Digital signatures assure the authenticity of the FY2009 budget
- By William Jackson
- Feb 04, 2008
The Fiscal 2009 Budget was released today, and for the first time, the Government Printing Office is publishing the president's annual budget proposal online in certified PDF documents
with only a limited number of printed-on-demand hard copies being produced.
Publishing budget documents electronically is not new, said GPO spokesman Gary Somerset. 'We've had the budget online at GPO Access for years,' he said. It is part of GPO's transition to a 21st-century digital environment.
What is new with the Fiscal 2009 Budget is that the digitally signed electronic documents are the primary source of official budget information, thanks in part to new authentication tools from Adobe that certify the authenticity and integrity of the documents being accessed online.
GPO is using Adobe LiveCycle enterprise suite, which integrates authentication into the document creation process as part of the workflow. Documents can be digitally signed automatically at the server rather than one at a time on the desktop. This is a major help in a publication of thousands of pages that is being released in 29 separately signed sections as well as a number of separately signed supplemental materials.
The digital signature is a public-key infrastructure technology. It lets a signer use an electronic credential called a digital certificate containing a secret private key to sign or 'lock' a document once it has been verified as complete and accurate. This signature can be electronically checked using the signer's public key to see that it is valid and from a trusted source, and to verify that the document is genuine and has not been altered since it was created.
The GPO uses digital certificates from GeoTrust, a VeriSign company, to sign the FY2009 Budget.
'We are not a certificate authority,' said John Landwehr, director of security at Adobe. VeriSign is one of four private certificate authorities participating in the company's Certified Document Service. Digital signatures made with those companies' certificates can be verified through Adobe Acrobat or Reader in Versions 7.0 and higher. The reader automatically checks with the certificate authority to verify that the signature and the certificate it was created with are valid.
The reader provides several visual cues of the signed and certified document. The first is a blue bar across the top of the reader, separate from the document itself, showing that the document has been certified.
'GPO also has put a watermark at the top of the document,' with the GPO Access logo, that indicates a certified document, Landwehr said. When clicked on, the logo shows the status of the digital certificate used to sign the document. There also is an icon in the navigation column on the left side of the reader for displaying signature status.
Somerset said GPO has been experimenting with the certification technology for about a year.
William Jackson is a Maryland-based freelance writer.