• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
  • Campbell Ritchie
  • Ron McLeod
  • Liutauras Vilda
  • Paul Clapham
  • paul wheaton
  • Tim Cooke
  • Devaka Cooray
  • Rob Spoor
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Tim Moores
  • Carey Brown
  • Mikalai Zaikin

Bulletproof SSL and TLS

Posts: 962
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Author/s    : Ivan Ristić
Publisher   : Feisty Duck
Category    : Other
Review by : Vijitha Kumara
Rating        : 9 horseshoes

While the book covers lot of theoretical aspects about the SSL/TLS it also dedicates lot of space for practical scenarios where those are used. The book elaborates the entire Internet PKI ecosystem, the problems with CAs and what the real "trust" means.

It was very interesting to read how some of the major attacks carried out by researchers & hackers to prove the weaknesses in PKI, protocol implementations and security in general. It also explains the enhancements done to rectify those weaknesses at various levels of the protocols/technology stacks.

It goes on to discuss the issues in HTTP and browser implementations and how major platforms had failed in different security validations specially with regards to certificates.

Book gives some very good recommendations on how to implement SSL/TLS reliably and also includes how to test for known recent vulnerabilities like Heartbleed and the likes. It also discusses how some of the key technologies like CSP, HSTS, Pinning and how they enhance the security.

Last few chapters focus on configuring some known and widely used tech stacks. It demonstrate how configurations for SSL/TLS are done with Apache, Microsoft Windows(IIS), Nginx, Tomcat and also describes the TLS capabilities in Java platform.

The book mainly targets System Administrators, Developers and Managers but I feel it is a very good source of information for anyone interested in SSL/TLS and security in general.

Disclosure: I received a copy of this book from the publisher in exchange for writing this review on behalf of CodeRanch.

More info at Amazon.com
Slideshow boring ... losing consciousness ... just gonna take a quick nap on this tiny ad ...
a bit of art, as a gift, the permaculture playing cards
    Bookmark Topic Watch Topic
  • New Topic