pdfMachine - Signing Server

Currently the signing server is not operational. Please contact Craig Broadbear at if you are interested in using the signing server.

For details on "pdfMachine sig" please click here.

The pdfMachine Signing Server performs two functions:

1) Time Stamp Authority (TSA)
It adheres to the Time-Stamp Protocol described in RFC 3161. It can be used to Timestamp PDFs by the pdfMachine Signer client software.

2) PDF signing server
To be used by pdfMachine client software for digitally signing PDFs with a private key that resides on a server.

What is a Time Stamp Authority (TSA) ?

A time-stamping service supports assertions of proof that a document
existed before a particular time. This is all done in a cryptographically secure manner.

This is described in detail in RFC 3161 at http://www.ietf.org/rfc/rfc3161.txt

Put simply, if you can trust the time of a TSA, then you can trust the document signing time in the PDF thus proving the existence of a document at a certain time.

The pdfMachine Signing Server synchronizes its time every few minutes with the time servers at the National Institute of Standards and Technology (NIST) in the USA. The NIST is the official timekeeper in the USA and uses atomic clocks to calculate time.

When a PDF file is time stamped, a little "clock" symbol is shown on on the signature property pages within Adobe Reader.

e.g.

pdfmachine signing server

What is Server Signing?

Server signing allows you to get up and running with signing PDFs immediately. You sign your PDFs with a digital certificate that resides on a pdfMachine server. This works without sending the PDF or any private data to the pdfMachine servers. Only a 20 byte "message digest" of the PDF is sent from the pdfMachine client application to the pdfMachine Signing Server, where it is signed and time stamped. The signature is then sent back to the client machine to and inserted into the PDF.