Schneier on Security

Didier Stevens • November 13, 2008 11:19 AM

@kangaroo: correct

Didier Stevens • November 13, 2008 12:00 PM

@clive Robinson Per Adobe's PDF Reference:

File identifiers are defined by the optional ID entry in a PDF file’s trailer dic-
tionary (see Section 3.4.4, “File Trailer”; see also implementation note 162 in
Appendix H). The value of this entry is an array of two byte strings. The first byte
string is a permanent identifier based on the contents of the file at the time it was
originally created and does not change when the file is incrementally updated.
The second byte string is a changing identifier based on the file’s contents at the
time it was last updated. When a file is first written, both identifiers are set to the
same value. If both identifiers match when a file reference is resolved, it is very
likely that the correct file has been found. If only the first identifier matches, a
different version of the correct file has been found.
To help ensure the uniqueness of file identifiers, it is recommend that they be
computed by means of a message digest algorithm such as MD5 (described in In-
ternet RFC 1321, The MD5 Message-Digest Algorithm; see the Bibliography), us-
ing the following information (see implementation note 163 in Appendix H):
• The current time
• A string representation of the file’s location, usually a pathname
• The size of the file in bytes
• The values of all entries in the file’s document information dictionary (see
Section 10.2.1, “Document Information Dictionary”)