This portal is to open public enhancement requests for IBM Sterling products and services. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).
Shape the future of IBM!
We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:
Search existing ideas
Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updateson them if they matter to you. If you can't find what you are looking for,
Post your ideas
Post an idea.
Get feedback from the IBM team and other customers to refine your idea.
Follow the idea through the IBM Ideas process.
Specific links you will want to bookmark for future use
PGP UnPackage service to identify if the file was encrypted or signed only
When a signed file is process in Filegateway and with PGP preference set (decryption,sign verification On )PGP UnPackage service does not provide error to state that the file was only signed and not able to decrypt. The PGP UnPackage service completes successfully .
A PMR was raised for the issue -PMR 87033,019,866 which had provided the below outcome
"PGP Package service does below 1. PGP Encryption 2. PGP Signing 3. PGP Encryption & Signing
PGP Unpackage service does below 1. Decryption
Only singing of a document / file for authentication purpose is not supported by the PGP Unpackage service, PGP Unpackage does only decryption of the file on providing a valid encrypted file as Input. Signing the document is a separate action in PGP Unpackage service and it does not support when used for authentication purpose. It should be used along with encryption service if decryption is used as further action.
So here signing will not show error and does sign a document and will not do anything further action on it. So next action w.r.t decryption will definitely fail because underlying document is not encrypted.
So when customer is specifically using it for PGP decryption , you should use encrypt+sign and not just signing action .
What is your industry?
How will this idea be used?
Currently the PGP UnPackage service works in combination -decryption and sign verification , but does not provide any error when used only for sign verification even when the PGP preference is set for both decryption and sign verification.So if the enhancement is done PGP unpackage service can be used for sign verification alone also
Do not place IBM confidential, company confidential, or personal information into any field.