GPO’s core mission hasn’t changed since opening in 1861, but the agency has evolved to meet the information needs of Congress, agencies, and the public in a predominantly digital world. The widespread use of digital technology has changed the ways GPO’s products are created, managed, and delivered to users. Because many of the official publications GPO provides online are in PDF format, GPO uses digital signature technology to provide evidence of authenticity and integrity and safeguard against unauthorized changes to these files.
GPO has a broader responsibility not just to keep America Informed, but also to take measures to provide evidence to information consumers that they can trust the information in our publications. Trust that no unauthorized changes have been made but also trust that what they are seeing is in fact the official document, has not been fabricated, and has in fact been disseminated by GPO in that very form.
With the application of digital signatures to PDF documents, GPO seeks to provide evidence of PDF integrity and authenticity:
- Providing evidence of document integrity means that measures have been taken to prevent unauthorized or accidental changes to the data. The goal is to provide visible evidence to the receiver to verify the data has not been altered.
- By authenticity, we mean that a user is able to see evidence that verifies a digital publication’s identity, source, and ownership.
To address the need to provide evidence of authenticity and integrity of PDF documents, GPO uses a digital certificate to apply digital signatures to PDF documents and a visible seal of authenticity to convey that information to users.
Certification is proof of verification or authority. It’s the process associated with ensuring that a digital object is authentically the content issued by the author or issuer.
Authenticity and integrity information is conveyed to a user by opening a PDF in Adobe Acrobat or Reader software and clicking the visible seal of authenticity, an eagle logo that says “Authenticated U.S. Government Information.” Upon clicking the logo, users can verify the document certification is valid, it has not been modified since it was certified, and that the signer’s identity is valid. The user also has the option to look at the signature properties.
How do I verify GPO's digitally signed PDFs?
The recommended way to verify GPO’s digitally signed PDFs is to open the file using Adobe Acrobat or Reader software. Many browsers today open PDFs automatically within the browser without using your computer’s Adobe software. If you are not using Adobe Acrobat or Reader, the digital signature validation process may not occur.
*Note: You can adjust the default PDF open behavior on your computer to open in the Adobe software instead of the browser. Each browser has its own settings to control how PDFs open from a web page. Follow these instructions for your specific browser to change the display settings.
When GPO signs and certifies a document, a blue ribbon icon appears right beneath the top navigation menu and also in the Signature Panel within Adobe Acrobat or Reader. When users print a document that has been signed and certified by GPO, the Seal of Authenticity will automatically print on the document, but the ribbon will not print.
How do I highlight or add comments to PDF documents that have been digitally signed?
There is a workaround that will allow you to annotate digitally signed PDFs by printing as an Adobe PDF to create a new PDF file that can be annotated.
- Open the PDF file in either Adobe Acrobat or Reader *Note: Make sure to open the file using the Adobe software and not in your web browser (Internet Explorer, Chrome, etc.)
- Once the file is open in the Adobe software, go to the top menu, click "File" then click "Print." A screen will pop up with print options. In this screen, click the dropdown box next to Printer and select "Adobe PDF." Click the dropdown box next to Comments & Forms and select “Document” (instead of “Document and Markups.”)
- Click "Print." You will then be able to Save the file with a different file name than the original or to a different location on your computer. You will be able to highlight and add comments to this new file.
Note: The new files created using this method will still display the GPO Seal of Authenticity, but will no longer be digitally signed.
I want to quote a digitally signed and certified PDF document I downloaded from govinfo. Do I have to retype the text?
Users can select text from a digitally signed and certified PDF file, then copy and paste it into a new document. The digital signature will not be transferred with the text.
What are validation icons?
Validation icons appear in Adobe Acrobat or Reader to notify users of the content's validity status. These are several icons that are used by Adobe to convey information about digital signatures:
What certificate information should I expect to see in a file digitally signed and certified by GPO?
A PDF file that has been digitally signed and certified by GPO should include the following information:
Document certification is valid, signed by Superintendent of Documents [email protected].
Reason for Signing: GPO attests that this document has not been altered since it was disseminated by GPO.
How can I tell if a signed and certified PDF file has been changed?
If the content of a PDF file certified by GPO is altered, the certification will be invalidated. Users will know this by the appearance of the yellow warning icon in the Adobe software.
If I save a digitally signed and certified PDF from govinfo on my own computer, is the signature still valid?
As long as the file is not changed, the electronic signature will remain valid. Users can save PDF files that have been digitally signed and certified by GPO for later use or email them to other users without affecting the digital signature.
I opened a digitally signed and certified document that I saved on my computer several weeks ago. How can I be sure it has not been corrupted?
You can check the validity of a signature at any time. To do so, open the document in Adobe Acrobat or Adobe Reader. Click the Signature Panel icon then click “Validate All” then “OK”. The software will run a validation check to see if the digital certificate used to sign the document is valid.
I have a PDF document that has been changed. Is there any way to see the signed version?
If changes are made to the signed version of a document, Adobe Acrobat and Reader provide the capability to view the signed version. To access this feature, Click the Signature Panel icon then select and expand the signature, and choose “Click to view this version.” If multiple versions are available, users will have the ability to select this option.
Can I see some examples of changed PDF files?
This file was signed, but not certified, and has been changed (PDF). You will notice the ribbon validation icon has been replaced with a yellow warning icon and you can see the signed version of the file.
Where can I get more help using digitally signed and certified PDF files?
Additional help information is available on Adobe’s website.
- Authentication definitions and acronyms (PDF)
- GPO Document Authentication Workshop - June, 18, 2010
- GPO Authentication Initiative Documentation
- Overview of GPO’s Authentication Program (PDF)- June 13, 2011
- Authenticity of Electronic Federal Government Publications (PDF)- June 13, 2011
- Final Authentication White Paper (PDF)- October 13, 2005
- Draft Authentication White Paper (PDF)- June 23, 2005
- Authentication Briefing Paper (PDF)- Spring 2005 DLC Meeting
- For Further Reading
- Introduction to Public Key Technology and Federal PKI Infrastructure (PDF) National Institute for Standards and Technology, 2001
- Electronic Authentication Guideline Recommendations of the National Institute of Standards and Technology (PDF) National Institute for Standards and Technology, 2011
- Status of Federal Public Key Infrastructure Activities at Major Federal Departments and Agencies (PDF) General Accountability Office, 2003
- Public Key Infrastructures - Federal PKI