You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@camel.apache.org by "Claus Ibsen (JIRA)" <ji...@apache.org> on 2013/08/16 08:04:47 UTC

[jira] [Commented] (CAMEL-6640) Migrate XML Security key cipher algorithm away from RSA v1.5

    [ https://issues.apache.org/jira/browse/CAMEL-6640?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13741957#comment-13741957 ] 

Claus Ibsen commented on CAMEL-6640:
------------------------------------

Thanks Colm for the patch.

Do you mind updating the docs with this change at:
http://camel.apache.org/xmlsecurity-dataformat.html

And possible also add a little note to the release notes at _changes that may affect end users_:
http://camel.apache.org/camel-2120-release.html
                
> Migrate XML Security key cipher algorithm away from RSA v1.5
> ------------------------------------------------------------
>
>                 Key: CAMEL-6640
>                 URL: https://issues.apache.org/jira/browse/CAMEL-6640
>             Project: Camel
>          Issue Type: Improvement
>            Reporter: Colm O hEigeartaigh
>            Priority: Minor
>             Fix For: 2.12.0
>
>         Attachments: camel-6640.patch
>
>
> Currently, the XML Security component uses RSA v1.5 as the default Key Transport algorithm. As there are a number of attacks on this algorithm, it is better to use the RSA OAEP algorithm instead.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira