Abstract: Methods and apparatus, including computer program products, implementing and using techniques for document authentication. An electronic document is presented to a user. The electronic document has data representing a signed state and a current state. A disallowed difference between the signed state and the current state is detected, based on one or more rules that are associated with the electronic document. A digital signature associated with the electronic document is invalidated in response to the detecting.

Abstract: Methods and apparatus for creating a license defining permissions to use electronic content. The methods include selecting a plurality of habitat types, each an aspect of a user environment to which a license can be bound; determining one or more habitat values and relations for each selected type; and creating a license to use the electronic content, the license including an and or logic expression of habitat terms, each term containing one of the selected types and its set of corresponding values and relations.

Abstract: A security component may be associated with a network-enabled application. The security component may initiate the display of an embedded region of a window drawn according to display information received from a relying party. The security component may define at least a portion of the appearance of the embedded region; the relying party may not define this portion. The security component may send the address of the relying party to a reputation service and query the reputation service about the reputation of the relying party. The reputation service may return reputation information about the relying party. The security component may display an indication of the relying party's reputation. If the reputation information indicates the relying party is reputable, the security component will allow the network-enabled application to exchange information with the relying party. Otherwise, the component may not allow the network-enabled application to exchange data with the relying party.

Abstract: A security component may be associated with a network-enabled application. The network-enabled application may request access to restricted content from a relying party (e.g., web site). The security component associated with the network-enabled application may receive authentication policy information from the relying party and send a user's authentication credentials to an assertion provider to authenticate the credentials. The relying party may trust the assertion provider to authenticate user credentials. Upon successful authentication, the assertion provider may return an assertion token to the security component and the security component may sign the assertion token as specified in the authentication policy information. Subsequently, the security token may forward the signed assertion token to the relying party and the relying party may grant access to the restricted content.

Abstract: A security component may be associated with a network-enabled application. The security component may initiate the display of an embedded region of a window drawn according to display information received from a relying party. The security component may define at least a portion of the appearance of the embedded region; the relying party may not define this portion. The embedded region may include customization information configured by a user, and “Card” information received from an assertion provider, indicating how to authenticate user credentials in order to gain access to relying party restricted content. The security component may request authentication of user credentials from the assertion provider, which may be trusted by the relying party. The security component may receive an assertion token from the assertion provider indicating the credentials are authentic. The security component may forward the assertion token to the relying party to gain access to the restricted content.

Abstract: A security component may be associated with a network-enabled application. The security component may access a secure store, which may include customization information, which may include one or more graphical user interface customizations defined by a user, and one or more instances of card information. The card information may specify how to authenticate a user's credentials to access a relying party (e.g., web site). The security component may initiate the display of an embedded region of a window drawn by the network-enabled application. At least a part of the appearance of the embedded region of the window may be defined according to the customization information and not by the relying party. The embedded region may provide a user interface for determining user authentication credentials. The customization information and the one or more instances of card information may not be accessible to the relying party.

Abstract: Methods and apparatus, including computer program products, implementing and using techniques for establishing trust in an electronic document. An electronic document is received. State dependent content in the electronic document is identified. The state dependent content is content that is renderable to have a several appearances. The electronic document is presented to a user, which includes disclosing the presence of any identified state dependent content in the electronic document.

Abstract: Methods and apparatus, including computer program products, implementing and using techniques for establishing trust in an electronic document. An electronic document is received. State dependent content in the electronic document is identified. The state dependent content is content that is renderable to have a several appearances. The electronic document is presented to a user, which includes disclosing the presence of any identified state dependent content in the electronic document.

Abstract: A security component may be associated with a network-enabled application. The security component may initiate the display of an embedded region of a window drawn according to display information received from a relying party. The security component may define at least a portion of the appearance of the embedded region; the relying party may not define this portion. The embedded region may include customization information configured by a user, and “Card” information received from an assertion provider, indicating how to authenticate user credentials in order to gain access to relying party restricted content. The security component may request authentication of user credentials from the assertion provider, which may be trusted by the relying party. The security component may receive an assertion token from the assertion provider indicating the credentials are authentic. The security component may forward the assertion token to the relying party to gain access to the restricted content.

Abstract: Methods and apparatus, including computer program products, implementing and using techniques for signing an electronic document, including establishing an electronic signature appearance for an electronic signature, determining a bounding region on the electronic document for the display of the electronic signature appearance, at the time of signing an electronic document, previewing the electronic signature appearance in the bounding region and signing the electronic document with an electronic signature, the electronic signature associated with the electronic signature appearance. The electronic signature appearance can be configured at the time of signing the electronic document.

Abstract: Methods and apparatus, including computer program products, implementing and using techniques for digital rights management. In one aspect, a method is provided. The method includes receiving an electronic document, where the electronic document includes one or more content items, a set of usage rights defining one or more features to be enabled when the document is read by an electronic document reader, and a stored representation. The method further includes generating a representation of invariant content items of the electronic document, comparing the generated representation with the stored representation, and enabling features corresponding to the set of usage rights in the electronic document only if the generated representation and the stored representation are identical, where the features are features performed by the electronic document reader on the electronic document.

Abstract: Methods and apparatus, including computer program products, implementing and using techniques for establishing trust in an electronic document. An electronic document is received. State dependent content in the electronic document is identified. The state dependent content is content that is renderable to have a several appearances. The electronic document is presented to a user, which includes disclosing the presence of any identified state dependent content in the electronic document.

Abstract: Methods and apparatus, including computer program products, implementing and using techniques for controlling capabilities of a user software application. A user software application is provided, the user software application including a set of disabled operations. Content capable of being operated on by one or more of the disabled operations in the set of disabled operations is received. Application rights information operable to enable an operation in the set of disabled operations to operate on content within a context specified in the application rights information are received and the operation in the set of disabled operations is enabled to operate on the received content. Methods and apparatus for providing content to be operated on by a user software application and methods and apparatus for providing a configurable, context-dependent user software application are also described.

Abstract: Methods and apparatus, including computer program products, implementing and using techniques for establishing trust in an electronic document. An electronic document is received. State dependent content in the electronic document is identified. The state dependent content is content that is renderable to have a several appearances. The electronic document is presented to a user, which includes disclosing the presence of any identified state dependent content in the electronic document.

Abstract: Methods and apparatus, including computer program products, for generating and processing a digital document. The digital document includes private content that is accessible only upon a request for the private content, and presentation data that is accessible without the request for the private content. The presentation data defines a graphical representation of an addressed postal envelope that has a stamp side on which one or more intended recipients of the private content are represented as addressees.

Abstract: Methods and apparatus, including computer program products, implementing and using techniques for digital rights management. In one aspect, a method is provided. The method includes receiving an electronic document, where the electronic document includes one or more content items, a set of usage rights defining one or more features to be enabled when the document is read by an electronic document reader, and a stored representation. The method further includes generating a representation of invariant content items of the electronic document, comparing the generated representation with the stored representation, and enabling features corresponding to the set of usage rights in the electronic document only if the generated representation and the stored representation are identical, where the features are features performed by the electronic document reader on the electronic document.

Abstract: Methods and apparatus, including computer program products, implementing and using techniques for document authentication. An electronic document is presented to a user. The electronic document has data representing a signed state and a current state. A disallowed difference between the signed state and the current state is detected, based on one or more rules that are associated with the electronic document. A digital signature associated with the electronic document is invalidated in response to the detecting.

Abstract: Methods and apparatus, including computer program products, implementing and using techniques for exchanging certificates, including generating a first container object including one or more of a sender's certificate and a request for a recipient's certificate, wherein the first container object has a recognizable container type, and transmitting the first container object to a recipient's address. Upon receipt of the first container object, it can be determined the first container object includes one or more of a certificate and a request for a certificate of the recipient. A request for a certificate can be responded to by generating a second container object including a certificate of the recipient, extracting a return address from the first container object, and transmitting the second container object to the return address.

Abstract: Methods and apparatus, including computer program products, implementing and using techniques for digital rights management. In one aspect, a method is provided. The method includes receiving an electronic document, where the electronic document includes one or more content items, a set of usage rights defining one or more features to be enabled when the document is read by an electronic document reader, and a stored representation. The method further includes generating a representation of invariant content items of the electronic document, comparing the generated representation with the stored representation, and enabling features corresponding to the set of usage rights in the electronic document only if the generated representation and the stored representation are identical, where the features are features performed by the electronic document reader on the electronic document.

Abstract: Methods and apparatus, including computer program products, for presenting status of digital signatures. A digital document is received that defines a presentation structure and includes a digital signature. The digital document specifies a representation of the digital signature and a location in the presentation structure for the representation of the digital signature. A status is determined for the digital signature. A status representation is associated with the digital signature, where the status representation identifies the status determined for the digital signature. Without altering the representation of the digital signature, at least a portion of the digital document and the status representation of the digital signature are presented in a user interface, where the status representation is presented in the presentation structure at a location that depends upon the location of the digital signature.