In this age of digital design information, many participants in the design process have asked questions regarding DWF and security. This article addresses some of those frequently asked questions. For comments, questions, or suggestions regarding this FAQ please email scott.sheppard@autodesk.com.
Is DWF a secure format?
Yes, DWF files are secure, helping to protect the integrity of the original design. DWF files are similar to paper plots—by default they include only what the designer intends to share. Layer information can be turned on or off; object definition metadata, block attributes, and properties are not included unless published by the CAD user. Password protection and encryption of the DWF file further ensure the security of DWF files.
How does DWF compare to the security of paper?
One of the advantages of a DWF as compared to a source DWG is the security offered by DWF. DWF has security similar to physical paper.
As covered in Brian Mathews’ article on precision:
When you take a measurement in AutoCAD from a DWG file, you are using a 64-bit double-precision floating point value that gives you extreme levels of precision and accuracy. You also have a tremendous amount of model intelligence. For example, an Architectural Desktop door knows it is a door, and the wall knows that it needs to have a hole to contain the door, and that the framing inside the wall needs to adjust based on the position of the door. The door and walls are not just pictures made of lines. Instead they are intelligent objects with cross-linked relationships.When you take a measurement using physical paper and a physical ruler, there are limitations to the precision and accuracy of what you can measure. For example, with this method you only have an array of inked pixels depicting a picture of a wall with a door. The model intelligence has been lost.
The DWF files you generate with default settings are essentially electronic plots generated from AutoCAD's (or another application's) plot engine. As such, many of the same limitations apply to DWF as to paper. This is where security comes in. Since the DWF file does not have the same precision and accuracy, and since the DWF geometry is tessellated (blocks and objects get exploded into their individual graphic primitives), it is not easy to turn a DWF file back into a DWG file (just like it isn't easy to turn paper into a DWG).
Historically it has always been possible to use paper to painstaking turn a printout back into a DWG by tracing over the printout. As with paper, even if you did the work to convert the DWF file back into a DWG, you would be missing all of the model intelligence. For example, there’s no way to recapture the relationship between the wall and its door. Many customers feel that physical-paper is sufficiently secure, and they want that same level of security with DWF.
As with paper:
- By default DWF files do not include layer information. This prevents users from turning off layers, printing the results, and then building something incorrectly. If desired, the DWF author can change his default so that layer information is published to the DWF.
- By default DWF files do not include object definitions. The smart objects from the DWG are turned into tessellated geometry like lines and circles. DWF files are similar to the effect of an EXPLODE operation on every object where one AutoCAD entity is tessellated into many dissociated DWF vectors.
- By default DWF files are generated at 400 DPI (dots per inch) so that they have the same low precision as physical paper. This is in great contrast to DWG which uses very high precision double-float values. Customers can specify the DPI value when publishing a DWF if they require higher precision measurements.
- By default DWF files do not include metadata, block attributes, or object properties. This information is only added to the file at the discretion of the publisher.
Though some solutions exist, Autodesk does not provide end-user tools for editing DWF graphical content.
What about cryptography, encryption, and password protection?
For additional security, DWF has digital encryption features such as password protection. You can encrypt a DWF and apply a password to the file when you create the DWF from a CAD application such as AutoCAD.
What about other forms of access control, digital rights management, and access logging?
Since DWF is just a digital file, it is compatible with standard enterprise security systems such as project hosting services, document management systems, and file server access control systems. You can combine these control systems with the built-in DWF encryption or use them independently.
For DRM (digital rights management), PKI (public/private key infrastructure), or other asymmetric encryption features, there are several products on the market which can encapsulate a DWF file in an encryption “envelope” that can then be controlled so that only specific people have specific revocable rights to the DWF content.
Autodesk is considering adding DRM and PKI features to a future version of DWF and the DWF Viewers.
What about digital signatures?
DWF does not yet have direct support for digital signatures, though it is planned for a future release. Some customers have used 3rd party technologies such as PGP which can place any file format (such as DWF) inside an “envelope” file which can then digitally signed by the 3rd party product.
As for visible seals, these can be applied in the CAD design application (such as AutoCAD) by inserting a graphic picture of a seal that is then printed/published into the DWF. There is no security when you do this; it is only a picture like any of the other copy-able graphics that get stored in the DWF; however, this is similar to what many city governments do when they scan in wet-signed and sealed paper into TIFF and then store the TIFF. The scan of the seal in TIFF is nothing but a picture which can easily be copied and forged. If the scanned TIFF is acceptable for them, DWF is no different in its level of security than the paper.
Note that physical ink signatures are only secure in the physical world. An electronic scan of a signature can be forged, but chemical ink on paper cannot be easily forged.
Note that digital signatures are only secure in the digital world. If you print a “seal” representing a digital signature to a piece of paper, you can simply Xerox that image or capture the image vectors as they go to the printer to forge it. You cannot forge the digital signature in its digital non-graphical form. There are many products on the market (like PDF) which allow a digital signature to have a graphical representation when printed to physical paper. It is important to understand that such printed renditions of digital signatures are less secure than an ink signature on paper. Remember: digital signatures are only secure when in their digital form.
The credit for this FAQ goes to Brian Mathews and Scott Sheppard of the Autodesk DWF Team.
