Trusted Anchors and Certificate Revocation Lists 

To be able to use the document certification and digital signatures features, you need to install

·        Trusted Anchors to enable the server to verify the certification or signature of a document

·        Certificate Revocation Lists (CRLs) for identifying credentials that can no longer be trusted

 

Trusted Anchors must be installed and configured in Adobe document services. Trusted Anchors may be CA certificates or even individual user’s certificates. There are two cases:

·        Typically, when you receive a credential from a CA, it contains two keys: a private key and a public key. While you must keep the private key private and saved within your system, you must make the public key available to anyone to whom you will send documents certified or signed using the corresponding private key. In addition to the credential file containing these keys, the CA also provides a certificate containing the CA’s public key. This is known as a Trusted Anchor.

·        You need to install a Trusted Anchor in order to trust signatures or certifications that other people applied to documents using their own credentials.

 

CRLs prevent you from applying a digital signature that is no longer valid, and it lets you know when digital signatures on incoming documents are invalid. CRLs should be updated on a regular basis (for example, daily or weekly).