[ https://issues.apache.org/jira/browse/CAMEL-18962?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17848593#comment-17848593 ]
Jono Morris edited comment on CAMEL-18962 at 5/23/24 9:49 AM: -------------------------------------------------------------- I think if the consumer held a certificate for the purposes of authenticating message digital signatures it would make sense for authentication to fail for if it received an unsigned message. was (Author: jono): There's nothing in the AS2 spec that mentions this, and I think this would be a feature of Camel's AS2 implementation. Looking at the AWS implementation signing is optional and encryption is only mandatory when using HTTP; Ref [https://docs.aws.amazon.com/transfer/latest/userguide/as2-config-etc.html.] I think a site using AS2 would likely be using HTTPS terminating at a corporate-gateway/tls-proxy. Additionally they could also be using signatures/encryption for compliance to industry standards, e.g. PCI, SOX etc., and they'd probably be audited for this. > camel-as2 - AS2Consumer always accepts unencrpted/unsigned data > --------------------------------------------------------------- > > Key: CAMEL-18962 > URL: https://issues.apache.org/jira/browse/CAMEL-18962 > Project: Camel > Issue Type: Improvement > Components: camel-as2 > Reporter: dennis lucero > Priority: Minor > > When setting up an AS2Cosumer (server) security is important. Thus in mind > AS2 should use encryption and signing to verify the incoming data before > processing it (or supplying the message for further processing). That assures > that the originator of the data is a trusted party. > Camel AS2 consumer accepts encrypted and signed data and at least decryption > is working. > *Problem* > The problem is that the consumer also accepts unencrypted data. So even if I > only want to receive encrpyted data from a trusted party, some third party > disguised as the trused party, could send a malicious unencrypted payload > and the server would just accept and process it. > For example sending plain data with the content type "application/edifact" is > always accepted. > *Possible solution* > The consumer should be configurable what content type is allowed. Also the > already existing producer-parameter "as2MessageStructure" may be used for > that purpose. > -- This message was sent by Atlassian Jira (v8.20.10#820010)