You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@camel.apache.org by "Hadrian Zbarcea (JIRA)" <ji...@apache.org> on 2013/12/02 15:18:45 UTC
[jira] [Work started] (CAMEL-7002) PGPDataFormat: restrict
verifying public keys
[ https://issues.apache.org/jira/browse/CAMEL-7002?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Work on CAMEL-7002 started by Hadrian Zbarcea.
> PGPDataFormat: restrict verifying public keys
> ---------------------------------------------
>
> Key: CAMEL-7002
> URL: https://issues.apache.org/jira/browse/CAMEL-7002
> Project: Camel
> Issue Type: Improvement
> Components: camel-crypto
> Reporter: Franz Forsthofer
> Assignee: Hadrian Zbarcea
> Fix For: 2.12.3, 2.13.0
>
> Attachments: 0001-PGPDataFormat-signatureUserIds-added.patch
>
>
> During the signature verification with PGPDataFormat currently all public keys contained in the public keyring are taken into account. So the current semantic is: Verify the signature against all public keys in the keyring. IF you have a keyring with lot of public keys you will not want that every identity represented by the public keys can sent to you a signature. Normally you want to know from which identity the signature comes. Therefore I have introduced the possibility to restrict the verifying publikc keys; I have introduced the parameter signatureKeyUserids where you specify the Userids the publc keys must have in order to be allowed to verify a signature.
--
This message was sent by Atlassian JIRA
(v6.1#6144)