In real-world workflows such as government approvals, GST filings, corporate documents, and contract management, a single document often needs approval from multiple authorities. This is where multiple digital signatures in PDF become essential for secure and verifiable document processing.
This raises a common question: can a PDF have multiple digital signatures?
The answer is important for users, developers, and officials working with Digital Signature Certificates (DSC), Public Key Infrastructure (PKI), and eSign systems.
Quick Answer
Yes, a PDF can have multiple digital signatures.
Each signature is applied sequentially, and every new signature preserves and validates all previous signatures, as long as no unauthorized changes are made.
How Multiple Digital Signatures in PDF Work
Digital signatures in PDFs follow a concept called incremental signing.
Step-by-Step Process
Step 1: First Signature
- Document is hashed (digital fingerprint created)
- Hash is encrypted using signer’s private key
- Signature and certificate are embedded in PDF
Step 2: Second Signature
- PDF is not overwritten
- A new revision is created (incremental update)
- Second signer signs the updated document
Step 3: Additional Signatures
- Each new signature signs the current state of the document
- All previous signatures are preserved
What is Incremental Signing
PDF uses a structure where new data is appended instead of replacing existing content.
This allows multiple signatures, maintains an audit trail, and ensures that earlier signatures remain valid.
Byte Range Concept (Simple Explanation)
Each digital signature signs only a specific portion of the PDF called a byte range.
For example:
- First signature signs original content
- Second signature signs original content plus first signature
- Third signature signs everything before it
This ensures that previous signatures remain verifiable and any change in signed content invalidates the signature.
What Happens to Previous Digital Signatures?
Case 1: No Modification
All previous signatures remain valid.
Case 2: Allowed Changes
Signatures remain valid if changes are permitted, such as adding another signature.
Case 3: Unauthorized Changes
All affected signatures become invalid if the document is modified.
Signing Order (Important Concept)
Digital signatures follow a strict sequence.
- First signer signs original document
- Second signer signs updated version
- Third signer signs further updated version
Each signature locks all previous content.
Technical Explanation (Simplified)
Hashing
The document is converted into a hash using algorithms like SHA-256. Any change in the document creates a new hash.
Private Key Signing
The hash is encrypted using the signer’s private key to create the digital signature.
Public Key Verification
The receiver uses the public key to verify the signature.
Role of PKI
Public Key Infrastructure ensures trust through Digital Signature Certificates (DSC), Certifying Authorities (CA), and certificate chain validation.
Allowed vs Not Allowed Changes
| Type of Change | Effect on Signature |
|---|---|
| Adding new signature | Allowed |
| Filling form fields | Allowed (if permitted) |
| Adding comments | Allowed |
| Editing text/content | Invalidates signature |
| Deleting content | Invalidates signature |
Real-World Example
Consider a government approval workflow:
- Officer signs the document
- Supervisor reviews and signs
- Department head signs final approval
All signatures remain visible and valid, creating a complete audit trail.
Use Cases of Multiple Digital Signatures
Government Approvals
- File movement systems
- Multi-level approvals
Corporate Workflows
- Internal approvals
- Finance authorization
Contracts and Agreements
- Signed by multiple parties
Compliance Filings
- Documents verified by multiple stakeholders
Banking and Legal Documents
- Joint authorization
Common Misconceptions
Second signature overwrites the first – This is incorrect. Each signature is added and does not replace earlier signatures.
Only one digital signature is allowed – This is incorrect. PDFs support multiple digital signatures.
Legal Validity in India
Digital signatures are legally recognized under the Information Technology Act, 2000.
Digital Signature Certificates must be issued by licensed Certifying Authorities regulated by the Controller of Certifying Authorities.
Multiple digital signatures are legally valid if all signatures are valid and document integrity is maintained.
To understand how each signature is validated, you can learn more about how to verify a digital signature in a PDF.
Conclusion
A PDF can securely hold multiple digital signatures, making it ideal for workflows that require multi-level approval and authentication.
Each signature preserves previous signatures, ensures document integrity, and builds a verifiable audit trail.
This is why multiple digital signatures are widely used in government, corporate, and legal systems.