[
https://issues.apache.org/jira/browse/CAMEL-8084?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Franz Forsthofer updated CAMEL-8084:
------------------------------------
Attachment: 0001-pgp-file-name-for-Literal-Packet.patch
> PGP Data Format: file name parameter
> ------------------------------------
>
> Key: CAMEL-8084
> URL: https://issues.apache.org/jira/browse/CAMEL-8084
> Project: Camel
> Issue Type: Improvement
> Components: camel-crypto
> Reporter: Franz Forsthofer
> Fix For: 2.15.0
>
> Attachments: 0001-pgp-file-name-for-Literal-Packet.patch
>
>
> Currently, the PGP Data Format marshaler sets the file name of the PGP
> Literal Packet to "_CONSOLE" by default; and you can overwrite the file name
> via the header "CamelFileName".
> The attached patch introduces the parameter "fileName" so that you can set
> the file name during configuration time. The default value is still
> "_CONSOLE". Now it is also possible to use an empty string as file name,
> which was not possible before. We should allow an empty string value because
> the Open PGP specification (https://tools.ietf.org/html/rfc4880) explicitly
> mentions that the file name "may be a zero-length string" (see chapter "5.9.
> Literal Data Packet (Tag 11)".
> The spec says about the "_CONSOLE" value: "_CONSOLE" is used to indicate that
> " the message is considered to be 'for your eyes only'. This advises that
> the message data is unusually sensitive, and the receiving program should
> process it more carefully, perhaps avoiding storing the received data to
> disk, for example." There are some PGP programs available which will break of
> the processing of PGP messages which contain the value "_CONSOLE" as file
> name. In order to avoid such kind of "break-ofs", it makes sense to allow the
> configuration of the file name via a parameter so that you must not use a
> header.
> Regards Franz
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
