[x3d-public] Apache Santuario Java - XML security test sat

John Carlson yottzumm at gmail.com
Fri Dec 6 02:10:44 PST 2019

On Thu, Dec 5, 2019 at 5:25 PM <yottzumm at gmail.com> wrote:

> I would tend to use Gnu Privacy Guard (GPG)with JSON and have already
> implemented some simple test cases for X3D JSON (somewhere), however the
> information about GPG may be around 8 years old, and I don't know what
> they're doing with RSA in GPG.  I can ask a few of my security friends if
> someone becomes very interested in this.

After some putzing around with the code, I got x3dserve working locally.
Here is the source code:


Note that I no longer use a stylesheet to convert XML to JSON.  I use my
own serializer.  This was because I couldn't get java to work from node.js
code.   Well, I didn't want to install python 2.7 which node-gyp seems to
depend on.

But I think most aspects of encryption are covered.

Further work involved removing dependencies on Python 2.7 in X3DJSONLD.
Python 2 support ends at the end of the month!

Hopefully the node-gyp/java guys will get on the ball, and I won't have to
flip any other code.

This is a warning for all those that reinstall X3DJSONLD.  Keep your
environment the same until I can upgrade X3DJSONLD.

Also this puts more pressure on Saxonica to get a good free JavaScript
version in the browser.

Good luck if you use my code.  It's intended for private use, and not to be
put up on a server.

It appears that the default --gen-key with GPG uses RSA.  That is something
that should be looked at.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://web3d.org/pipermail/x3d-public_web3d.org/attachments/20191206/8560e7eb/attachment.html>

More information about the x3d-public mailing list