[jira] [Comment Edited] (CAMEL-18962) camel-as2 - AS2Consumer always accepts unencrpted/unsigned data
[ https://issues.apache.org/jira/browse/CAMEL-18962?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17848593#comment-17848593 ] Jono Morris edited comment on CAMEL-18962 at 5/23/24 10:05 AM: --- I think if the consumer held a certificate for the purposes of authenticating message digital signatures it would make sense for authentication to fail if it received an unsigned message and return "Error: authentication-failed". (This disposition-modifier is mentioned in the spec for when the receiver can't authenticate the sender.) Probably the same for decryption. There's a "Error: decryption-failed" disposition-modifier in the spec also for when the receiver can't decrypt the message. So perhaps we could return this when a decryption key is held and a non-encrypted message is received. was (Author: jono): I think if the consumer held a certificate for the purposes of authenticating message digital signatures it would make sense for authentication to fail if it received an unsigned message and return an "Error: authentication-failed". (This disposition-modifier is mentioned in the spec for when the receiver can't authenticate the sender.) Probably the same for decryption. There's a "Error: decryption-failed" disposition-modifier in the spec also for when the receiver can't decrypt the message. So perhaps we could return this when a decryption key is held and a non-encrypted message is received. > camel-as2 - AS2Consumer always accepts unencrpted/unsigned data > --- > > Key: CAMEL-18962 > URL: https://issues.apache.org/jira/browse/CAMEL-18962 > Project: Camel > Issue Type: Improvement > Components: camel-as2 >Reporter: dennis lucero >Priority: Minor > > When setting up an AS2Cosumer (server) security is important. Thus in mind > AS2 should use encryption and signing to verify the incoming data before > processing it (or supplying the message for further processing). That assures > that the originator of the data is a trusted party. > Camel AS2 consumer accepts encrypted and signed data and at least decryption > is working. > *Problem* > The problem is that the consumer also accepts unencrypted data. So even if I > only want to receive encrpyted data from a trusted party, some third party > disguised as the trused party, could send a malicious unencrypted payload > and the server would just accept and process it. > For example sending plain data with the content type "application/edifact" is > always accepted. > *Possible solution* > The consumer should be configurable what content type is allowed. Also the > already existing producer-parameter "as2MessageStructure" may be used for > that purpose. > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Comment Edited] (CAMEL-18962) camel-as2 - AS2Consumer always accepts unencrpted/unsigned data
[ https://issues.apache.org/jira/browse/CAMEL-18962?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17848593#comment-17848593 ] Jono Morris edited comment on CAMEL-18962 at 5/23/24 10:04 AM: --- I think if the consumer held a certificate for the purposes of authenticating message digital signatures it would make sense for authentication to fail if it received an unsigned message and return an "Error: authentication-failed". (This disposition-modifier is mentioned in the spec for when the receiver can't authenticate the sender.) Probably the same for decryption. There's a "Error: decryption-failed" disposition-modifier in the spec also for when the receiver can't decrypt the message. So perhaps we could return this when a decryption key is held and a non-encrypted message is received. was (Author: jono): I think if the consumer held a certificate for the purposes of authenticating message digital signatures it would make sense for authentication to fail if it received an unsigned message and return an "Error: authentication-failed". (This disposition-modifier is mentioned in the spec for when the receiver can't authenticate the sender.) Probably the same for decryption. There's a "Error: decryption-failed" disposition-modifier in the spec also for the the receiver can't decrypt the message. So perhaps we could return this when a description key is held and a non-encrypted message is received. > camel-as2 - AS2Consumer always accepts unencrpted/unsigned data > --- > > Key: CAMEL-18962 > URL: https://issues.apache.org/jira/browse/CAMEL-18962 > Project: Camel > Issue Type: Improvement > Components: camel-as2 >Reporter: dennis lucero >Priority: Minor > > When setting up an AS2Cosumer (server) security is important. Thus in mind > AS2 should use encryption and signing to verify the incoming data before > processing it (or supplying the message for further processing). That assures > that the originator of the data is a trusted party. > Camel AS2 consumer accepts encrypted and signed data and at least decryption > is working. > *Problem* > The problem is that the consumer also accepts unencrypted data. So even if I > only want to receive encrpyted data from a trusted party, some third party > disguised as the trused party, could send a malicious unencrypted payload > and the server would just accept and process it. > For example sending plain data with the content type "application/edifact" is > always accepted. > *Possible solution* > The consumer should be configurable what content type is allowed. Also the > already existing producer-parameter "as2MessageStructure" may be used for > that purpose. > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Comment Edited] (CAMEL-18962) camel-as2 - AS2Consumer always accepts unencrpted/unsigned data
[ https://issues.apache.org/jira/browse/CAMEL-18962?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17848593#comment-17848593 ] Jono Morris edited comment on CAMEL-18962 at 5/23/24 10:03 AM: --- I think if the consumer held a certificate for the purposes of authenticating message digital signatures it would make sense for authentication to fail if it received an unsigned message and return an "Error: authentication-failed". (This disposition-modifier is mentioned in the spec for when the receiver can't authenticate the sender.) Probably the same for decryption. There's a "Error: decryption-failed" disposition-modifier in the spec also for the the receiver can't decrypt the message. So perhaps we could return this when a description key is held and a non-encrypted message is received. was (Author: jono): I think if the consumer held a certificate for the purposes of authenticating message digital signatures it would make sense for authentication to fail if it received an unsigned message and return an "Error: authentication-failed". (This disposition-modifier is mentioned in the spec for when the receiver can't authenticate the sender.) Probably the same for decryption. There's a "Error: decryption-failed" disposition-modifier in the spec also for the the receiver can't decrypt the message. > camel-as2 - AS2Consumer always accepts unencrpted/unsigned data > --- > > Key: CAMEL-18962 > URL: https://issues.apache.org/jira/browse/CAMEL-18962 > Project: Camel > Issue Type: Improvement > Components: camel-as2 >Reporter: dennis lucero >Priority: Minor > > When setting up an AS2Cosumer (server) security is important. Thus in mind > AS2 should use encryption and signing to verify the incoming data before > processing it (or supplying the message for further processing). That assures > that the originator of the data is a trusted party. > Camel AS2 consumer accepts encrypted and signed data and at least decryption > is working. > *Problem* > The problem is that the consumer also accepts unencrypted data. So even if I > only want to receive encrpyted data from a trusted party, some third party > disguised as the trused party, could send a malicious unencrypted payload > and the server would just accept and process it. > For example sending plain data with the content type "application/edifact" is > always accepted. > *Possible solution* > The consumer should be configurable what content type is allowed. Also the > already existing producer-parameter "as2MessageStructure" may be used for > that purpose. > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Comment Edited] (CAMEL-18962) camel-as2 - AS2Consumer always accepts unencrpted/unsigned data
[ https://issues.apache.org/jira/browse/CAMEL-18962?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17848593#comment-17848593 ] Jono Morris edited comment on CAMEL-18962 at 5/23/24 10:02 AM: --- I think if the consumer held a certificate for the purposes of authenticating message digital signatures it would make sense for authentication to fail if it received an unsigned message and return an "Error: authentication-failed". (This disposition-modifier is mentioned in the spec for when the receiver can't authenticate the sender.) Probably the same for decryption. There's a "Error: description-failed" disposition-modifier in the spec also for the the receiver can't decrypt the message. was (Author: jono): I think if the consumer held a certificate for the purposes of authenticating message digital signatures it would make sense for authentication to fail if it received an unsigned message and return an "Error: authentication-failed". (This disposition-modifier is mentioned in the spec for when the receiver can't authenticate the sender.) > camel-as2 - AS2Consumer always accepts unencrpted/unsigned data > --- > > Key: CAMEL-18962 > URL: https://issues.apache.org/jira/browse/CAMEL-18962 > Project: Camel > Issue Type: Improvement > Components: camel-as2 >Reporter: dennis lucero >Priority: Minor > > When setting up an AS2Cosumer (server) security is important. Thus in mind > AS2 should use encryption and signing to verify the incoming data before > processing it (or supplying the message for further processing). That assures > that the originator of the data is a trusted party. > Camel AS2 consumer accepts encrypted and signed data and at least decryption > is working. > *Problem* > The problem is that the consumer also accepts unencrypted data. So even if I > only want to receive encrpyted data from a trusted party, some third party > disguised as the trused party, could send a malicious unencrypted payload > and the server would just accept and process it. > For example sending plain data with the content type "application/edifact" is > always accepted. > *Possible solution* > The consumer should be configurable what content type is allowed. Also the > already existing producer-parameter "as2MessageStructure" may be used for > that purpose. > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Comment Edited] (CAMEL-18962) camel-as2 - AS2Consumer always accepts unencrpted/unsigned data
[ https://issues.apache.org/jira/browse/CAMEL-18962?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17848593#comment-17848593 ] Jono Morris edited comment on CAMEL-18962 at 5/23/24 10:02 AM: --- I think if the consumer held a certificate for the purposes of authenticating message digital signatures it would make sense for authentication to fail if it received an unsigned message and return an "Error: authentication-failed". (This disposition-modifier is mentioned in the spec for when the receiver can't authenticate the sender.) Probably the same for decryption. There's a "Error: decryption-failed" disposition-modifier in the spec also for the the receiver can't decrypt the message. was (Author: jono): I think if the consumer held a certificate for the purposes of authenticating message digital signatures it would make sense for authentication to fail if it received an unsigned message and return an "Error: authentication-failed". (This disposition-modifier is mentioned in the spec for when the receiver can't authenticate the sender.) Probably the same for decryption. There's a "Error: description-failed" disposition-modifier in the spec also for the the receiver can't decrypt the message. > camel-as2 - AS2Consumer always accepts unencrpted/unsigned data > --- > > Key: CAMEL-18962 > URL: https://issues.apache.org/jira/browse/CAMEL-18962 > Project: Camel > Issue Type: Improvement > Components: camel-as2 >Reporter: dennis lucero >Priority: Minor > > When setting up an AS2Cosumer (server) security is important. Thus in mind > AS2 should use encryption and signing to verify the incoming data before > processing it (or supplying the message for further processing). That assures > that the originator of the data is a trusted party. > Camel AS2 consumer accepts encrypted and signed data and at least decryption > is working. > *Problem* > The problem is that the consumer also accepts unencrypted data. So even if I > only want to receive encrpyted data from a trusted party, some third party > disguised as the trused party, could send a malicious unencrypted payload > and the server would just accept and process it. > For example sending plain data with the content type "application/edifact" is > always accepted. > *Possible solution* > The consumer should be configurable what content type is allowed. Also the > already existing producer-parameter "as2MessageStructure" may be used for > that purpose. > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Comment Edited] (CAMEL-18962) camel-as2 - AS2Consumer always accepts unencrpted/unsigned data
[ https://issues.apache.org/jira/browse/CAMEL-18962?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17848593#comment-17848593 ] Jono Morris edited comment on CAMEL-18962 at 5/23/24 9:55 AM: -- I think if the consumer held a certificate for the purposes of authenticating message digital signatures it would make sense for authentication to fail if it received an unsigned message and return an "Error: authentication-failed". (This disposition-modifier is mentioned in the spec for when the receiver can't authenticate the sender.) was (Author: jono): I think if the consumer held a certificate for the purposes of authenticating message digital signatures it would make sense for authentication to fail if it received an unsigned message. > camel-as2 - AS2Consumer always accepts unencrpted/unsigned data > --- > > Key: CAMEL-18962 > URL: https://issues.apache.org/jira/browse/CAMEL-18962 > Project: Camel > Issue Type: Improvement > Components: camel-as2 >Reporter: dennis lucero >Priority: Minor > > When setting up an AS2Cosumer (server) security is important. Thus in mind > AS2 should use encryption and signing to verify the incoming data before > processing it (or supplying the message for further processing). That assures > that the originator of the data is a trusted party. > Camel AS2 consumer accepts encrypted and signed data and at least decryption > is working. > *Problem* > The problem is that the consumer also accepts unencrypted data. So even if I > only want to receive encrpyted data from a trusted party, some third party > disguised as the trused party, could send a malicious unencrypted payload > and the server would just accept and process it. > For example sending plain data with the content type "application/edifact" is > always accepted. > *Possible solution* > The consumer should be configurable what content type is allowed. Also the > already existing producer-parameter "as2MessageStructure" may be used for > that purpose. > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Comment Edited] (CAMEL-18962) camel-as2 - AS2Consumer always accepts unencrpted/unsigned data
[ https://issues.apache.org/jira/browse/CAMEL-18962?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17848593#comment-17848593 ] Jono Morris edited comment on CAMEL-18962 at 5/23/24 9:50 AM: -- I think if the consumer held a certificate for the purposes of authenticating message digital signatures it would make sense for authentication to fail if it received an unsigned message. was (Author: jono): I think if the consumer held a certificate for the purposes of authenticating message digital signatures it would make sense for authentication to fail for if it received an unsigned message. > camel-as2 - AS2Consumer always accepts unencrpted/unsigned data > --- > > Key: CAMEL-18962 > URL: https://issues.apache.org/jira/browse/CAMEL-18962 > Project: Camel > Issue Type: Improvement > Components: camel-as2 >Reporter: dennis lucero >Priority: Minor > > When setting up an AS2Cosumer (server) security is important. Thus in mind > AS2 should use encryption and signing to verify the incoming data before > processing it (or supplying the message for further processing). That assures > that the originator of the data is a trusted party. > Camel AS2 consumer accepts encrypted and signed data and at least decryption > is working. > *Problem* > The problem is that the consumer also accepts unencrypted data. So even if I > only want to receive encrpyted data from a trusted party, some third party > disguised as the trused party, could send a malicious unencrypted payload > and the server would just accept and process it. > For example sending plain data with the content type "application/edifact" is > always accepted. > *Possible solution* > The consumer should be configurable what content type is allowed. Also the > already existing producer-parameter "as2MessageStructure" may be used for > that purpose. > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Comment Edited] (CAMEL-18962) camel-as2 - AS2Consumer always accepts unencrpted/unsigned data
[ https://issues.apache.org/jira/browse/CAMEL-18962?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17848593#comment-17848593 ] Jono Morris edited comment on CAMEL-18962 at 5/23/24 9:49 AM: -- I think if the consumer held a certificate for the purposes of authenticating message digital signatures it would make sense for authentication to fail for if it received an unsigned message. was (Author: jono): There's nothing in the AS2 spec that mentions this, and I think this would be a feature of Camel's AS2 implementation. Looking at the AWS implementation signing is optional and encryption is only mandatory when using HTTP; Ref [https://docs.aws.amazon.com/transfer/latest/userguide/as2-config-etc.html.] I think a site using AS2 would likely be using HTTPS terminating at a corporate-gateway/tls-proxy. Additionally they could also be using signatures/encryption for compliance to industry standards, e.g. PCI, SOX etc., and they'd probably be audited for this. > camel-as2 - AS2Consumer always accepts unencrpted/unsigned data > --- > > Key: CAMEL-18962 > URL: https://issues.apache.org/jira/browse/CAMEL-18962 > Project: Camel > Issue Type: Improvement > Components: camel-as2 >Reporter: dennis lucero >Priority: Minor > > When setting up an AS2Cosumer (server) security is important. Thus in mind > AS2 should use encryption and signing to verify the incoming data before > processing it (or supplying the message for further processing). That assures > that the originator of the data is a trusted party. > Camel AS2 consumer accepts encrypted and signed data and at least decryption > is working. > *Problem* > The problem is that the consumer also accepts unencrypted data. So even if I > only want to receive encrpyted data from a trusted party, some third party > disguised as the trused party, could send a malicious unencrypted payload > and the server would just accept and process it. > For example sending plain data with the content type "application/edifact" is > always accepted. > *Possible solution* > The consumer should be configurable what content type is allowed. Also the > already existing producer-parameter "as2MessageStructure" may be used for > that purpose. > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Comment Edited] (CAMEL-18962) camel-as2 - AS2Consumer always accepts unencrpted/unsigned data
[ https://issues.apache.org/jira/browse/CAMEL-18962?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17848593#comment-17848593 ] Jono Morris edited comment on CAMEL-18962 at 5/22/24 12:16 PM: --- There's nothing in the AS2 spec that mentions this, and I think this would be a feature of Camel's AS2 implementation. Looking at the AWS implementation signing is optional and encryption is only mandatory when using HTTP; Ref [https://docs.aws.amazon.com/transfer/latest/userguide/as2-config-etc.html.] I think a site using AS2 would likely be using HTTPS terminating at a corporate-gateway/tls-proxy. Additionally they could also be using signatures/encryption for compliance to industry standards, e.g. PCI, SOX etc., and they'd probably be audited for this. was (Author: jono): There's nothing in the AS2 spec that mentions this, and I think this would be a feature of Camel's AS2 implementation. Looking at the AWS implementation signing is optional and encryption is only mandatory when using HTTP; Ref [https://docs.aws.amazon.com/transfer/latest/userguide/as2-config-etc.html.] I think a site using AS2 would likely be using HTTPS terminating at a corporate-gateway/tls-proxy. Additionally they could also be using signatures/encryption for compliance to industry standards, e.g. PCI, SOX etc., and they'd be audited for this. > camel-as2 - AS2Consumer always accepts unencrpted/unsigned data > --- > > Key: CAMEL-18962 > URL: https://issues.apache.org/jira/browse/CAMEL-18962 > Project: Camel > Issue Type: Improvement > Components: camel-as2 >Reporter: dennis lucero >Priority: Minor > > When setting up an AS2Cosumer (server) security is important. Thus in mind > AS2 should use encryption and signing to verify the incoming data before > processing it (or supplying the message for further processing). That assures > that the originator of the data is a trusted party. > Camel AS2 consumer accepts encrypted and signed data and at least decryption > is working. > *Problem* > The problem is that the consumer also accepts unencrypted data. So even if I > only want to receive encrpyted data from a trusted party, some third party > disguised as the trused party, could send a malicious unencrypted payload > and the server would just accept and process it. > For example sending plain data with the content type "application/edifact" is > always accepted. > *Possible solution* > The consumer should be configurable what content type is allowed. Also the > already existing producer-parameter "as2MessageStructure" may be used for > that purpose. > -- This message was sent by Atlassian Jira (v8.20.10#820010)