Since ~2005 all EU countries have Electronic Signature legislation (1999/93/EC), later renewed as eIDAS (Regulation 910/2014).
It's 2021, companies are still scammed by fake PDF pretending to be an order by a German court, notable judiciary institution, sent with *no* digital signature at all, in a industry where these attacks are frequent π€·
100% agree but I still believe this is doable and not *that* hard on the UI level - browser vendors eventually managed to create a convincing UI for cert validation failures. The problem is that nobody is really expected to ignore unsigned PDFs sent by scammers to registrars.
@kravietz
Not only unsigned...
The browser should make a priority to push the signature into the user's face every time the file is opened. Otherwise, any signature will do to even prety experienced users.
@kravietz fun fact, germany now has a separate digital communication thingy for the legal system, called "beA", that only lawyers and courts are allowed to use. since it's rather complicated and many lawyers are afraid of technology, they often send the same document over beA, fax, and mail just to be sure. also, the system claimed to have end-to-end encryption, but doesn't.
https://de.m.wikipedia.org/wiki/Besonderes_elektronisches_Anwaltspostfach
OMG that looks very much like the nightmare solutions that Poland implemented back in ~2005 as part of the EU eSig Directive.
It was completely unusable with like ~10 incompatible solutions from different vendors, each of them with requirements like "Windows XP SP2 with ASP.NET 3.5" and still crashing frequently.
EU directive left quite a lot of choice in terms of implementation, and that was used in the worst possible way back then...
@kravietz
Digital signature is wayyy too abstract concept for an average user. Most people have no idea what it is, so how should they be able to check it's validity?
Not to mention, that most viewers do not make it a priority to inform the user about metadata like the signature...
This is a UI problem. And you know how much does an average programmer care about UI problems :AsukaSmug: