[
https://issues.apache.org/jira/browse/CAMEL-7002?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Hadrian Zbarcea reassigned CAMEL-7002:
--------------------------------------
Assignee: Hadrian Zbarcea
> PGPDataFormat: restrict verifying public keys
> ---------------------------------------------
>
> Key: CAMEL-7002
> URL: https://issues.apache.org/jira/browse/CAMEL-7002
> Project: Camel
> Issue Type: Improvement
> Components: camel-crypto
> Reporter: Franz Forsthofer
> Assignee: Hadrian Zbarcea
> Fix For: 2.12.3, 2.13.0
>
> Attachments: 0001-PGPDataFormat-signatureUserIds-added.patch,
> 0001-PGPDataFormat-signatureUserIds-added.patch
>
>
> During the signature verification with PGPDataFormat currently all public
> keys contained in the public keyring are taken into account. So the current
> semantic is: Verify the signature against all public keys in the keyring. IF
> you have a keyring with lot of public keys you will not want that every
> identity represented by the public keys can sent to you a signature. Normally
> you want to know from which identity the signature comes. Therefore I have
> introduced the possibility to restrict the verifying publikc keys; I have
> introduced the parameter signatureKeyUserids where you specify the Userids
> the publc keys must have in order to be allowed to verify a signature.
--
This message was sent by Atlassian JIRA
(v6.1#6144)
