José,Thank you for the information - this is very helpful. To the best of my understanding our project does not require _javascript_ support and from a security viewpoint, the fact that Evince doesn't try to implement is a good thing. I may need to become more familiar with the PDF/A standard so I can itemize better what parts we care about and not. On a separate note, I came across the GNU PDF Library yesterday; do you happen to know how this relates to Poppler? Are they completely separate things or is one a derivative of the other? Thanks again.Cheers!Marcus HodgesCheers!
Marcus Hodges
Principal Security Engineer
Security InnovationOn Thu, May 9, 2013 at 6:48 AM, jose aliste gmail com <jose aliste gmail com> wrote:
Hi,afaik there is no conformance test that we have passed or something like that. If PDF/A is strictly about forbidding some features in the viewer, then I don't think there is any code in evince to do that. That being said, the largest problem in security for PDF comes from _javascript_, and evince does not (and will not in the near future unless some-one steps in) implement _javascript_ support. About annotations, there is UI to list all annotations, but currently we don't support all annotation types, so the list might be incomplete for some files.GreetingsJoséOn Wed, May 8, 2013 at 5:23 PM, Marcus Hodges <mhodges securityinnovation com> wrote:
_______________________________________________Good afternoon. I'm looking for information on the current state of support for PDF/A by Evince (Poppler). Does anyone know where this might be documented or be able to speak to it directly? We are evaluating the use of Evince for our project. Thank you in advance for your time.Cheers!
Marcus Hodges
Principal Security Engineer
Security Innovation
evince-list mailing list
evince-list gnome org
https://mail.gnome.org/mailman/listinfo/evince-list