Long after the demise of Google Authorship, is it now both valid and viable for a document to include multiple links?

When Google Authorship was very much still a thing several years ago, the conclusion was that it was better not to include more than one <link rel="author"> on any given page.

See:

  • 2012 – How to implement rel="author" on a page with multiple authors?
  • 2013 – Is Google OK with multiple rel="author" links?

Google Authorship is now a distant memory (Mountain View stopped using it several centuries ago in 2016) but I’m concerned that there may still be something invalid or nonsensical about including more than one <link rel="author"> in the <head> of a given document.

My use case involves referencing both an About Page and humans.txt:

<link rel="author" href="https://example.com/about-us/" /> <link rel="author" href="https://example.com/humans.txt" type="text/plain" /> 

Is there anything – I can’t find explicit confirmation – from the WHAT-WG to confirm that this is valid usage?

Or is there a viable alternative to using more than one <link rel="author"> element?

Is there a way to learn what was written in a burned document?

I’m playing pathfinder and I just recovered the ashes of burned papers. The Dm told me make whole wouldn’t work because a big part of the paper went off in smoke and as such there isn’t all the parts. Is there any divination spell that could help me recover some information ? I have access to a good amount of gold and a fairly large city so I could pay a spellcaster to cast it if it is too high-level. I have neither access to the vilain and the document is probably a little too much damaged to use linguistics on

Can a structured (text) document be effectively encrypted

My situation:

I want to encrypt an HTML document. My question is, if the following is known, is that going to weaken encryption?

  • It is a text-based document
  • It starts with <DOCTYPE HTML> or a few variants of
  • This is followed by an <HTML> tag, followed by a <HEAD> tag, which contains a number of ‘

Would this knowledge help a hacker to decrypt without the decrypt key? Would such knowledge make my documents effectively un-encryptable?

My apologies if this is a very simple question. I am a neophyte.

Which Algorithm should PFX file use to sign PDF document?

I exported localhost certificate in .PFX format with private key. I have to use this PFX file to sign PDF document. C# program was used to sign document and below error encountered when hitting this code-

C# code –

 Pkcs12Store pk12;  pk12 = new Pkcs12Store(new FileStream(this.Path, FileMode.Open, FileAccess.Read), this.password.ToCharArray()); 

error –

 Unable to cast object of type 'Org.BouncyCastle.Asn1.DerSequence' to type 'Org.BouncyCastle.Asn1.DerInteger' 

is error associated with mismatch in algorithm? Below are steps used to export PFX file. enter image description here enter image description here enter image description here enter image description here

I am using itextSharp library to sign PDF document. Is there any error in PFX file OR localhost file should not be used? how can I validate PFX file whether it is correct?

Thanks.

Document security – how to find who’s leaked a confidential document?

I am legally obliged to distribute a document (probably by email, probably saved as MS word, or a PDF) to several hundred recipients.

The recipients are legally obliged to keep it confidential. However, based on past experience I’m pretty sure it’s going to end up publicly leaked pretty quickly. (in the past it’s been freely distributed verbatim)

This has happened before, it’s a serious problem and causes us financial damage and I’d really like to put a stop to this and identify the miscreant.

I’m aware of the John Le Carre technique of making each document very slightly different (missing full stop here, minor typo there etc etc) but with several hundred recipients making several hundred uniquely identifiable copies of the same basic document would be a non-trivial task.

Is there a way to automate this? or is there a better way of finding who’s doing the leaking?

UPDATES – documents published 2 or 3 times a year. In the past the whole pdf has been published verbatim on public or semi-public forums, often within days (sometimes hours) of being distributed. On other occasions the documents have been re-distributed via email from ‘burner’ accounts (normally gmail)

  • The document is released to meet various legal obligations, so the information HAS to be accurate. It also HAS to go to the various recipients. So changing any of the data is not an option, but there’s no law against making a spelling/grammar error

Multi-user document encryption: access to user private keys

I am attempting to implement these solutions for multi-user document encryption:

  • https://security.stackexchange.com/a/71915

  • https://owncloud.com/wp-content/uploads/2014/10/Overview_of_ownCloud_Encryption_Model_1.1.pdf

The user’s private key is stored in a database and encrypted using a symmetrical cipher, the key to which is the user’s password.

My question is how should the private key be kept around so it can be used in subsequent requests? The user’s plaintext password is only available during the initial login request so that’s the only time it can be used to decrypt the private key.

The options I have thought of include:

  • Decrypt the private key on login, keep it in memory, then look it up on subsequent requests
  • sending back the private key in the user’s JWT (also ensuring the JWT is encrypted)