the European Directive on Invoicing (EC / 115 / 201) to ensure member states implement electronic invoicing as part of the value added tax (VAT) legislation. The tax rule requires that each supplier guarantee the authenticity of origin and integrity of the content for invoices they create and ultimately archive for compliance.

To meet these requirements, Adobe LiveCycle ES has been deployed in conjunction with Globalsign certificates to ensure that PDF invoices are digitally certified to cryptographically bind the identity of the certifying party to the invoice itself. Users can then open the invoices using the free Adobe Reader and document authenticity and integrity automatically to detect whether the contents have been altered after certification.

By applying digital signatures, Antwerp Port Authority was able to quickly automate invoicing processes, thereby streamlining workflow, lowering costs, and meeting the mandatory European directives for compliance. The entire process is packaged into a seamless solution via the Adobe Certified Document Services (CDS) platform.

Read more about Antwerp Port Authority’s successful implementation of Digital Signatures here.

Adobe Sponsors ShmooCon 2009

Hello All! This is Dimitri writing here. I am happy to say that Adobe is sponsoring ShmooCon 2009 as part of our security community outreach efforts. We want to help the security community exchange ideas and develop secure software practices.
Senior Security Researcher Peleus Uhley and I will be roaming the conference floors and would be most interested in talking to other security researchers about the security of Adobe products. So, if you will be in Washington D.C. attending the conference at the end of this week, come say hi! I don’t bite and neither does Peleus!