SCS-CBU-CED-IAM / AIS

Swisscom All-in Signing Service: Sample Scripts
Apache License 2.0
9 stars 7 forks source link

iText: Adding RI to the DSS may break certification signature #9

Closed phaupt closed 10 years ago

phaupt commented 10 years ago

Revocation information (RI) shouldn't be added to the DSS in case the AIS has already embedded RI in the signature, e.g. in case of static or ondemand signatures.

Currently iText does always add RI, in every case, causig the document to be altered. It'll break the signature in case of certification signatures.