[jira] [Commented] (CAMEL-12262) DEFAULT_CIPHER_SUITES_FILTER_EXCLUDE Incorrect

2018-02-16 Thread Claus Ibsen (JIRA) 

[ 
https://issues.apache.org/jira/browse/CAMEL-12262?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16367787#comment-16367787
 ] 

Claus Ibsen commented on CAMEL-12262:
-

Thanks [~coheigea].

Do you mind creating a new Jira ticket about the change for 3.0, as it sounds 
like a good idea

> DEFAULT_CIPHER_SUITES_FILTER_EXCLUDE Incorrect
> --
>
> Key: CAMEL-12262
> URL: https://issues.apache.org/jira/browse/CAMEL-12262
> Project: Camel
>  Issue Type: Task
>  Components: documentation
>Reporter: Lyubomir
>Assignee: Claus Ibsen
>Priority: Minor
> Fix For: 2.21.0
>
>
> The [official 
> documentation|http://camel.apache.org/camel-configuration-utilities.html] 
> states the default cipher suites exclude filters are:
> {code:java}
> .*NULL.*
> .*anon.*
> .*DES.* Camel 2.15.4 =>Means 3DES **is** excluded
> .*EXPORT.* Camel 2.15.4
> {code}
> The default cipher suite exclude filter declared is:
> {code:java}
> /camel-core/src/main/java/org/apache/camel/util/jsse/BaseSSLContextParameters.java
> {code}
> {code:java}
> protected static final List DEFAULT_CIPHER_SUITES_FILTER_EXCLUDE =
> Collections.unmodifiableList(Arrays.asList(".*_NULL_.*", 
> ".*_anon_.*", ".*_EXPORT_.*", ".*_DES_.*"));
> {code}
> According to the documentation 3DES will be excluded by default. Based on the 
> code only DES will be excluded.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (CAMEL-12262) DEFAULT_CIPHER_SUITES_FILTER_EXCLUDE Incorrect

2018-02-14 Thread Lyubomir (JIRA) 

[ 
https://issues.apache.org/jira/browse/CAMEL-12262?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16364069#comment-16364069
 ] 

Lyubomir commented on CAMEL-12262:
--

Hi [~coheigea] dcumentation only got fixed yesterday there was a small 
"formatting" bug :) . I don't personally mind whether 3DES is excluded by 
default, what is important is that documentation is clear on that.

I do agree with you for the second part, as I personally found the current 
approach slightly confusing. All that said - good job so far guys.

> DEFAULT_CIPHER_SUITES_FILTER_EXCLUDE Incorrect
> --
>
> Key: CAMEL-12262
> URL: https://issues.apache.org/jira/browse/CAMEL-12262
> Project: Camel
>  Issue Type: Task
>  Components: documentation
>Reporter: Lyubomir
>Assignee: Claus Ibsen
>Priority: Minor
> Fix For: 2.21.0
>
>
> The [official 
> documentation|http://camel.apache.org/camel-configuration-utilities.html] 
> states the default cipher suites exclude filters are:
> {code:java}
> .*NULL.*
> .*anon.*
> .*DES.* Camel 2.15.4 =>Means 3DES **is** excluded
> .*EXPORT.* Camel 2.15.4
> {code}
> The default cipher suite exclude filter declared is:
> {code:java}
> /camel-core/src/main/java/org/apache/camel/util/jsse/BaseSSLContextParameters.java
> {code}
> {code:java}
> protected static final List DEFAULT_CIPHER_SUITES_FILTER_EXCLUDE =
> Collections.unmodifiableList(Arrays.asList(".*_NULL_.*", 
> ".*_anon_.*", ".*_EXPORT_.*", ".*_DES_.*"));
> {code}
> According to the documentation 3DES will be excluded by default. Based on the 
> code only DES will be excluded.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (CAMEL-12262) DEFAULT_CIPHER_SUITES_FILTER_EXCLUDE Incorrect

2018-02-14 Thread Colm O hEigeartaigh (JIRA) 

[ 
https://issues.apache.org/jira/browse/CAMEL-12262?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16363861#comment-16363861
 ] 

Colm O hEigeartaigh commented on CAMEL-12262:
-

Hi [~davsclaus],

I disagree that the documentation states that 3DES is excluded - the filter 
given is "{{.*_DES_.*}}" which only applies to DES. It would be ".*_3DES_.*" if 
it applied to 3DES.

I don't think we need to exclude 3DES as well, it's still considered secure. 
For example it is on the default "enabled" cipher suite algorithms in Java 8:

[https://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html]

However, I think maybe we could change how we filter algorithms in general 
starting with the next major release. CXF only applies the default "excludes" 
if there is a corresponding "includes" filter. If there are no filters it just 
uses the JVM defaults, which already exclude the weak algorithms by default in 
recent JDK versions.

Colm.

 

> DEFAULT_CIPHER_SUITES_FILTER_EXCLUDE Incorrect
> --
>
> Key: CAMEL-12262
> URL: https://issues.apache.org/jira/browse/CAMEL-12262
> Project: Camel
>  Issue Type: Task
>  Components: documentation
>Reporter: Lyubomir
>Assignee: Claus Ibsen
>Priority: Minor
> Fix For: 2.21.0
>
>
> The [official 
> documentation|http://camel.apache.org/camel-configuration-utilities.html] 
> states the default cipher suites exclude filters are:
> {code:java}
> .*NULL.*
> .*anon.*
> .*DES.* Camel 2.15.4 =>Means 3DES **is** excluded
> .*EXPORT.* Camel 2.15.4
> {code}
> The default cipher suite exclude filter declared is:
> {code:java}
> /camel-core/src/main/java/org/apache/camel/util/jsse/BaseSSLContextParameters.java
> {code}
> {code:java}
> protected static final List DEFAULT_CIPHER_SUITES_FILTER_EXCLUDE =
> Collections.unmodifiableList(Arrays.asList(".*_NULL_.*", 
> ".*_anon_.*", ".*_EXPORT_.*", ".*_DES_.*"));
> {code}
> According to the documentation 3DES will be excluded by default. Based on the 
> code only DES will be excluded.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (CAMEL-12262) DEFAULT_CIPHER_SUITES_FILTER_EXCLUDE Incorrect

2018-02-13 Thread Claus Ibsen (JIRA) 

[ 
https://issues.apache.org/jira/browse/CAMEL-12262?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16362392#comment-16362392
 ] 

Claus Ibsen commented on CAMEL-12262:
-

[~coheig] btw in that git commit 
([https://github.com/apache/camel/commit/1798974a64eb54c46c0ffb4034adf73e62d4e260)]
 the chiper DES is excluded. But as Lyubomir says what about 3DES dont we want 
to exclude that too? And if so we would need to update the default pattern for 
that in the source code.

> DEFAULT_CIPHER_SUITES_FILTER_EXCLUDE Incorrect
> --
>
> Key: CAMEL-12262
> URL: https://issues.apache.org/jira/browse/CAMEL-12262
> Project: Camel
>  Issue Type: Task
>  Components: documentation
>Reporter: Lyubomir
>Assignee: Claus Ibsen
>Priority: Minor
> Fix For: 2.21.0
>
>
> The [official 
> documentation|http://camel.apache.org/camel-configuration-utilities.html] 
> states the default cipher suites exclude filters are:
> {code:java}
> .*NULL.*
> .*anon.*
> .*DES.* Camel 2.15.4 =>Means 3DES **is** excluded
> .*EXPORT.* Camel 2.15.4
> {code}
> The default cipher suite exclude filter declared is:
> {code:java}
> /camel-core/src/main/java/org/apache/camel/util/jsse/BaseSSLContextParameters.java
> {code}
> {code:java}
> protected static final List DEFAULT_CIPHER_SUITES_FILTER_EXCLUDE =
> Collections.unmodifiableList(Arrays.asList(".*_NULL_.*", 
> ".*_anon_.*", ".*_EXPORT_.*", ".*_DES_.*"));
> {code}
> According to the documentation 3DES will be excluded by default. Based on the 
> code only DES will be excluded.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (CAMEL-12262) DEFAULT_CIPHER_SUITES_FILTER_EXCLUDE Incorrect

2018-02-13 Thread Lyubomir (JIRA) 

[ 
https://issues.apache.org/jira/browse/CAMEL-12262?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16362381#comment-16362381
 ] 

Lyubomir commented on CAMEL-12262:
--

Please confirm the issue is in the documentation only, and the code is 
implemented as expected.

The git commit in discussion 
[here|https://github.com/apache/camel/commit/1798974a64eb54c46c0ffb4034adf73e62d4e260]

> DEFAULT_CIPHER_SUITES_FILTER_EXCLUDE Incorrect
> --
>
> Key: CAMEL-12262
> URL: https://issues.apache.org/jira/browse/CAMEL-12262
> Project: Camel
>  Issue Type: Task
>  Components: documentation
>Reporter: Lyubomir
>Priority: Minor
>
> The [official 
> documentation|http://camel.apache.org/camel-configuration-utilities.html] 
> states the default cipher suites exclude filters are:
> {code:java}
> .*NULL.*
> .*anon.*
> .*DES.* Camel 2.15.4 =>Means 3DES **is** excluded
> .*EXPORT.* Camel 2.15.4
> {code}
> The default cipher suite exclude filter declared is:
> {code:java}
> /camel-core/src/main/java/org/apache/camel/util/jsse/BaseSSLContextParameters.java
> {code}
> {code:java}
> protected static final List DEFAULT_CIPHER_SUITES_FILTER_EXCLUDE =
> Collections.unmodifiableList(Arrays.asList(".*_NULL_.*", 
> ".*_anon_.*", ".*_EXPORT_.*", ".*_DES_.*"));
> {code}
> According to the documentation 3DES will be excluded by default. Based on the 
> code only DES will be excluded.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (CAMEL-12262) DEFAULT_CIPHER_SUITES_FILTER_EXCLUDE Incorrect

2018-02-13 Thread Claus Ibsen (JIRA) 

[ 
https://issues.apache.org/jira/browse/CAMEL-12262?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16362375#comment-16362375
 ] 

Claus Ibsen commented on CAMEL-12262:
-

See the top of the page, the old wiki pages are in process of being migrated 
and they will become out of sync.

> DEFAULT_CIPHER_SUITES_FILTER_EXCLUDE Incorrect
> --
>
> Key: CAMEL-12262
> URL: https://issues.apache.org/jira/browse/CAMEL-12262
> Project: Camel
>  Issue Type: Task
>  Components: documentation
>Reporter: Lyubomir
>Priority: Minor
>
> The [official 
> documentation|http://camel.apache.org/camel-configuration-utilities.html] 
> states the default cipher suites exclude filters are:
> {code:java}
> .*NULL.*
> .*anon.*
> .*DES.* Camel 2.15.4 =>Means 3DES **is** excluded
> .*EXPORT.* Camel 2.15.4
> {code}
> The default cipher suite exclude filter declared is:
> {code:java}
> /camel-core/src/main/java/org/apache/camel/util/jsse/BaseSSLContextParameters.java
> {code}
> {code:java}
> protected static final List DEFAULT_CIPHER_SUITES_FILTER_EXCLUDE =
> Collections.unmodifiableList(Arrays.asList(".*_NULL_.*", 
> ".*_anon_.*", ".*_EXPORT_.*", ".*_DES_.*"));
> {code}
> According to the documentation 3DES will be excluded by default. Based on the 
> code only DES will be excluded.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (CAMEL-12262) DEFAULT_CIPHER_SUITES_FILTER_EXCLUDE Incorrect

2018-02-13 Thread Lyubomir (JIRA) 

[ 
https://issues.apache.org/jira/browse/CAMEL-12262?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16362372#comment-16362372
 ] 

Lyubomir commented on CAMEL-12262:
--

[Documentation|http://camel.apache.org/camel-configuration-utilities.html] - 
Also added to the ticket Description.

> DEFAULT_CIPHER_SUITES_FILTER_EXCLUDE Incorrect
> --
>
> Key: CAMEL-12262
> URL: https://issues.apache.org/jira/browse/CAMEL-12262
> Project: Camel
>  Issue Type: Task
>  Components: documentation
>Reporter: Lyubomir
>Priority: Minor
>
> The [official 
> documentation|http://camel.apache.org/camel-configuration-utilities.html] 
> states the default cipher suites exclude filters are:
> {code:java}
> .*NULL.*
> .*anon.*
> .*DES.* Camel 2.15.4 =>Means 3DES **is** excluded
> .*EXPORT.* Camel 2.15.4
> {code}
> The default cipher suite exclude filter declared is:
> {code:java}
> /camel-core/src/main/java/org/apache/camel/util/jsse/BaseSSLContextParameters.java
> {code}
> {code:java}
> protected static final List DEFAULT_CIPHER_SUITES_FILTER_EXCLUDE =
> Collections.unmodifiableList(Arrays.asList(".*_NULL_.*", 
> ".*_anon_.*", ".*_EXPORT_.*", ".*_DES_.*"));
> {code}
> According to the documentation 3DES will be excluded by default. Based on the 
> code only DES will be excluded.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (CAMEL-12262) DEFAULT_CIPHER_SUITES_FILTER_EXCLUDE Incorrect

2018-02-13 Thread Claus Ibsen (JIRA) 

[ 
https://issues.apache.org/jira/browse/CAMEL-12262?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16362362#comment-16362362
 ] 

Claus Ibsen commented on CAMEL-12262:
-

Can you add the link to the documentation where its present

> DEFAULT_CIPHER_SUITES_FILTER_EXCLUDE Incorrect
> --
>
> Key: CAMEL-12262
> URL: https://issues.apache.org/jira/browse/CAMEL-12262
> Project: Camel
>  Issue Type: Task
>  Components: documentation
>Reporter: Lyubomir
>Priority: Minor
>
> The official documentations states the default cipher suites exclude filters 
> are:
> {code:java}
> .*NULL.*
> .*anon.*
> .*DES.* Camel 2.15.4 =>Means 3DES **is** excluded
> .*EXPORT.* Camel 2.15.4
> {code}
> The default cipher suite exclude filter declared is:
> {code:java}
> /camel-core/src/main/java/org/apache/camel/util/jsse/BaseSSLContextParameters.java
> {code}
> {code:java}
> protected static final List DEFAULT_CIPHER_SUITES_FILTER_EXCLUDE =
> Collections.unmodifiableList(Arrays.asList(".*_NULL_.*", 
> ".*_anon_.*", ".*_EXPORT_.*", ".*_DES_.*"));
> {code} 
> According to the documentation 3DES will be excluded by default. Based on the 
> code only DES will be excluded.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)