ISO/TS 32004:2024 - Encrypted PDF 2.0 Integrity Protection Standard

Document management - Portable Document Format - Integrity protection in encrypted documents in PDF 2.0

This document specifies how to extend the ISO 32000-2:2020 specification by adding extensions to the Encrypt dictionary and trailer dictionary to provide integrity protection to the encrypted PDF document. This document also ensures that extensions are fully backward-compatible. These extensions are intended for developers of software that creates PDF files (PDF writers), software that reads existing PDF files and (usually) interprets their contents for display (PDF readers), software that reads and displays PDF content and interacts with the computer users to possibly modify and save the PDF file (interactive PDF processors) and PDF products that read and/or write PDF files for a variety of other purposes (PDF processors). NOTE PDF writers and PDF readers are more specialized classifications of interactive PDF processors and both are PDF processors. This document does not specify the following: - specific processes for converting paper or electronic documents to the PDF file format; - specific technical design, user interface implementation, or operational details of rendering; - specific physical methods of storing these documents such as media and storage conditions; - methods for validating the conformance of PDF files or PDF processors; - required computer hardware and/or operating system.

Gestion des documents — Format de document portable — Protection de l'intégrité dans les documents chiffrés en PDF 2.0

General Information

Status: Published
Publication Date: 25-Apr-2024

ICS: 35.240.30 - IT applications in information, documentation and publishing
: 37.100.99 - Other standards related to graphic technology

Technical Committee: ISO/TC 171/SC 2 - Document file formats, EDMS systems and authenticity of information
Drafting Committee: ISO/TC 171/SC 2 - Document file formats, EDMS systems and authenticity of information

Current Stage: 9092 - International Standard to be revised
Start Date: 12-May-2025
Completion Date: 13-Dec-2025

Overview

ISO/TS 32004:2024 - Document management - Portable Document Format - Integrity protection in encrypted documents in PDF 2.0 - defines a backward‑compatible extension to PDF 2.0 (ISO 32000‑2:2020) that adds integrity protection for encrypted PDF files. The technical specification introduces a Message Authentication Code (MAC) mechanism (a “PDF MAC token”) tied to the file encryption key so receivers can verify that encrypted content has not been tampered with. These extensions modify the Encrypt dictionary and the file trailer dictionary while remaining compatible with existing PDF readers and writers.

Key topics and requirements

PDF MAC tokens: A CMS-based structure that carries MAC information to authenticate encrypted revisions. The specification details where to locate MAC tokens in signed and unsigned revisions, how tokens encapsulate digests and attributes, and how to compute those digests.
Encrypt dictionary extensions: New entries (for example, KDFSalt) are added to the Encrypt dictionary. KDFSalt is a required 32‑byte salt when a document uses PDF MAC and is intended to persist across incremental updates.
Trailer / AuthCode dictionary: Additions specify how trailer dictionaries reference MAC tokens and indicate required token locations. A permission bit (bit 13) signals whether a PDF MAC token must appear in all revisions.
Key derivation and cryptography: The document references established cryptographic building blocks - HMAC (RFC 2104), HKDF (RFC 5869), CMS (RFC 5652), AES Key Wrap (RFC 3394), and related algorithm identifiers - for deriving MAC keys from the file encryption key and protecting those keys.
Backward compatibility: Extensions are defined so PDF processors that do not implement the extension can still read the document but may not verify integrity.

Applications and who uses it

Developers of PDF writers (creating encrypted PDFs) will implement KDFSalt generation, embed PDF MAC tokens, and set trailer entries.
Developers of PDF readers/interactive PDF processors will verify integrity by computing MAC digests and validating PDF MAC tokens.
Systems that archive, exchange, or distribute encrypted PDF documents (e.g., secure document workflows, e‑discovery, regulated archives) will benefit from authenticated encrypted content.
Security architects integrating encryption + integrity in document workflows will use this spec to complement digital signatures with symmetric‑key integrity checks.

Related standards

ISO 32000‑2:2020 (PDF 2.0)
RFC 2104 (HMAC), RFC 5869 (HKDF), RFC 5652 (CMS), RFC 3394 (AES Key Wrap), RFC 6211 (CMS attributes)
NIST Computer Security Objects Register (CSOR) for algorithm identifiers

ISO/TS 32004:2024 is essential for anyone implementing robust integrity protection in encrypted PDF 2.0 workflows, ensuring tamper detection tied to the file encryption key while maintaining compatibility with existing PDF tooling.

ISO/TS 32004:2024 - Document management — Portable Document Format — Integrity protection in encrypted documents in PDF 2.0
Released:26. 04. 2024 - Page 1 preview

Technical specification

ISO/TS 32004:2024 - Document management — Portable Document Format — Integrity protection in encrypted documents in PDF 2.0 Released:26. 04. 2024

English language

16 pages

sale 15% off

Preview

sale 15% off

Preview

Frequently Asked Questions

What is ISO/TS 32004:2024?

ISO/TS 32004:2024 is a technical specification published by the International Organization for Standardization (ISO). Its full title is "Document management - Portable Document Format - Integrity protection in encrypted documents in PDF 2.0". This standard covers: This document specifies how to extend the ISO 32000-2:2020 specification by adding extensions to the Encrypt dictionary and trailer dictionary to provide integrity protection to the encrypted PDF document. This document also ensures that extensions are fully backward-compatible. These extensions are intended for developers of software that creates PDF files (PDF writers), software that reads existing PDF files and (usually) interprets their contents for display (PDF readers), software that reads and displays PDF content and interacts with the computer users to possibly modify and save the PDF file (interactive PDF processors) and PDF products that read and/or write PDF files for a variety of other purposes (PDF processors). NOTE PDF writers and PDF readers are more specialized classifications of interactive PDF processors and both are PDF processors. This document does not specify the following: - specific processes for converting paper or electronic documents to the PDF file format; - specific technical design, user interface implementation, or operational details of rendering; - specific physical methods of storing these documents such as media and storage conditions; - methods for validating the conformance of PDF files or PDF processors; - required computer hardware and/or operating system.

What is the scope of ISO/TS 32004:2024?

What ICS categories does ISO/TS 32004:2024 belong to?

ISO/TS 32004:2024 is classified under the following ICS (International Classification for Standards) categories: 35.240.30 - IT applications in information, documentation and publishing; 37.100.99 - Other standards related to graphic technology. The ICS classification helps identify the subject area and facilitates finding related standards.

How can I purchase ISO/TS 32004:2024?

You can purchase ISO/TS 32004:2024 directly from iTeh Standards. The document is available in PDF format and is delivered instantly after payment. Add the standard to your cart and complete the secure checkout process. iTeh Standards is an authorized distributor of ISO standards.

Standards Content (Sample)

ISO/TS 32004:2024 - Document m...

Technical
Specification
ISO/TS 32004
First edition
Document management — Portable
2024-04
Document Format — Integrity
protection in encrypted documents
in PDF 2.0
Gestion des documents — Format de document portable —
Protection de l'intégrité dans les documents chiffrés en PDF 2.0
Reference number
© ISO 2024
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on
the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below
or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii
Contents Page
Foreword .iv
Introduction .v
1 Scope . 1
2 Normative references . 1
3 Terms and Definitions . 2
4 Extension schema details . 3
5 Proposed changes . 3
5.1 Encrypt dictionary .3
5.1.1 Additions to ISO 32000-2:2020, 7.6.2 .3
5.1.2 Additions to ISO 32000-2:2020, 7.6.4.2 .3
5.1.3 Additions to ISO 32000-2:2020, 7.6.5.2 .4
5.2 File trailer .4
5.2.1 Additions to ISO 32000-2:2020, 7.5.5 .4
5.2.2 Additions to ISO 32000-2:2020, 7.6.2 .4
5.2.3 AuthCode dictionary .4
6 Composing PDF MAC tokens. 6
6.1 General .6
6.2 PdfMacIntegrityInfo data type .6
6.3 CMS structure of a PDF MAC token .6
6.3.1 General .6
6.3.2 Encapsulated content info of a PDF MAC token .6
6.3.3 Recipient info object, MAC key generation and key encryption .6
6.3.4 Digest algorithm identification .7
6.3.5 MAC algorithm identification.7
6.3.6 Authenticated attributes .7
6.3.7 Unauthenticated attributes .8
6.4 Key derivation function .8
6.5 Location of PDF MAC tokens.9
6.5.1 Location of a PDF MAC token in an unsigned revision .9
6.5.2 Location of a PDF MAC token in a signed revision .9
6.6 Computing the digests in a PDF MAC token .9
6.6.1 General .9
6.6.2 PDF MAC digests in unsigned revisions .10
6.6.3 PDF MAC digests in signed revisions .10
Annex A (informative) ASN.1 module for PDF MAC .11
Annex B (informative) Validation of document integrity using PDF MAC .12
Annex C (informative) Examples . 14
Bibliography .16

iii
Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards
bodies (ISO member bodies). The work of preparing International Standards is normally carried out through
ISO technical committees. Each member body interested in a subject for which a technical committee
has been established has the right to be represented on that committee. International organizations,
governmental and non-governmental, in liaison with ISO, also take part in the work. ISO collaborates closely
with the International Electrotechnical Commission (IEC) on all matters of electrotechnical standardization.
The procedures used to develop this document and those intended for its further maintenance are described
in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the different types
of ISO document should be noted. This document was drafted in accordance with the editorial rules of the
ISO/IEC Directives, Part 2 (see www.iso.org/directives).
ISO draws attention to the possibility that the implementation of this document may involve the use of (a)
patent(s). ISO takes no position concerning the evidence, validity or applicability of any claimed patent
rights in respect thereof. As of the date of publication of this document, ISO had not received notice of (a)
patent(s) which may be required to implement this document. However, implementers are cautioned that
this may not represent the latest information, which may be obtained from the patent database available at
www.iso.org/patents. ISO shall not be held responsible for identifying any or all such patent rights.
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and expressions
related to conformity assessment, as well as information about ISO's adherence to the World Trade
Organization (WTO) principles in the Technical Barriers to Trade (TBT), see www.iso.org/iso/foreword.html.
This document was prepared by Technical Committee ISO/TC 171, Document management applications,
Subcommittee SC 2, Document file formats, EDMS systems and authenticity of information.
Any feedback or questions on this document should be directed to the user’s national standards body. A
complete listing of these bodies can be found at www.iso.org/members.html.

iv
Introduction
When encrypting documents, it is important to not only preserve the confidentiality of the encrypted
material, but also to ensure that the receiving party can verify its integrity. Encryption mechanisms defined
in ISO 32000-2:2020 currently only provide confidentiality without this authentication aspect.
This document describes a mechanism to protect the integrity of an encrypted PDF document using a
Message Authentication Code (MAC), with key material derived from the file encryption key. Message
authentication codes are distinct from digital signatures based on public-key cryptography. Digital
signatures and message authentication codes have different but complementary security properties: a
valid MAC created following this document proves knowledge of the file encryption key, whereas digital
signatures as defined in ISO 32000-2:2020 do not have that property.
The MAC mechanism described in this document is backwards compatible with ISO 32000-2:2020 and can
also be used in PDF documents containing digital signatures.
This document follows the lexical conventions regarding the usage of bold and italics which are specified in
ISO 32000-2:2020, Clause 4.
v
Technical Specification ISO/TS 32004:2024(en)
Document management — Portable Document Format —
Integrity protection in encrypted documents in PDF 2.0
1 Scope
This document specifies how to extend the ISO 32000-2:2020 specification by adding extensions to the
Encrypt dictionary and trailer dictionary to provide integrity protection to the encrypted PDF document.
This document also ensures that extensions are fully backward-compatible.
These extensions are intended for developers of software that creates PDF files (PDF writers), software
that reads existing PDF files and (usually) interprets their contents for display (PDF readers), software that
reads and displays PDF content and interacts with the computer users to possibly modify and save the PDF
file (interactive PDF processors) and PDF products that read and/or write PDF files for a variety of other
purposes (PDF processors).
NOTE PDF writers and PDF readers are more specialized classifications of interactive PDF processors and both
are PDF processors.
This document does not specify the following:
— specific processes for converting paper or electronic documents to the PDF file format;
— specific technical design, user interface implementation, or operational details of rendering;
— specific physical methods of storing these documents such as media and storage conditions;
— methods for validating the conformance of PDF files or PDF processors;
— required computer hardware and/or operating system.
2 Normative references
The following documents are referred to in the text in such a way that some or all of their content constitutes
requirements of this document. For dated references, only the edition cited applies. For undated references,
the latest edition of the referenced document (including any amendments) applies.
ISO 32000-2:2020, Document management — Portable document format — Part 2: PDF 2.0
1)
IETF RFC 2104, HMAC: Keyed-Hashing for Message Authentication. [online]. 1997.
IETF RFC 4231, Identifiers and Test Vectors for HMAC-SHA-224, HMAC-SHA-256, HMAC-SHA-384, and HMAC-
2)
SHA-512. [online]. 2005
3)
IETF RFC 3394, Advanced Encryption Standard (AES) Key Wrap Algorithm. [online]
4)
IETF RFC 5652:2009, Cryptographic Message Syntax (CMS). [online]. 2009
5)
IETF RFC 5869, HMAC-based Extract-and-Expand Key Derivation Function (HKDF). [online]. 2010
1) https:// tools .ietf .org/ html/ rfc2104 .html
2) https:// tools .ietf .org/ html/ rfc4231 .html
3) https:// tools .ietf .org/ html/ rfc3394 .html
4) https:// tools .ietf .org/ html/ rfc5652 .html
5) https:// tools .ietf .org/ html/ rfc5869 .html

6)
IETF RFC 6211, Cryptographic Message Syntax (CMS): Algorithm Identifier Protection Attribute. [online]. 2011
7)
NIST Computer Security Objects Register (CSOR). [online]. 2009.
3 Terms and Definitions
For the purposes of this document, the following terms and definitions apply.
ISO and IEC maintain terminology databases for use in standardization at the following addresses:
— ISO Online browsing platform: available at https:// www .iso .org/ obp
— IEC Electropedia: available at https:// www .electropedia .org/
3.1
PDF
Portable Document Format
file format defined by ISO 32000-2:2020
3.2
MAC
Message Authentication Code
cryptographic check sum on data that uses a symmetric key to detect both accidental and intentional
modification of data
[SOURCE: ISO 16609:2022, 3.10]
3.3
file encryption key
key used for document-level encryption by a PDF security handler of version 5 or higher
Note 1 to entry: General provisions about PDF security handlers can be found in ISO 32000-2:2020, 7.6.3.
Note 2 to entry: Extensions to PDF can define security handlers other than those specified in ISO 32000-2:2020. File
encryption keys defined by such security handlers are also covered by this definition.
3.4
signed revision
initial or incremental revision of a PDF (3.1) file that adds a digital signature or document time stamp
signature to the document
3.5
unsigned revision
initial or incremental revision of a PDF (3.1) file that does not add a digital signature or document time
stamp signature to the document
Note 1 to entry: A PDF document can contain both signed and unsigned revisions.
3.6
Abstract Syntax Notation One
ASN.1
International Standard for representing data types and structures
Note 1 to entry: The encoding rules for this abstract syntax notation are defined in ISO/IEC 8825-1.
[SOURCE: ISO 17261:2012, 3.5, modified — ISO/IEC 8825-2 has been replaced by ISO/IEC 8825-1 in the Note
1 to entry.]
6) https:// tools .ietf .org/ html/ rfc6211 .html
7) https:// csrc .nist .gov/ projects/ computer -security -objects -register

3.7
distinguished encoding rules
DER
encoding rules that may be applied to values of types defined using the ASN.1 (3.6) notation
[SOURCE: ISO/IEC 18014-2:2021, 3.22, modified — note 1 to entry has been removed]
3.8
hashed message authentication code
HMAC
mechanism for message authentication using a cryptographic hash function in combination with a shared
secret key
Note 1 to entry: This definition has been adapted from RFC 2104.
4 Extension schema details
The developer extensions dictionary in Table 1 shall be part of the document’s extensions dictionary
(ISO 32000-2:2020, 7.12). It shall be included as an array entry under the ISO_ prefix.
Encrypted PDF documents making use of the extension specified in this document shall conform to
ISO 32000-2:2020.
Table 1 — Extension schema entries
Key Type Value
Type name DeveloperExtensions
BaseVersion name 2.0
ExtensionLevel integer 32004
ExtensionRevision text string :2024
NOTE The COLON (U+003A) character is part of the revision identifier.
URL string https:// www .iso .org/ standard/ 45877 .html
NOTE Per ISO 32000-2:2020, 7.6.2, as modified by 5.2.2 in this document, the values of the ExtensionRevision
URL entries are serialized in encrypted form. Table 1 lists the unencrypted values of those entries.
5 Proposed changes
5.1 Encrypt dictionary
5.1.1 Additions to ISO 32000-2:2020, 7.6.2
The content of Table 2 is appended to ISO 32000-2:2020, Table 20.
Table 2 — Additions to ISO 32000-2:2020, Table 20
Key Type Value
KDFSalt byte string (Conditionally required; shall be a direct object) A 32-byte salt value
for use in key derivation (see 6.4).
This entry is required in documents that make use of PDF MAC.
NOTE The value of the KDFSalt entry is intended to remain constant throughout all incremental updates of the
document.
5.1.2 Additions to ISO 32000-2:2020, 7.6.4.2
The content of Table 3 is appended to ISO 32000-2:2020, Table 22.

Table 3 — Additions to ISO 32000-2:2020, Table 22
Bit position Meaning
13 When zero, indicates that a PDF MAC token is required to be present in all revisions of
the document.
The location of the PDF MAC token is indicated by the AuthCode dictionary (see 5.2.3).
NOTE 1 This addition supersedes the provision of ISO 32000-2:2020, 7.6.4.2 requiring that PDF readers ignore all
flags other than those at bit positions 3, 4, 5, 6, 9, 10, 11 and 12.
NOTE 2 The intention behind this permission bit is to signal to a PDF processor reading the document that a PDF
MAC token is expected. The encrypted Perms entry provides a degree of tamper-resistance and helps to protect the
document against attackers stripping the MAC. This protection is not without limitations: unless bit 13 is zero in all
revisions, it can be trivially bypassed by a knowledgeable adversary.
5.1.3 Additions to ISO 32000-2:2020, 7.6.5.2
The content of Table 4 is appended to ISO 32000-2:2020, Table 24.
Table 4 — Additions to ISO 32000-2:2020, Table 24
Bit position Meaning
13 When zero, indicates that a PDF MAC token is required to be present in all revisions of
the document.
The location of the PDF MAC token is indicated by the AuthCode dictionary (see 5.2.3).
NOTE This addition supersedes the provision of ISO 32000-2:2020, 7.6.5.2 requiring that PDF readers ignore all
flags other than those at bit positions 2, 3, 4, 5, 6, 9, 10, 11 and 12.
5.2 File trailer
5.2.1 Additions to ISO 32000-2:2020, 7.5.5
The content of Table 5 is appended to ISO 32000-2:2020, Table 15.
Table 5 — Additions to ISO 32000-2:2020, Table 15
Key Type Value
AuthCode dictionary (Required if the document is encrypted with user access permissions bit 13 zero.
Shall be a direct object; PDF 2.0) Describes a PDF MAC token to validate the
integrity of an encrypted document (see 5.2.3).
If present, the value of the V entry in the document’s Encrypt dictionary shall
be at least 5.
5.2.2 Additions to ISO 32000-2:2020, 7.6.2
The following entry is added to the bulleted list in ISO 32000-2:2020, 7.6.2.
— Any byte strings representing the value of the MAC key in an AuthCode dictionary.
NOTE This prevents strings containing PDF MAC tokens from being encrypted.
5.2.3 AuthCode dictionary
The AuthCode dictionary, defined in Table 6, contains a PDF MAC token or describes where to find it. All
AuthCode dictionary entries defined below shall be direct objects, with the exception of the SigObjRef entry.

Table 6 — Entries in an AuthCode dictionary
Key Type Value
MACLocation name (Required; shall not be an indirect reference) Indicates where to
find the PDF MAC token (see 6.5). The following values are
defined:
— Standalone: The DER-encoded PDF MAC token is given by the
value of the MAC entry.
— AttachedToSig: The PDF MAC token is an unsigned attribute
on a digital signature, contained in the signature dictionary
referenced by the SigObjRef entry.
Any other values shall be second-class names
(see ISO 32000-2:2020, Annex E).
ByteRange array (Conditionally required; shall not be an indirect reference) An array
of four nonnegative integers describing the exact byte range over
which to compute the document digest.
This entry shall be present if MACLocation is Standalone. If
MACLocation is AttachedToSig, this entry shall not be present.
The first array element shall be zero.
If the byte range is given by [0, L1, S, L2], then the document di-
gest is computed by hashing L1 bytes starting from position 0 in
the PDF file, followed by L2 bytes starting from position S in the
PDF file. The uncovered region in between shall be occupied by
the value of the MAC entry. In particular, S shall always be greater
than L1.
NOTE 1 This definition is (mutatis mutandis) the same as that of
the ByteRange entry in a signature dictionary
(see ISO 32000-2:2020, 12.8.1, Table 255).
MAC byte string (Conditionally required; shall not be an indirect reference) If MAC-
Location is Standalone, the value of this entry shall be a
DER-encoded PDF MAC token, encoded as a hexadecimal byte
string object. Space for the MAC string shall be allocated
before it is computed.
The first byte of the allocated region shall be a LESS-THAN SIGN
(3Ch), the final byte shall be a GREATER-THAN SIGN (3Eh) and
the sequence of bytes in between shall consist of hexadecimal
digits representing the DER-encoded PDF MAC token, free of any
trailing data.
NOTE 2 This provision is stricter than the general syntax require-
ments for hexadecimal strings in ISO 32000-2:2020, 7.3.4.3, which
permit white space characters and allow the final digit of the
string to be dropped if it equals zero. These conventions do not
apply to PDF MAC tokens.
If MACLocation is AttachedToSig, this entry shall not be present.
SigObjRef indirect reference (Conditionally required) If MACLocation is AttachedToSig, this
entry shall be an indirect reference to the dictionary containing
the signature on which the PDF MAC token appears as an
unsigned attribute.
If MACLocation is Standalone, this entry shall not be present.
NOTE 3 It can be useful to contrast the lack of padding in the M
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

Loading comments...

ISO/TS 32004:2024は、PDF 2.0における暗号化文書の整合性保護に関する標準規格であり、その範囲はISO 32000-2:2020の規格を拡張し、Encrypt辞書およびトレーラ辞書に対して整合性保護を提供するための拡張機能を追加することに特化しています。この標準は、PDFドキュメントの暗号化に関する重要な要素を扱い、特に開発者がPDFファイルを作成や利用する際の整合性を確保する手助けとなります。この文書の強みは、拡張機能が従来のPDFフォーマットとの完全な後方互換性を保ったまま設計されている点です。これにより、PDFを扱うソフトウェア（PDFライターやPDFリーダー）の開発者が、既存のシステムに対して容易に新機能を組み込むことが可能となり、業界全体にとって大きな利点となります。また、インタラクティブPDFプロセッサやさまざまなPDF処理製品においても、整合性が確保された信頼性の高い文書管理が実現されます。 ISO/TS 32004:2024は、特定の文書の変換プロセスや物理的な保存方法等については記載していませんが、これによりユーザーは余計な情報に悩まされることなく、必要な機能に集中できる構造となっています。このため、開発者は自らのニーズに合わせた具体的な実装を行える柔軟性を持ちながら、標準的な整合性保護の枠組みを利用することができます。このように、ISO/TS 32004:2024は、PDFドキュメントの暗号化と整合性保護において、業界標準の一翼を担う非常に関連性の高い文書となっています。そのため、PDF処理の開発者や関連企業にとって、必須の参考資料となるでしょう。

ISO/TS 32004:2024는 PDF 2.0에서 암호화된 문서의 무결성 보호를 위한 문서 관리 표준으로서, ISO 32000-2:2020 사양을 확장하는 방법을 명확히 제시합니다. 이 표준은 Encrypt 사전 및 트레일러 사전에 추가 사항을 통해 암호화된 PDF 문서의 무결성을 확보하도록 설계되었습니다. 이러한 확장은 PDF 파일을 생성하는 소프트웨어(PDF 작성기), 기존 PDF 파일을 읽고 내용을 표시하는 소프트웨어(PDF 읽기기), 사용자가 PDF 파일을 수정하고 저장할 수 있도록 상호작용하는 소프트웨어(상호작용 PDF 처리기) 및 다양한 목적을 위해 PDF 파일을 읽고 쓰는 PDF 제품에 대한 개발자들에게 유용합니다. 이 표준의 강점은 완전한 하위 호환성을 보장함으로써 기존 PDF 파일 처리 시스템과의 통합을 용이하게 한다는 점입니다. 이는 개발자들이 새로운 기능을 도입하면서도 기존 환경과의 호환성을 유지할 수 있도록 지원합니다. 또한, 다양한 PDF 프로세서가 이 표준을 따라 개발되어, PDF 처리의 통일성과 효율성을 높일 수 있는 기반이 마련됩니다. ISO/TS 32004:2024는 특히 보안성과 데이터 무결성이 중요한 환경에서 PDF 파일을 처리하는 데 중요한 역할을 할 것으로 기대됩니다. 이를 통해 문서 관리의 신뢰성을 증가시키고 다양한 산업에서의 PDF 사용을 더욱 원활하게 하는 데 기여할 것입니다. 이러한 특성들로 인해 이 표준은 문서 관리와 그리고 PDF 파일의 무결성을 중시하는 전문가들에게 있어 매우 중요한 참조 문서로 자리잡을 것입니다.

Die ISO/TS 32004:2024 ist ein wesentlicher Standard im Bereich des Dokumentenmanagements, der sich auf das Portable Document Format (PDF) konzentriert, insbesondere auf den Schutz der Integrität in verschlüsselten Dokumenten gemäß PDF 2.0. Der Dokumentenstandard bietet eine klare Erweiterung der bestehenden ISO 32000-2:2020-Spezifikation, indem er spezifische Erweiterungen für das Encrypt-Dictionary und das Trailer-Dictionary einführt, die darauf abzielen, eine Integritätsprüfung für verschlüsselte PDF-Dokumente sicherzustellen. Ein herausragendes Merkmal der ISO/TS 32004:2024 ist die vollständige Rückwärtskompatibilität der Erweiterungen. Dies ermöglicht Entwicklern, bestehende Softwarelösungen, sei es PDF-Writer, PDF-Reader oder interaktive PDF-Prozessoren, effizient anzupassen, ohne dass umfassende Änderungen an bestehenden Systemen erforderlich sind. Die praktische Relevanz des Standards liegt in seiner Zielgruppe, die Softwareentwickler umfasst, die mit PDFs arbeiten, sowie Unternehmen, die PDF-Dateien für verschiedene Zwecke verarbeiten und speichern. Die Standardisierung bietet eine klare Richtlinie für die Implementierung von Integritätsmechanismen in verschlüsselten PDF-Dokumenten, was die Datensicherheit und Verlässlichkeit erhöht. Zudem stärkt sie die Vertrauenswürdigkeit von PDF-Dateien in einem zunehmend digitalen Umfeld, in dem Datenintegrität von höchster Bedeutung ist. Die ISO/TS 32004:2024 ist somit nicht nur technisch durchdacht, sondern auch von großer Bedeutung für die Weiterentwicklung von PDF-Anwendungen, da sie die Grundlage für sichere, interoperable digitale Dokumente schafft und Entwicklern die Werkzeuge an die Hand gibt, um effektive Lösungen zu realisieren.

La norme ISO/TS 32004:2024 s'inscrit dans le cadre de la gestion des documents, avec un accent particulier sur le format Portable Document Format (PDF) et la protection de l'intégrité des documents chiffrés dans le PDF 2.0. Son objectif est de spécifier comment étendre les spécifications de l'ISO 32000-2:2020 en ajoutant des extensions aux dictionnaires Encrypt et trailer, garantissant ainsi une protection de l'intégrité des documents PDF chiffrés. La force principale de cette norme réside dans sa compatibilité descendante complète, permettant aux développeurs de logiciels, tels que ceux qui créent des fichiers PDF (PDF writers) et ceux qui lisent et interprètent leur contenu (PDF readers), d'adopter ces nouvelles extensions sans compromettre leurs systèmes existants. Cela favorise l'interopérabilité et l'adoption généralisée de standards éprouvés, tout en apportant des améliorations nécessaires dans la sécurité des documents numériques. De plus, la norme met l'accent sur une large gamme d'applications, incluant non seulement les logiciels interagissant directement avec les fichiers PDF, mais aussi les produits qui lisent et/ou écrivent des fichiers PDF pour divers usages. Cela élargit son champ d'application et souligne son importance dans le domaine de la gestion de documents numériques. Il est également important de noter que la norme n'inclut pas certaines spécificités, comme les processus de conversion de documents ou les détails de conception technique. Cela contribue à la clarté de son application, en évitant des complexités inutiles et en permettant aux développeurs de se concentrer sur l'intégration de la protection de l'intégrité dans leurs produits PDF. En somme, l'ISO/TS 32004:2024 représente une avancée significative pour la sécurité et l'intégrité des documents PDF, renforçant ainsi la confiance des utilisateurs et des professionnels dans l'utilisation de ce format largement employé dans le monde numérique.

ISO/TS 32004:2024 is a pivotal standard that enhances the framework established by ISO 32000-2:2020 regarding the Portable Document Format (PDF). The document's primary scope is to detail extensions to the Encrypt dictionary and trailer dictionary, thereby providing a robust integrity protection mechanism for encrypted PDF documents. This standard is particularly relevant for developers engaged in creating PDF files, as it outlines how to ensure that these extensions maintain backward compatibility, a crucial aspect for users dealing with existing PDF documents. One of the significant strengths of this standard is its comprehensive approach to addressing the needs of various stakeholders in the PDF ecosystem. It caters not only to PDF writers but also encompasses PDF readers and interactive PDF processors, ensuring that a wide array of software tools can effectively implement the integrity protection measures specified. This inclusivity promotes a more secure environment for document handling, which is increasingly vital in today's digital landscape. Moreover, ISO/TS 32004:2024 stands out by clearly delineating what it does not cover, such as conversion processes, user interface details, and physical storage methods. This precision in scope helps developers and users focus on the integrity protection aspects without getting sidetracked by ancillary issues. Consequently, the standard reinforces the integrity of encrypted PDF documents while encouraging innovation in PDF processing technologies. Overall, the relevance of ISO/TS 32004:2024 is underscored by its alignment with current needs for security and integrity in document management. Its focus on standardization in the evolving context of PDF technology makes it a critical resource for professionals in the field.