[
https://issues.apache.org/jira/browse/NUTCH-621?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12603898#action_12603898
]
Grant Ingersoll commented on NUTCH-621:
---------------------------------------
My understanding is (and I haven't looked at the code) that Nutch has/had the
following lines of code somewhere in it:
if (pdf.isEncrypted()) {
DocumentEncryption decryptor = new DocumentEncryption(pdf);
//Just try using the default password and move on
decryptor.decryptDocument("");
}
We discussed this at the PMC level a while back and felt that this,
unfortunately, was enough to qualify Nutch as having crypto capabilities at
some point in time since it explicitly refers to PDFBox's API for decrypting.
Note, also, that it doesn't matter whether it is removed going forward, the
code is "out there" already, as I understand it.
I can't speak to Jackrabbit's assessment.
> Nutch needs to declare it's crypto usage
> ----------------------------------------
>
> Key: NUTCH-621
> URL: https://issues.apache.org/jira/browse/NUTCH-621
> Project: Nutch
> Issue Type: Task
> Reporter: Grant Ingersoll
> Assignee: Chris A. Mattmann
> Priority: Blocker
>
> Per the ASF board direction outlined at
> http://www.apache.org/dev/crypto.html, Nutch needs to declare it's use of
> crypto libraries (i.e. BouncyCastle, via PDFBox/Tika).
> See TIKA-118.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
