[jira] [Comment Edited] (CAMEL-18962) camel-as2 - AS2Consumer always accepts unencrpted/unsigned data

Thu, 23 May 2024 03:03:05 -0700 


    [ 
https://issues.apache.org/jira/browse/CAMEL-18962?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17848593#comment-17848593
 ] 

Jono Morris edited comment on CAMEL-18962 at 5/23/24 10:02 AM:
---------------------------------------------------------------

I think if the consumer held a certificate for the purposes of authenticating 
message digital signatures it would make sense for authentication to fail if it 
received an unsigned message and return an "Error: authentication-failed".  
(This disposition-modifier is mentioned in the spec for when the receiver can't 
authenticate the sender.)  

Probably the same for decryption.  There's a "Error: description-failed" 
disposition-modifier in the spec also for the the receiver can't decrypt the 
message.


was (Author: jono):
I think if the consumer held a certificate for the purposes of authenticating 
message digital signatures it would make sense for authentication to fail if it 
received an unsigned message and return an "Error: authentication-failed".  
(This disposition-modifier is mentioned in the spec for when the receiver can't 
authenticate the sender.) 

> camel-as2 - AS2Consumer always accepts unencrpted/unsigned data
> ---------------------------------------------------------------
>
>                 Key: CAMEL-18962
>                 URL: https://issues.apache.org/jira/browse/CAMEL-18962
>             Project: Camel
>          Issue Type: Improvement
>          Components: camel-as2
>            Reporter: dennis lucero
>            Priority: Minor
>
> When setting up an AS2Cosumer (server) security is important. Thus in mind 
> AS2 should use encryption and signing to verify the incoming data before 
> processing it (or supplying the message for further processing). That assures 
> that the originator of the data is a trusted party.
> Camel AS2 consumer accepts encrypted and signed data and at least decryption 
> is working.
> *Problem*
> The problem is that the consumer also accepts unencrypted data. So even if I 
> only want to receive encrpyted data from a trusted party, some third party 
> disguised as the trused party, could send a malicious unencrypted payload  
> and the server would just accept and process it.
> For example sending plain data with the content type "application/edifact" is 
> always accepted.
> *Possible solution*
> The consumer should be configurable what content type is allowed. Also the 
> already existing producer-parameter "as2MessageStructure" may be used for 
> that purpose.
>  



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to