- Paperback: 696 pages
- Publisher: Wiley; 1 edition (January 11, 2011)
- Language: English
- ISBN-10: 0470920416
- ISBN-13: 978-0470920411
- Product Dimensions: 7.3 x 1.5 x 9.2 inches
- Shipping Weight: 2.6 pounds (View shipping rates and policies)
- Average Customer Review: 20 customer reviews
- Amazon Best Sellers Rank: #459,043 in Books (See Top 100 in Books)
Enter your mobile number or email address below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.
To get the free app, enter your mobile phone number.
Implementing SSL / TLS Using Cryptography and PKI 1st Edition
Use the Amazon App to scan ISBNs and compare prices.
All Books, All the Time
Read author interviews, book reviews, editors picks, and more at the Amazon Book Review. Read it now
Frequently bought together
Customers who bought this item also bought
"This is a very informative book for both the experienced and beginner to get a grip on internet security using the SSL and TSL protocols. The index is very comprehensive and any term you are looking for is easy to find with page notations that are clear and understandable." - Jay Dan, CTO, ClickSSL
"If you prefer a good howto book, Implementing SSL / TLS Using Cryptography and PKI by Joshua Davies is one of the best books on the subject, and it's up to date." - Carla Schroder, author of "The Linux Cookbook"
From the Back Cover
Let's get down to a practical implementation of SSL and TLS
SSL/TLS is a standardized, widely implemented, peer-reviewed protocol for applying cryptographic primitives to arbitrary networked communications. It provides privacy, integrity, and a measure of authenticity to otherwise inherently untrustworthy network connections.
While most books detail the protocol, this one is intended to provide you with a nearly complete SSL/TLS library, developed incrementally using C code. Whether or not you have a working knowledgeof cryptography, you'll find this practical guide helps you understand the internals of these libraries so that, when it comes time to use one, you will have a firm understanding of what takes place at each stage.
Understand secure sockets and the HTTP protocol
Learn to protect against eavesdroppers with symmetric cryptography
Secure key exchanges over an insecure medium with public key cryptography and boost security with elliptic curve cryptography
Examine the use of digital signatures and X.509 certificates
Develop a usable, secure communications protocol with client-side TLS
Add server-side TLS 1.0 support
Use SSL in advanced situations, including safely reusing key material with sessionresumption and verifying identity with client authentication
Go to www.wiley.com/go/implementingssl to find code and other features related to this book
Top customer reviews
That OpenSSL book (Network Security with OpenSSL) doesn't work. It cannot even explain OpenSSL APIs well enough, not to mention SSL. I mean, that book tells you to call API foo() first and then bar() next. But it doesn't tell you why. Given so many complicated data structures and APIs involved, you'd be stuck immediately if you want to do something not covered in the book.
But this book shows you all the real world details about SSL, and how to implement an SSL library. The structure of those SSL APIs implemented is similar to OpenSSL. Concepts involved are the same. From this book, you can learn how those concepts and algorithms are pieced together. That's why you'll know how to use OpenSSL after reading this book.
I find the notes on some SSL history across the book are also very useful. These facts are hard to find, and usually not mentioned in formal documents. It helps you understand why SSL works like this today.
Salute to the author !
The book does a nice job of laying out each of the capabilities that TLS needs to do its job, explains terms, and gets into the details of how things work. Davies includes it all of the C code to implement TLS, so if the text is ever unclear you can refer to the code to understand exactly what he means. His writing is good enough that I rarely had to do this.
If you are interested in cryptographic theory, the math of why an encryption algorithm works the way it does, this is not the book for you. Otherwise, this is an excellent primer and reference on all the key concepts on TLS. I'm hopeful Davies will publish a revised edition when TLS 1.3 is finalized in the next year or two.
As well as examining the cryptographic protocols themselves, the author explains the background reasons and history behind their design. He isn't afraid to get into the complex details, but he always stays focused on what's important: designing and implementing SSL. When explaining elliptic curve cryptography, for example, he briefly summarizes the esoteric maths that underlie it - enough to wet your appetite, if you're interested in that kind of thing - but then concentrates on how to actually implement ECC in code.
The author's writing style is friendly, informal and very readable. Even the grammar is near-flawless.
The author provides clear, well-thought-out sample code for everything - right there in the book. No having to download code from a broken link!
Well researched and authoritative. I wish specifications were written this clearly.
Most recent customer reviews
Very well explained from fundamental concepts to the implementation.Read more