Matthias Valvekens

The ever-continuing push for digitalisation has increased our reliance on trust services of various kinds, filling various needs relating to document signing, code signing, authorization tokens, and so forth. Many of these trust services rely on public-key infrastructure (PKI) and X.509 certificates.

The sensitive nature of these tools makes them difficult to use in a testing environment. On the one hand, exposing access to production keys in your CI is obviously a terrible idea. But on the other hand, setting up and maintaining a fully functional "mock" PKI environment is also pretty tricky. What can you do about that?

Using PKI tools in test workflows involves many challenges. Here are a few examples:

• Even a (supposedly) basic task like validating an X.509 certificate involves quite a bit of complexity. Apart from "local" validation logic, you might also have to check the revocation status of your certificate, which could entail talking to an OCSP responder service or looking up a CRL.

• If you're using secure timestamps (RFC 3161) in your code, your tests might also require access to a time stamping service.

• Maybe you're using a remote signing service vendor that doesn't offer any sort of "sandbox" for testing purposes.

In all of these scenarios, both test data generation and mock service integration can be quite cumbersome. Both in my own time and on the job, I write a lot of code that relates to digital signing in various ways, and this is a kind of problem that I run into all the time. After trying out a variety of methods, I grew dissatisfied with the "traditional" options, and rolled my own PKI testing framework: Certomancer. Certomancer helps with both test data generation, performs trust service mocking, comes with a plugin API, and most importantly, it's FOSS (MIT licence).

In my talk, I'll take you through some of the "how"s and "why"s of Certomancer's feature set, and talk about some of the mileage that I've gotten out of it.

The push for paperless bureaucracy has been going on for quite some time, but the circumstances of the past year made the issue even more pressing than it already was.

The PDF specification outlines a number of security features, including but not limited to encryption, digital signatures and redaction support. The goal of this talk is to give a broad overview of the various security mechanisms provided by the PDF standard and their applications in the real world, with a particular focus on digital signing.

The push for paperless bureaucracy has been going on for quite some time, but the circumstances of the past year made the issue even more pressing than it already was.

PDF has played---and continues to play---an important role in this digitalisation process. This is in large part due to the format's reputation for robust, platform-independent rendering, but its easy-to-use, natively supported security features are another key selling point. PDF documents can be encrypted using AES or public-key encryption to keep their contents away from prying eyes, and the PDF specification also includes native support for redacting documents before public release. Last but not least, electronic PDF signatures as a replacement for old-school "wet ink" signatures have been a major factor in moving towards paperless workflows for companies and governments alike.

Document security is a complicated and broad subject, with many different facets that often conflict with one another. In particular, developers of workflows handling sensitive documents regularly face tough judgment calls weighing security requirements against ease of use. The security features in the PDF specification provide a standard framework to respond to these needs. In this talk, we'll discuss how you can leverage PDF to build secure, yet user-friendly document workflows. In the context of digital signing, we'll go over what it means to "trust" a digital signature, and how that trust is validated in practice. In addition, the talk wil touch upon some of the common pitfalls in PDF security that you should be aware of to prevent your documents from being exploited.