WebAIM - Web Accessibility In Mind

E-mail List Archives

Thread: Re: Locking Document Content

for

Number of posts in this thread: 2 (In chronological order)

From: ED COHEN
Date: Mon, Dec 22 2003 1:45PM
Subject: Re: Locking Document Content
No previous message | Next message →

Hello Wayne,
We in my state are equally troubled and a bit skeptical of the basis for the security justification you mention. I wonder:
1. What makes them think that anyone with a scanner couldn't make a bogus version of their "secure" document?
2. How would the bogus document be distributed on the Web and have any credibility? Are they concerned about it being published from inside their system? If so, then this is an internal security issue, not a document security issue..

Check to be sure that they are using the proper security settings and that they are making the PDF with Acrobat 5.0 or greater. See Adobe's manual on page 25 on setting security. http://www.adobe.com/products/acrobat/pdfs/accessbooklet.pdf

Offering the document, as you recommended, in a non-PDF version is also a good idea.

Security and accessibility need not be mutually exclusive. Putting the PDF & Security Issue (myth?) to rest would help us all.
Ed

>>> = EMAIL ADDRESS REMOVED = 12/21/03 10:42:06 PM >>>
Help from anyone,

Currently the California State University System prints off all policies and
executive orders in PDF format. Lately they have even been setting all the
security options so tight that I can't use adaptive technology. Now, their
reason for behavior is a perceived need for security. They feel that some
nefarious agent might take online documents, change their content and
publish them as if they were official CSU documents. (I think that is the
worry. That seemed to be what they said.)

I sit on the CSU System Committee on Accessible Technology, so when I
suggested that all PDF documents, which are produced first by word
processors, be placed in standard markup format (HTML, XML, whatever) as
well as PDF format. The Chancellors Office people, especially the legal
people, seem to be very worried by this prospect. Now, I suggested that
they save all documents as in PDF and markup format, post both formats on
the web and simply state that the PDF format is the official document. Then
they could lock up the PDF document tight as a drum, and still have an
accessible document. This would work, but it would have the problem of
consistent versioning. That is, without care the official copy of a
document could be more up-to-date that the markup unofficial version -a
minor danger.

To be honest, I find the Chancellor's Office concerns a little excessive,
but they have much more power than me, so I must listen.

From: Jukka K. Korpela
Date: Tue, Dec 23 2003 1:06AM
Subject: Re: Locking Document Content
← Previous message | No next message

On Mon, 22 Dec 2003, ED COHEN wrote:

> Offering the document, as you recommended, in a non-PDF version is
> also a good idea.

From the accessibility point of view, it is a must. PDF format is not
accessible, period. No matter what the company that makes profit out of
Acrobat might say. Of course, some PDF variants are less inaccessible than
others. PDF as the only available format for a document also makes
"normal" people's life difficult. It is frustratingly common to click on
a link to a PDF document and see IE crash, perhaps crashing Windows too,
even when using the latest version of Acrobat Reader. And only a minority
knows things well enough to know that the common statement "you need to
have Adobe Acrobat Reader to view PDF files" is not true. Besides, the
better alternatives*) are not without flaws either.
*) Including those that let the user copy data from a "copy protected"
PDF document and print a "print protected" PDF document.

> Security and accessibility need not be mutually exclusive.

Unfortunately, they are often in conflict. But so are security and
usability. It has even been said that the product of security and
usability is constant. And surely security is maximal when usability is
absolute zero, i.e. nobody can use the system at all. But what we need
is reasonable compromises and adequate measures to help people with
disabilities to overcome the difficulties created by security
arrangements.

Anyone who thinks that the digital documents of a public institution need
to be copy protected at any cost (or with cost as big as all the
problems of PDF-alone format) is grossly misguided. So grossly that you
probably cannot make him understand but need to overrun his clueless
decisions by contacting his superiors, perhaps presenting expert
statements by both accessibility specialists and security specialists,
or asking that such expert advice will be ordered.

> Putting the PDF & Security Issue (myth?) to rest would help us all.

Indeed. It's worse than a myth; it creates a false impression of having
done something positive with security.

--
Jukka "Yucca" Korpela, http://www.cs.tut.fi/~jkorpela/


----
To subscribe, unsubscribe, suspend, or view list archives,
visit http://www.webaim.org/discussion/