Pdf signature

0. Signature appearance add/edit by "Edit -> Preferences-> Security -> Appearance" in Acrobat

1. Filter/subfilter of signature dictionary in pdf file :
pkcs#7: adbe.pkcs7.detached , adbe.pkcs7.sha1,
pkcs#1: adbe.x509.rsa.sha1
adbe.x509.rsa.sha1 is  not recommended?

"detached" means signature value and data are separated?

".sha1"  is not required to be SHA1!?

"...
The SHA1 in the name is misleading as you can use other hash functions, depending on ....
For example, for true PDF/A-1 compatibility you should not use SHA256 since it didn't exist in PDF 1.4 (on which PDF/A-1 is based)
..."


2. 針對同一份文件同一個版本 賦予多個簽章 e.g. 股長 主任 處長 協理 ...
"...
The normal way to do this would be to have multiple SignerInfo's inside a single signature - this is called parallel signatures. PDF, however, does not support this - and in fact, ETSI TS 102778 (PAdES) explicitly forbids it. 
..."


"...
Parallel signatures in the PDF context are realized using serial signatures, an acceptable solution as long as the document isn't to be signed sumultaneously at the same time by different persons.

..."

"...
 ETSI/ESI STF364 is going to be working on the “parallel signatures problem” during Phase 3 of their work. The current thoughts to address the problem revolve around the use of multiple signerInfos inside of a single PKCS#7 block, just as it is done in CAdES.

..."


"...
Instead of inventing the wheel time and time again, simply reserving enough space for a signature container containing multiple signerInfo blocks sounds most reasonable.

..."


[ref]
http://learn.adobe.com/wiki/download/attachments/52658564/samplesignatures.pdf?version=1
http://forums.adobe.com/thread/530277?tstart=0

http://stackoverflow.com/questions/1807432/signing-pdf-multiple-signatures-with-a-single-revision

http://itext-general.2136553.n4.nabble.com/Uncommon-ByteRange-entry-in-signature-dictionary-td2168822.html#a2168822

http://itext-general.2136553.n4.nabble.com/Multiple-signatures-and-multiple-revisions-td2171996.html#a2171996