helpcontent2/source/text/shared/guide/digital_signatures.xhp


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72

<?xml version="1.0" encoding="UTF-8"?>
<helpdocument version="1.0">
	
<!--
***********************************************************************
 *
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 * 
 * Copyright 2008 by Sun Microsystems, Inc.
 *
 * OpenOffice.org - a multi-platform office productivity suite
 *
 * $RCSfile: digital_signatures.xhp,v $
 * $Revision: 1.14.4.1 $
 *
 * This file is part of OpenOffice.org.
 *
 * OpenOffice.org is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Lesser General Public License version 3
 * only, as published by the Free Software Foundation.
 *
 * OpenOffice.org is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Lesser General Public License version 3 for more details
 * (a copy is included in the LICENSE file that accompanied this code).
 *
 * You should have received a copy of the GNU Lesser General Public License
 * version 3 along with OpenOffice.org.  If not, see
 * <http://www.openoffice.org/license.html>
 * for a copy of the LGPLv3 License.
 *
 ************************************************************************
 -->
 
	
<meta>
<topic id="textsharedguidedigital_signaturesxhp" indexer="include">
<title id="tit" xml-lang="en-US">About Digital Signatures</title>
<filename>/text/shared/guide/digital_signatures.xhp</filename>
</topic>
</meta>
<body>
<bookmark xml-lang="en-US" branch="index" id="bm_id7430951"><bookmark_value>certificates</bookmark_value>
<bookmark_value>digital signatures;overview</bookmark_value>
<bookmark_value>security;digital signatures</bookmark_value>
</bookmark><comment>mw moved 1 entry to digitalsign_send.xhp and made "digital signatures" a two level entry and added a new entry</comment>
<paragraph role="heading" id="hd_id2767418" xml-lang="en-US" level="1" l10n="NEW"><variable id="digital_signatures"><link href="text/shared/guide/digital_signatures.xhp">About Digital Signatures</link>
</variable></paragraph>
<paragraph role="paragraph" id="par_idN10632" xml-lang="en-US" l10n="NEW">In %PRODUCTNAME, you can digitally sign your documents and macros. </paragraph>
<paragraph role="heading" id="hd_id6564531" xml-lang="en-US" level="2" l10n="NEW">Certificates</paragraph>
<paragraph role="paragraph" id="par_idN10639" xml-lang="en-US" l10n="NEW">To sign a document digitally, you need a personal key, the certificate. A personal key is stored on your computer as a combination of a private key, which must be kept secret, and a public key, which you add to your documents when you sign them.</paragraph>
<paragraph role="heading" id="par_idN1066D" xml-lang="en-US" level="2" l10n="NEW">Save and sign the document</paragraph>
<paragraph role="paragraph" id="par_idN10671" xml-lang="en-US" l10n="NEW">When you apply a digital signature to a document, a kind of checksum is computed from the document's content plus your personal key. The checksum and your public key are stored together with the document.</paragraph>
<paragraph role="heading" id="par_idN10674" xml-lang="en-US" level="2" l10n="NEW">Open a signed document</paragraph>
<paragraph role="paragraph" id="par_idN10678" xml-lang="en-US" l10n="NEW">When someone later opens the document on any computer with a recent version of %PRODUCTNAME, the program will compute the checksum again and compare it with the stored checksum. If both are the same, the program will signal that you see the original, unchanged document. In addition, the program can show you the public key information from the certificate.</paragraph>
<paragraph role="paragraph" id="par_idN1067B" xml-lang="en-US" l10n="NEW">You can compare the public key with the public key that is published on the web site of the certificate authority.</paragraph>
<paragraph role="paragraph" id="par_idN1067E" xml-lang="en-US" l10n="NEW">Whenever someone changes something in the document, this change breaks the digital signature. After the change, there will be no sign that you see the original document.</paragraph>
<paragraph role="heading" id="hd_id9354228" xml-lang="en-US" level="2" l10n="NEW">Security Warnings</paragraph>
<paragraph role="paragraph" id="par_id2372508" xml-lang="en-US" l10n="NEW">When you receive a signed document, and the software reports that the signature is valid, this does not mean that you can be absolutely sure that the document is the same that the sender has sent. Signing documents with software certificates is not a perfectly secure method. Numerous ways are possible to circumvent the security features.</paragraph>
<paragraph role="paragraph" id="par_id7953123" xml-lang="en-US" l10n="NEW">Example: Think about someone who wants to camouflage his identity to be a sender from your bank. He can easily get a certificate using a false name, then send you any signed e-mail pretending he is working for your bank. You will get that e-mail, and the e-mail or the document within has the "valid signed" icon. </paragraph>
<paragraph role="paragraph" id="par_id6195257" xml-lang="en-US" l10n="NEW">Do not trust the icon. Inspect and verify the certificates.</paragraph>
<paragraph role="warning" id="par_id8635517" xml-lang="en-US" l10n="CHG">The validation of a signature is not a legally binding guarantee of any kind.</paragraph>
<paragraph role="paragraph" id="par_id6075624" xml-lang="en-US" l10n="NEW">On Windows operating systems, the Windows features of validating a signature are used. On Solaris and Linux systems, files that are supplied by Thunderbird, Mozilla or Firefox are used. You must ensure that the files that are in use within your system are really the original files that were supplied by the original developers. For malevolent intruders, there are numerous ways to replace original files with other files that they supply.</paragraph>
<paragraph role="warning" id="par_id6819971" xml-lang="en-US" l10n="NEW">The messages about validation of a signature that you see in %PRODUCTNAME are the messages that the validation files return. The %PRODUCTNAME software has no way to ensure that the messages reflect the true status of any certificate. The %PRODUCTNAME software only displays the messages that other files that are not under control of %PRODUCTNAME report. There is no legal responsibility of %PRODUCTNAME that the displayed messages reflect the true status of a digital signature.</paragraph>
<section id="relatedtopics">
<paragraph role="paragraph" id="par_id3204443" xml-lang="en-US" l10n="NEW"><link href="http://wiki.services.openoffice.org/wiki/How_to_use_digital_Signatures">English Wiki page on digital signatures</link></paragraph>
<paragraph role="paragraph" id="par_id486465" xml-lang="en-US" l10n="NEW"><link href="text/shared/guide/digitalsign_send.xhp">Applying digital signatures</link></paragraph>
<paragraph role="paragraph" id="par_id3448591" xml-lang="en-US" l10n="NEW"><link href="text/shared/guide/digitalsign_receive.xhp">Opening a document using WebDAV over HTTPS</link></paragraph>
</section>
</body>
</helpdocument>