Hi y'all,
the original Adobe Reader supports a lot of DRM functions like different
passwords for printing/low-res/cut'n'paste, and, at least with their
big'n'honkin' Enterprise solutions, time-limited documents that cannot be
opened after a date.
I've been searching for hours and hours, but i could not find any evidence
that this is possible with the PDF Standard. Does anyone know if the pdf
library in djigzo does support any of these features (beyond the already
implemented encryption)...?
Personally i'm looking for the timebombing-function to send CV's when i'm
applying for a new job, and i don't like the idea that my CV is circling the
int[er|ra]nets 'til the end of time.
I could image three ways this could work:
- Simply check the time of the computer (yes, easy to circumvent; but most
HR-People i've met would not even be able to do that ;))
- Check the time of a certified timeserver
- Get a needed decryption-key from a (djigzo-) web-server, which could be
disabled after a timeperiod (yeah, that would not be a simple feature, but
it would be cool, it would be possible to track if/when/how often a
document/mail was opened, revoke that right at any time, potentially chance
permissions like print/no print on the fly etc)
Any ideas if something like this is possible with "official" pdf commands,
or, if not, if it could be implemented with javascript inside the pdf...?
The PDF standard allows you to specify certain permissions:
allowPrinting, allowModifyContents, allowCopy, allowModifyAnnotations,
allowFillIn, allowScreenReaders, allowAssembly, allowDegradedPrinting
It's however up to the PDF reader whether or not the PDF reader enforces
these permissions. From a security viewpoint it's therefore questionable
whether these permissions are of any help since it's probably easy to
find a PDF reader that does not enforce these permissions.
I will check whether it is possible to set the permissions for the
generated PDF.
- Simply check the time of the computer (yes, easy to circumvent; but most
HR-People i've met would not even be able to do that ;))
- Check the time of a certified timeserver
- Get a needed decryption-key from a (djigzo-) web-server, which could be
disabled after a timeperiod (yeah, that would not be a simple feature, but
it would be cool, it would be possible to track if/when/how often a
document/mail was opened, revoke that right at any time, potentially
chance
permissions like print/no print on the fly etc)
The problem is that AFAIK for DRM a paid version of Adobe Acrobat is
required and this is not supported by most (all?) other non-Adobe PDF
readers. So, to do PDF DRM 'correctly' requires some DRM'ified PDF
reader. It might be possible to use Javascript but it wouldn't surprise
me if most enterprise users have disabled Javascript due to security
reasons.
Kind regards,
Martijn Brinkers
ยทยทยท
On 08/22/2011 04:32 PM, Jay R. Worthington wrote:
--
Djigzo open source email encryption
