Certificates Overview

A certificate offers secure transmission of PDF files; Power PDF can create self-signed certificates, or they can be acquired from a Certificate Authority (CA). Each certificate includes a key-pair: one private and one public key.  Using a Certificate means that signatures and the PDF content are encrypted during transmission.

 

There are two main ways to acquire a security certificate:

 

Self-signed certificates

These are typically used for sending PDF files between people know and trust each other.  This case does not need the intervention of a Certificate Authority (CA) because Power PDF issues the certificate which you can store on your own computer or in the Windows Certificate Store.

 

CA-certificates

These are typically used for sending secure PDF files between people who need to trust each other, but do not know each other personally – for instance in a company with offices in different locations. The sender in this case must first obtain a Certificate from a CA. In order to exchange files, both parties need to obtain CA certificates - not necessarily from the same provider. In this case the CA acts as a trusted and neutral third-party to file transfers.

 

How secure are certificates and their digital IDs?

A document sealed by 40-bit encryption can be deciphered by a competent hacker in around 4 hours. An 128-bit encoding needs thousands of hours, 256-bit many tens of thousands.  Remember that many government security agencies attempt to have decoding ability more powerful than commercially available algorithms, so absolute security cannot be guaranteed.

 

Note

Documents signed without certification can be intercepted and read and maybe changed. In this case the PDF content itself is not encrypted, only the signature and its associated data. The signature allows a recipient to know if and which changes occurred after the document was signed. Documents are signed or signed and certified in the Sign/Certify panel. Note that a certified document (or certifying a document) has nothing to do with protecting a document with a Security Certificate, it only allows the signer to limit permitted actions to the PDF.