There are many times I create a PDF (Portable Document Format) file. I do so when I want to send or give someone a document that is portable and that can reproduce the desired output upon print. I find that it's also a good way to preserve a document. But I realized that even though I may share a PDF file with others, that doesn't prevent it from being modified or replaced. This was more of a concern at my work as we save certain e-mails as PDFs to retain information relating to a project.
I desired to be able to sign my PDFs like an e-mail so that it can be clearly noted that it hadn't changed. Or if it did, it wouldn't have my key signature. So I started looking around to see if it was possible. I knew I had heard of code signing but I wasn't sure if it was possible to sign PDFs with a private key.
After searching, I did find that PDFs could be signed but there were programs that could be bought to do it. I was hoping to find something free and after a little patience, I came across JSignPdf. I found that it is a open-source project that runs on Java. It takes a private key in the PKCS12 format (among other formats and from the computer's store) and uses it create a new PDF that is signed.
After trying it out a bit, I found another important feature that it sported: the ability to timestamp from a timestamp server. There are servers dedicated to keeping a clock and a signature so that when a document is signed, it can be timestamp with a time from a trusted server that tells what time the document was signed. One timestamp URL that I have used and that is trusted from Adobe's point of view is from GlobalSign:
Though I was unable to get a free PDF signing certificate that naturally validates in Adobe Reader, I still sign my PDFs with my free e-mail public key. It does show a warning, but at least it shows that it has been signed and timestamped.