camel-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Franz Forsthofer (JIRA)" <j...@apache.org>
Subject [jira] [Created] (CAMEL-8084) PGP Data Format: file name parameter
Date Thu, 27 Nov 2014 11:25:12 GMT
Franz Forsthofer created CAMEL-8084:
---------------------------------------

             Summary: PGP Data Format: file name parameter
                 Key: CAMEL-8084
                 URL: https://issues.apache.org/jira/browse/CAMEL-8084
             Project: Camel
          Issue Type: Improvement
          Components:  camel-crypto
            Reporter: Franz Forsthofer
             Fix For: 2.15.0


Currently, the PGP Data Format marshaler sets the file name of the PGP Literal Packet to "_CONSOLE"
by default; and you can overwrite the file name via the header "CamelFileName". 

The attached patch introduces the parameter "fileName" so that you can set the file name during
configuration time. The default value is still "_CONSOLE". Now it is also possible to use
an empty string as file name, which was not possible before. We should allow an empty string
value because the Open PGP specification (https://tools.ietf.org/html/rfc4880) explicitly
mentions that the file name "may be a zero-length string" (see chapter "5.9.  Literal Data
Packet (Tag 11)".

The spec says about the "_CONSOLE" value: "_CONSOLE" is used to indicate that " the message
is considered to be 'for your eyes only'.  This advises that the message data is unusually
sensitive, and the receiving program should process it more carefully, perhaps avoiding storing
the received data to disk, for example." There are some PGP programs available which will
break of the processing of PGP messages which contain the value "_CONSOLE" as file name. In
order to avoid such kind of "break-ofs", it makes sense to allow the configuration of the
file name via a parameter so that you must not use a header.

Regards Franz



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message