Obtaining a Person’s Certificate
An author can obtain a person’s certificate by:
Receiving the Certificate from the Intended Recipient
The recipient must have already obtained a certificate from a Certificate Authority such as Verisign or Thawte. You can ask the intended recipient to send you his certificate file as an e-mail attachment or via ftp, etc. The recipient uses thetool to create a .cer or .p7b file and sends that file to you.
Verifying the Certificate
You should not use a certificate unless it meets the following requirements:
- It has not expired.
- It was issued by a trusted certification authority (CA) such as Verisign or Thawte. Note that an organization can implement its own CA.
- It positively identifies the person you intend. Use the Windows certificate viewer to check trust and expiration.
You can direct File Encryption to use expired certificates with the key-in SIGNATURE TOGGLEEXPIREDCERTS.
File Protection and References
Each file is protected separately and carries its own set of licenses and rights. Therefore, a master file can be protected while references are not, or vice versa. To protect all files in a set, the author must protect each file individually. In turn this means when opening a file with references attached, a user must acquire a separate license for each reference.
Using certificate-based licenses is as easy for multiple files as for a single file. For password licenses, Bentley recommends that the author assign the same password to all files in a set. The author decides which rights the password should convey in each file individually. This allows the user to open an entire set of files with a single password.