I really hope that someone will decide to step in and become the Let's Encrypt of PDF and S/MIME certs, because that will improve public trust significantly.
You’ll be surprised how far you can go pasting a picture of your signature in Preview.
In the EU, in order to have a legal guarantee of being treated as the same as a handwritten signature in all member states, you have to meet "Qualified Electronic Signature" level, which means cryptographic signatures and the involvement of some kind of trust services provider who validates the certificate used to sign. In practice this is rare, and ordinary electronic signatures a la Preview work for most things.
Marketplace at least in the US has shown that once you have this, the actual cryptography really doesn't matter. All anyone seems to care about seems to be "We are company X and have been doing this business for Y years and here's our standard operating policy. We emailed address A at time T1 and the person reading that email address used our online services to electronically 'sign' the pdf P at time T2."
Everyone trusts Adobe/Dropbox/et al to make that claim, nobody cares about certificates and what not.
Two references which I promise will be interesting (re: qcerts and QES tooling):
- excellent open source library for working with PDFs and digital signatures (incl. PDF ones): https://github.com/MatthiasValvekens/pyHanko
- European Commission's DSS Tool (you can submit one PDF only, don't need both original and signed one): https://ec.europa.eu/digital-building-blocks/DSS/webapp-demo...
[1]: https://www.zealid.com/en/ - you can onboard remotely for free, download your qualified certs at https://my.zealid.com/en - upload, QES sign, download PDFs (all of these free) - or use our APIs to integrate into us (get in touch with us if you'd like the latter).
[2]: opinions are my own.
Ah, that's great to hear! You can message its author if you have any specific questions regarding it, he's a friendly and very competent fella.
> I'm curious, my UK passport didn't scan correctly with NFC. Do you only support EU docs for NFC validation? I expected the NFC scanning to work with any ICAO 9303 document.
Ah, one day I'll write a post / video / book / series of morbid novels on NFC in eMRTDs...
Long story short: we support NFC worldwide (NFC prompt is disabled for certain documents, e.g. Germany has a peculiar interpretation of ICAO 9303 where they require a type of Active Auth (vs Passive Auth which is what happens when you scan it with our app or with many other apps))).
However.
1. Sometimes the chip simply does not scan correctly. It takes a bit of time, there's a handshake involved, we send in a sort of hash of the MRZ so that the chip can give some (not all) of the NFC Data Groups (if you're familiar with the 9303 - e.g. we don't get (as part of Passive Auth) biometrics info such as your iris info). You have to hold it tight for a while. You have to hold it against the right spot on your mobile device (varies per model as you're likely aware). Chip has to be in good shape (confirmed from personal experience).
2. Countries interpret PKI (incl. the underlying x509 spec)... differently. One good recent example: the DSC (Document Signing Certificate embedded in your chip) has to have the same trust root as the corresponding CRL (cert revocation list where we check if the cert which signed the DSC - the so-called CSCA - has not been revoked). In practice... sometimes they differ. We handle exceptions and keep working on them, but it's a slow process.
So TL;DR sometimes it's just the physical process which gets in the way (and you then get the video pattern upload screen); sometimes we fetch the NFC data but cannot ensure its authenticity (cannot verify chain of signed certs up to a trusted root - UK like other countries has issued a few CSCAs; these are included in ICAO's PKD which we download, verify and then use). And sometimes all of this is well, but we conclude that the revocation status of the parent cert (the CSCA) is unknown.
If revocation information is included in the cert (e.g. through a so-called distribution point - which usually points to a URL (sometimes broken...), sometimes to a file (...), etc.), we have to make revocation checks and conclude that the cert inside the chip (DSC) and the parent cert(s) have not been revoked. Sometimes the latter process fails.
Sometimes the same document model (same country, doc type, same issue year, same physical security features etc.) embeds a different DSC which leads us to discover that some country has again introduced some non-conforming (against x509 spec, to be precise; e.g. in terms of validation path building) cert chain. We learn to handle them, but it's an ongoing process. Some docs for some countries still prove troublesome.
I don't know the particular onboarding attempt at hand, so it could be something from #1 or #2 above, or perhaps something else.
What can I say, it's fun... (I especially love how ICAO 9303 requires explicit unnamed elliptic curves (as the key algorithm for the keypair underneath the NFC's DSC).
If you want to chat more, shoot me an email :)
She doesn't mind either way. Seems to work well enough for her use cases.
I am interested in this part. Here is what I found: https://pdfbox.apache.org/2.0/commandline.html
Since PDFBox is a Java application, it should work cross-platform, not just Linux. Please correct me if you mean something else.
Probably anybody who can get this docker container running, can use appropiate open source cli tools. So one would wonder about the target audience. I don't. ;)
But I do indeed LibreOffice's command line conversion features.
Suggestion is to use a free Pdf xchange editor by tracker software. And print the document to pdf when done.
Well that's that then.
It was initially created as a 24 hour challenge to make a full app with chatgpt 3.0 in a set time limit to test what chatgpt was like last year.
I posted on Reddit it got lots of demand and I turned it into a full app,the only full chatgpt was the first 24 hours, it's over a year later now
Even being sympathetic, my thought reading this was "probably bad code quality/rotten core despite the great feature set".
You can have a "History/Background/Origin" section where you put exactly what you wrote in your comment and it will be fine.
This notwithstanding, thank you very much for developing this app! I will look into deploying it on my server, it will be of great help to people around me who often need manipulating PDFs but are not super technical!
1) don't expose it to public internet
2) don't give it untrusted input
Which highly reduces the usability factor for me.
So yeah.
Leetcode is a meaningless metric when evaluating application developers.
Source: https://docs.paperless-ngx.com/changelog/#paperless-ngx-270
I think people's perception of forefox is from several versons ago. As a daily user throughout its history, Firefox has made alot of progress over the years IMO.
Give it another shot if it's been a while.
This is a concrete problem when deploying apps that need the user to “upload” some sensitive content.
[1] https://www.obdev.at/products/littlesnitch/index.html
Edit: LS is MacOS oriented. I'm sure there are others, but I'm not into it. I feel it should be an OS-level feature, but who am I.
There's opensnitch on Linux. There's also something similar on Windows but I don't remember what it's called.
A web app doesn't need to make an outbound web requests to operate. A user interacting with a web is the one initiating the requests.
You can give the access to the up through a HTTP proxy and you can filter out any outbound requests from the web app or even not configuring the network routing for the server hosting that app. That leaves you with only JS initiated requests in the rendered pages of the app.
Open source runs in a large amount of trust, and we're all complicit.
You can run a local bundle of HTML/JS/WASM in a web browser instance that you isolate (for example with firejail) to prevent network access. You distribute as a zip/tgz, but it's not obvious how to handle updates without a full redownload. Distributing with a full Electron-like interface is obviously overkill.
If you're running a web app that's hosted elsewhere (which will be much more convenient for most people), your web browser or the software isolation functionality (or firewall/proxy) needs to distinguish between the initial resource loads (approve) and later sneaky logging requests (ban).
There are Android applications such as TrackerControl that have related functionality (operates as a local VPN to filter all network requests and block tracking) but I don't know of convenient tools for the desktop (Linux, in particular).
CxReports: Self-hosted, web-based PDF reporting tool.
I really hope it's better now.
The tool failed to help me with such a seemingly menial task, the improvement was very small. I even tried to repeat the step multiple times, but after like 2nd use there were no visual differences anymore (but the file's size kept actually changing).
And yes, Master PDF Editor is an amazing piece of software! It makes creating PDF forms so easy that every time I get a PDF to fill out, I make it a form and send back an empty copy too so whoever sent it to me can use that instead. I've gotten a few smaller organisations to start using mine instead.
This seems too complicated to perform simple tasks of split merge edit not to mention the GBs of space docker and dependencies will take.
Thank you
Update: As evident by the author's comment below, it's definitely not made by ChatGPT anymore (in any major way)
On Windows, okular. But honestly, pirating Acrobat is the best way if you have a tough economy.
- Libreoffice can edit Word and Excel files.
- There are several tools to read a PST file. Anyway… pst files are not commonly being shared with other people so the need to accessing it is uncommon unless you already use outlook.
- Autocad and Quickbooks are far less used (less people) than PDF.
I also wonder why there are no more tools to edit PDF files. Maybe licensing issues?
Edit: formatting
- Libreoffice can edit Word and Excel files.
You are correct. Just because Libreoffice can mangle a docx file doesn't make them truly comparable.
emacs can edit a .sqlite file, but they aren't comparable.
The issue is the insanely massive investment needed to build and sustain a project with millions of lines of code for something that isn't particularly sexy.
Not that PDF related tools are uncommon but yeah I think people understand the sentiment.
I'm also very surprised that <redacted> for profit companies in the Document-manipulating/signing/storing still exist outside of niche industries (healthcare, govt, law) that require audit-trails and other regulatory specifics. I guess SEO still rules.. If anyone wants to make some money call up all the biggest real estate firms in your area and ask them how much they spend on contract signing or related services (it's a lot) and then offer them to do this for half the amount ( I can sign 20-30k documents for <$100 a month, and could be cheaper probably) Your average real estate firm is paying .50c-$1 a signature if they are uninformed, there's a lot of the uninformed.
Reputation often matters more than price in this area, because the pricey services amount to peanuts compared to the business as a whole. It's like doing price optimisation on toilet paper in the office. And reputation is generally interpreted as a proxy for reliability and a guarantee that there will be someone to sue if things go bad.
The more you work on this stuff the more you hate proprietary formats as well as having to rely on open source repos operated at the whim of a few good people.
I would be careful with such wording as one could easily come to the conclusion that this tool was developed by the ChatGPT team. Nevertheless that this software certainly wasn't entirely developed by ChatGPT which is technically not possible but WITH the assistance of an AI tool.
If you’re talking about raw pdfs then you are at the whim of the encoding surely? I’ve always found Adobe etc to have utterly crap searches
Backend has Python and preferably agpl
It was initially created as a 24 hour challenge to make a full app with chatgpt 3.0 in a set time limit to test what chatgpt was like last year.
I posted on Reddit it got lots of demand and I turned it into a full app,the only full chatgpt was the first 24 hours, it's over a year later now
https://github.com/Stirling-Tools/Stirling-PDF/blob/7f577a60...
My understanding is that it’s more about trust (Docusign being the leader) than anything else: one can provide certificate signing and verification, but the trust in the owner of the certificate is the crux of the matter
[1] I’m the developer behind SimplePDF.eu
It went from 6k to 15k+ stars in a few days around 2023 Christmas when HN/Github/Reddit traffic is usually lowest, and I didn't see a corresponding social media post or announcement around that time with that kind of traffic.
If I'm wrong and there is some big social media post / promo that I missed, I apologize, I'll eat my shorts!
https://star-history.com/#Stirling-Tools/Stirling-PDF&Date
https://www.google.com/search?q=%22stirling%22+%22PDF%22&sca...
Sorry for insinuating that you maybe bought stars and congrats on the great project growth!
Hopefully if nothing else, my comment will answer this question for others that had the same "partially written by ChatGPT" == "willing to use bots for growth" suspicion.
