• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Ron McLeod
  • Rob Spoor
  • Tim Cooke
  • Junilu Lacar
Sheriffs:
  • Henry Wong
  • Liutauras Vilda
  • Jeanne Boyarsky
Saloon Keepers:
  • Jesse Silverman
  • Tim Holloway
  • Stephan van Hulst
  • Tim Moores
  • Carey Brown
Bartenders:
  • Al Hobbs
  • Mikalai Zaikin
  • Piet Souris

Bulletproof SSL and TLS

 
Bartender
Posts: 962
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Author/s    : Ivan Ristić
Publisher   : Feisty Duck
Category    : Other
Review by : Vijitha Kumara
Rating        : 9 horseshoes

While the book covers lot of theoretical aspects about the SSL/TLS it also dedicates lot of space for practical scenarios where those are used. The book elaborates the entire Internet PKI ecosystem, the problems with CAs and what the real "trust" means.

It was very interesting to read how some of the major attacks carried out by researchers & hackers to prove the weaknesses in PKI, protocol implementations and security in general. It also explains the enhancements done to rectify those weaknesses at various levels of the protocols/technology stacks.

It goes on to discuss the issues in HTTP and browser implementations and how major platforms had failed in different security validations specially with regards to certificates.

Book gives some very good recommendations on how to implement SSL/TLS reliably and also includes how to test for known recent vulnerabilities like Heartbleed and the likes. It also discusses how some of the key technologies like CSP, HSTS, Pinning and how they enhance the security.

Last few chapters focus on configuring some known and widely used tech stacks. It demonstrate how configurations for SSL/TLS are done with Apache, Microsoft Windows(IIS), Nginx, Tomcat and also describes the TLS capabilities in Java platform.

The book mainly targets System Administrators, Developers and Managers but I feel it is a very good source of information for anyone interested in SSL/TLS and security in general.

---
Disclosure: I received a copy of this book from the publisher in exchange for writing this review on behalf of CodeRanch.

More info at Amazon.com
 
You showed up just in time for the waffles! And this tiny ad:
Building a Better World in your Backyard by Paul Wheaton and Shawn Klassen-Koop
https://coderanch.com/wiki/718759/books/Building-World-Backyard-Paul-Wheaton
reply
    Bookmark Topic Watch Topic
  • New Topic