Franz Forsthofer created CAMEL-7002:
---------------------------------------
Summary: PGPDataFormat: restrict verifying public keys
Key: CAMEL-7002
URL: https://issues.apache.org/jira/browse/CAMEL-7002
Project: Camel
Issue Type: Improvement
Components: camel-crypto
Reporter: Franz Forsthofer
Fix For: 2.12.3, 2.13.0
During the signature verification with PGPDataFormat currently all public keys
contained in the public keyring are taken into account. So the current semantic
is: Verify the signature against all public keys in the keyring. IF you have a
keyring with lot of public keys you will not want that every identity
represented by the public keys can sent to you a signature. Normally you want
to know from which identity the signature comes. Therefore I have introduced
the possibility to restrict the verifying publikc keys; I have introduced the
parameter signatureKeyUserids where you specify the Userids the publc keys must
have in order to be allowed to verify a signature.
--
This message was sent by Atlassian JIRA
(v6.1#6144)