OpenOffice.org video based manual
Plan-B for OpenOffice.org, learning office productivity software with videos


Tech Support for OpenOffice.org
Applications
Go to Open Office Writer Index
Go to Open Office Impress Index
Go to Open Office Math Index
Go to Open Office Draw Index
Go to Open Office Calc Index
Go to Open Office Base Index
Go to Open Office Online Help Index

Help Sections:
General
Writer
Impress
Math
Draw
Calc
Base
Basic

Using Digital Signatures

In OpenOffice.org, you can digitally sign your documents and macros.

Overview

To sign a document digitally, you need a personal key, the certificate. A personal key is stored on your computer as a combination of a private key, which must be kept secret, and a public key, which you add to your documents when you sign them.

Security Warnings

When you receive a signed document, and the software reports that the signature is valid, this does not mean that you can be absolutely sure that the document is the same that the sender has sent. Signing documents with software certificates is not a perfectly secure method. Numerous ways are possible to circumvent the security features.

Example: Think about someone wants to camouflage his identity to be a sender from your bank. He can easily get a certificate using a false name, then send you any signed e-mail pretending he is working for your bank. You will get that e-mail, and the e-mail or the document within has the "valid signed" icon.

Do not trust the icon. Inspect and verify the certificates.

The validation of a signature is not a legally binding assurement of any kind.

On Windows operating systems, the Windows features of validating a signature are used. On Solaris and Linux systems, files that are supplied by Thunderbird, Mozilla or Firefox are used. You must ensure that the files that are in use within your system are really the original files that were supplied by the original developers. For malevolent intruders, there are numerous ways to replace original files with other files that they supply.

The messages about validation of a signature that you see in OpenOffice.org are the messages that the validation files return. The OpenOffice.org software has no way to ensure that the messages reflect the true status of any certificate. The OpenOffice.org software only displays the messages that other files that are not under control of OpenOffice.org report. There is no legal responsibility of OpenOffice.org that the displayed messages reflect the true status of a digital signature.

Get a certificate

You can get a certificate from a certification authority, which may be a private company or a governmental institution. Some certification authorities want money for their service, for example when they certify your identity. Other certificates are free of costs, for example those offered by some e-mail providers, which certify your e-mail address. A few of the companies that offer certificates to private persons are listed in the following, in alphabetical order: GlobalSign , Thawte, Verisign.

Manage your certificates

If you are using Solaris or Linux, you must install a recent version of Thunderbird, Mozilla Suite, or Firefox software to install some system files that are needed for encryption.

If you have created different profiles in Thunderbird, Mozilla, or Firefox, and you want OpenOffice.org to use one specified profile for certificates, then you can set the environment variable MOZILLA_CERTIFICATE_FOLDER to point to the folder of that specified profile.

  1. Open your Web browser's preferences dialog, select the Privacy & Security tab page, click on Certificates - Manage Certificates.

  2. Import your new root certificate, then select and edit the certificate. Enable the root certificate to be trusted at least for web and email access. This ensures that the certificate can sign your documents. You may edit any intermediate certificate in the same way, but it is not mandatory for signing documents.

  3. When you have edited the new certificates, restart OpenOffice.org.

Save and sign the document

When you apply a digital signature to a document, a kind of checksum is computed from the document's content plus your personal key. The checksum and your public key are stored together with the document.

Open a signed document

When someone later opens the document on any computer with a recent version of OpenOffice.org, the program will compute the checksum again and compare it with the stored checksum. If both are the same, the program will signal that you see the original, unchanged document. In addition, the program can show you the public key information from the certificate.

You can compare the public key with the public key that is published on the web site of the certificate authority.

Whenever someone changes something in the document, this change breaks the digital signature. After the change, there will be no sign that you see the original document.

Signing a document

  1. Choose File - Digital Signatures.

  2. A message box advises you to save the document. Click Yes to save the file.

  3. After saving, you see the Digital Signatures dialog. Click Add to add a public key to the document.

  4. In the Select Certificate dialog, select your certificate and click OK.

  5. You see again the Digital Signatures dialog, where you can add more certificates if you want. Click OK to add the public key to the saved file.

A signed document shows an icon icon in the status bar. You can double-click the icon in the status bar to view the certificate.

Signing the macros inside a document

Normally, macros are part of a document. If you sign a document, the macros inside the document are signed automatically. If you want to sign only the macros, but not the document, proceed as follows:

  1. Choose Tools - Macros - Digital Signature.

  2. Apply the signature as described above for documents.

When you open the Basic IDE that contains signed macros, you see an icon icon in the status bar. You can double-click the icon in the status bar to view the certificate.

Index

signing documents

digital signatures

certificates for documents

This help text is published from the OpenOffice-Help files under the Public Documentation License 1.0.

Get OpenOffice.org - Free!

© Copyright 2006-2010 Conficio - All rights reserved