18 used & new from $55.88

Have one to sell? Sell yours here

Tell the Publisher! I�d like to read this book on Kindle Don�t have a Kindle? Get your Kindle here.

SSL & TLS Essentials: Securing the Web [ILLUSTRATED] (Paperback)

~ (Author) "Today alone, Dell Computer will sell more than $18 million worth of computer equipment through the Internet..." (more)
Key Phrases: premaster secret, negotiated cipher suite, rollback attack, Secure Sockets Layer, Server Gated Cryptography, Step Action (more...)

4.4 out of 5 stars See all reviews (7 customer reviews)

Available from these sellers.

2 new from $191.32 16 used from $55.88

Customers Who Bought This Item Also Bought

Network Security with OpenSSL

by John Viega

4.3 out of 5 stars (12) $26.37

SSL and TLS: Designing and Building Secure Systems

by Eric Rescorla

4.5 out of 5 stars (22) $38.99

Applied Cryptography: Protocols, Algorithms, and Source Code in C, Second Edition

by Bruce Schneier

4.6 out of 5 stars (102) $29.80

Understanding PKI: Concepts, Standards, and Deployment Considerations (2nd Edition)

by Carlisle Adams

4.2 out of 5 stars (14) $43.86

iPhone Cool Projects

by Gary Bennett

4.4 out of 5 stars (11) $26.39

› Explore similar items

Editorial Reviews

Product Description

"Great writing . . . a clear introduction to the most widely deployed security technology in the Internet."-Paul Lambert, former co-chair of IETF IPSEC working group

The Secure Sockets Layer (SSL) and Transport Layer Security(TLS) protocols form the foundation for e-commerce security on the World Wide Web, verifying the authenticity of Web sites, encrypting the transfer of sensitive data, and ensuring the integrity of information exchanged. Now-for the first time the details of these critical security protocols are available in a complete, clear, and concise reference. SSL and TLS Essentials provides complete documentation of the SSL and TLS protocols, including advanced and proprietary extensions never before published. The book thoroughly covers the protocols in operation, including the contents of their messages, message formats, and the cryptographic calculations used to construct them. The text also includes an introduction to cryptography and an explanation of X.509 public key certificates. Stephen Thomas, author of IPng and the TCP/IP Protocols, presents this complex material in a clear and reader-friendly manner. The book includes more than 80 figures and illustrations to supplement its text, and it describes SSL in the context of real-world, practical applications. Readers will immediately understand not only the academic principles behind he security protocols, but how those principles apply to their own network security challenges.

The book includes:
* Full details of Netscape's SSL and the IETF's TLS protocols, with differences between the two clearl highlighted and explained
* A concise tutorial in cryptography
* Complete coverage of Netscape's International Step-Up and Microsoft's Server Gated Cryptography implementations
* A description of X.509 public key certificates
* Details on implementing backwards compatibility among previous versions of SSL and TLS
* A thorough security checklist with explanations of all known attacks on SSL implementations, along with appropriate countermeasures.

From the Back Cover

"Great writing . . . a clear introduction to the most widely deployed security technology in the Internet."—Paul Lambert, former co-chair of IETF IPSEC working group

The Secure Sockets Layer (SSL) and Transport Layer Security(TLS) protocols form the foundation for e-commerce security on the World Wide Web, verifying the authenticity of Web sites, encrypting the transfer of sensitive data, and ensuring the integrity of information exchanged. Now—for the first time the details of these critical security protocols are available in a complete, clear, and concise reference. SSL and TLS Essentials provides complete documentation of the SSL and TLS protocols, including advanced and proprietary extensions never before published. The book thoroughly covers the protocols in operation, including the contents of their messages, message formats, and the cryptographic calculations used to construct them. The text also includes an introduction to cryptography and an explanation of X.509 public key certificates. Stephen Thomas, author of IPng and the TCP/IP Protocols, presents this complex material in a clear and reader-friendly manner. The book includes more than 80 figures and illustrations to supplement its text, and it describes SSL in the context of real-world, practical applications. Readers will immediately understand not only the academic principles behind he security protocols, but how those principles apply to their own network security challenges.

The book includes:

Full details of Netscapes SSL and the IETFs TLS protocols, with differences between the two clearl highlighted and explained
A concise tutorial in cryptography
Complete coverage of Netscapes International Step-Up and Microsofts Server Gated Cryptography implementations
A description of X.509 public key certificates
Details on implementing backwards compatibility among previous versions of SSL and TLS
A thorough security checklist with explanations of all known attacks on SSL implementations, along with appropriate countermeasures.

See all Editorial Reviews

Product Details

Paperback: 224 pages
Publisher: Wiley (February 11, 2000)
Language: English
ISBN-10: 0471383546
ISBN-13: 978-0471383543
Product Dimensions: 9.1 x 7.4 x 0.5 inches
Shipping Weight: 13.9 ounces

Average Customer Review: 4.4 out of 5 stars See all reviews (7 customer reviews)

Amazon.com Sales Rank: #947,555 in Books (See Bestsellers in Books)

Would you like to update product info or give feedback on images?

More About the Author

Discover books, learn about writers, read author blogs, and more.

› Visit Amazon's Stephen A. Thomas Page

Inside This Book (learn more)

First Sentence:
Today alone, Dell Computer will sell more than $18 million worth of computer equipment through the Internet. Read the first page

Key Phrases - Statistically Improbable Phrases (SIPs): (learn more)
premaster secret, negotiated cipher suite, rollback attack, session key information, usa algorithm, pseudorandom output, handshake message, cipher suites, object identifier value, universal tag, handshake negotiation, issuer field, public key information, record layer, cryptographic calculations, activated options, key exchange algorithm, sending party, cryptographic parameters, private key corresponding, distinguished encoding rules, algorithm identifier, negotiated options, certificate hierarchies, message authentication code

Key Phrases - Capitalized Phrases (CAPs): (learn more)
Secure Sockets Layer, Server Gated Cryptography, Step Action, Client Server, Internet Explorer, Transport Layer Security, United States, Alice Bob Figure, Value Name, Basic Cryptography, Length Type, Netscape Navigator, Value Cipher Suite, Message Digest, Netscape Communications

New!
Books on Related Topics | Concordance | Text Stats

Citations (learn more)

This book cites 2 books:

Numerical Recipes: The Art of Scientific Computing by William H. Press in Back Matter
Computer-Related Risks by Peter G. Neumann on page 4

Books on Related Topics (learn more)

Microsoft Windows Server by Brian Komar

Discusses:

Security+ Certification All-in-One Exam Guide by Gregory White

Discusses:

Communication Networks by Alberto Leon-Garcia

Discusses:

Computer Security by Dieter Gollmann

Discusses:

What Do Customers Ultimately Buy After Viewing This Item?

	41% buy SSL and TLS: Designing and Building Secure Systems 4.5 out of 5 stars (22) $38.99
	30% buy the item featured on this page: SSL & TLS Essentials: Securing the Web 4.4 out of 5 stars (7)
	16% buy Network Security with OpenSSL 4.3 out of 5 stars (12) $26.37
	8% buy Secure Programming Cookbook for C and C++ 4.6 out of 5 stars (12) $65.26

Explore similar items

Suggested Tags from Similar Products

(What's this?)

Be the first one to add a relevant tag (keyword that's strongly related to this product).

cryptography(38)

security(25)

computer security(20)

algorithms(17)

network security(11)

mathematics(10)

networking(9)

programming(9)

linux(9)

schneier(8)

bruce schneier(5)

Sell a Digital Version of This Book in the Kindle Store

If you are a publisher or author and hold the digital rights to a book, you can sell a digital version of it in our Kindle Store. Learn more

Customer Reviews

7 Reviews

5 star:		(4)
4 star:		(2)
3 star:		(1)
2 star:		(0)
1 star:		(0)

Average Customer Review

4.4 out of 5 stars (7 customer reviews)

Share your thoughts with other customers:

Create your own review

Most Helpful Customer Reviews

25 of 26 people found the following review helpful:

4.0 out of 5 stars Good programmers SSL/TLS reference, October 30, 2000

By	Ben Rothke "Author of 'Computer Security: 20 ... (USA) - See all my reviews (TOP 1000 REVIEWER) (REAL NAME)

Anyone who has ordered a book from Amazon.com or made a stock trade via an online broker has used SSL, or Secure Socket Layer. SSL, created by Netscape for managing the security of transmissions on the Internet, is a method of encrypting sensitive data. The "socket" part of the term refers to the sockets network transmission method of passing data back and forth between a client and a server program on a network. SSL is ubiquitous; it is an essential part of every browser shipped today.

SSL and TLS (Transport Layer Security) are essentially the same protocol. While SSL was originally designed by Netscape, the company has since offered SSL as a proposed standard protocol to the World Wide Web Consortium and the Internet Engineering Task Force, and it has since been renamed TLS.

SSL and TLS Essentials provides a thorough look into the inner workings of SSL. The book assumes a basic understanding of cryptography and gets right into the nitty-gritty of SSL functionality. The book is designed for those who need an in-depth and comprehensive look at the inner workings and mechanics of SSL, such as system administrators of e-commerce systems or SSL programmers.

This review of mine originally appears at http://www.securitymanagement.com/library/000934.html

Comment Comment | Permalink | Was this review helpful to you? Yes No (Report this)

18 of 19 people found the following review helpful:

5.0 out of 5 stars Good book on SSL, May 16, 2000

By A Customer

I thought this book gives a very good intro to SSL as well as getting in depth. It's organized in four parts the first being a high level overview. Each part gets more in depth until the fourth part where you actually see some of the bytes being sent across the wire. This is the only book on SSL that I've been able to find. It does not go in depth on the cryptography side, but if you need to know how the protocol works, it's a great reference. I've been working with SSL libraries for over a year and this book offered a great explanation. I've recommended it to coworkers as an intro to the technology and they've come up to speed very quickly.

Comment Comment | Permalink | Was this review helpful to you? Yes No (Report this)

21 of 23 people found the following review helpful:

3.0 out of 5 stars Good overview, no samples, little HTTP detail, poor dev supp, July 19, 2000

By	Jonathan M. Davis (Scottsdale, AZ USA) - See all my reviews (REAL NAME)

Amazon Verified Purchase(What's this?)

I got this book to enable SSL support for a custom built web server and web proxy. There are no SSL conversation samples in this book, although conversations are documented and the details are described. There is also very little help for HTTP-specific scenarios (everyone knows HTTP is the biggest user of SSL), especially HTTP proxy servers, documenting any gotchas and how-tos. I'm having a heck of a time getting my proxy server written in Java to facilitate communications between the web server and the web client--one is sending an unexpected EOF and killing the conversation, and I don't know why. The client handshakes and recieves a certificate, but fails to reconnect and handshake again while using the newly recieved certificate. This book doesn't help me in this matter at all. If it's documented in here, it's buried in too much text, blabbering, and descriptions, and is not properly indexed or diagramed, etc. I've spent days trying to get past this road block, and this book was my last hope, but unfortunately didn't provide much hope at all.

This book would be best accompanied with a code samples guide.

Comment Comment | Permalink | Was this review helpful to you? Yes No (Report this)

Share your thoughts with other customers: Create your own review

› See all 7 customer reviews...

Most Recent Customer Reviews

5.0 out of 5 stars Great book for anyone who want to Use SSL & TLS
I'm new in Network programming and I'm very interested in
Internet programming so, i wanted to start with some internet protocols like HTTP <I have got this one too... Read more

Published on September 7, 2001 by M. Soliman

5.0 out of 5 stars Excellent book for fundamentals of SSL
It has been an eye-opener for me in understanding the concepts of SSL. A must read book for people to get a head start with SSL.

Published on January 21, 2001 by Ravikanth Ponnapalli

4.0 out of 5 stars Probably the best book on SSL
A fantastic book on SSL/TLS. Enlightened me with lots of information which I searched for on web but couldn't find.

By the way, there is some mistake in the book. Read more

Published on January 6, 2001 by Mohammed Sadiq

5.0 out of 5 stars Excellent book on SSL
This is currently the only book available on the subject, and fortunately it may the only one you will need ! Read more

Published on July 9, 2000 by David Clunie

› See all 7 customer reviews...

.jsOffDisplayBlock { display: block; } .jsOffDisplayInline { display: inline; } .jsOffVisibility { visibility: visible; } .jsOnDisplayBlock { display: none; } .jsOnDisplayNoneBlock { display: block; } .jsOnDisplayNoneInline { display: inline; } .jsOnDisplayInline { display: none; } .jsOnVisibility { visibility: hidden; } .jqOnDisplayBlock { display: none; } .jqOnDisplayInline { display: none; } .jqOnVisibility { visibility: hidden; } .jqOnDisplayNoneBlock { display: block; } .jqOnDisplayNoneInline { display: inline; }