Win a copy of Beginning Java 17 Fundamentals: Object-Oriented Programming in Java 17 this week in the Java in General forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Tim Cooke
  • Campbell Ritchie
  • Ron McLeod
  • Liutauras Vilda
  • Jeanne Boyarsky
Sheriffs:
  • Junilu Lacar
  • Rob Spoor
  • Paul Clapham
Saloon Keepers:
  • Tim Holloway
  • Tim Moores
  • Jesse Silverman
  • Stephan van Hulst
  • Carey Brown
Bartenders:
  • Al Hobbs
  • Piet Souris
  • Frits Walraven

Bulletproof SSL and TLS

 
Bartender
Posts: 962
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Author/s    : Ivan Ristić
Publisher   : Feisty Duck
Category    : Other
Review by : Vijitha Kumara
Rating        : 9 horseshoes

While the book covers lot of theoretical aspects about the SSL/TLS it also dedicates lot of space for practical scenarios where those are used. The book elaborates the entire Internet PKI ecosystem, the problems with CAs and what the real "trust" means.

It was very interesting to read how some of the major attacks carried out by researchers & hackers to prove the weaknesses in PKI, protocol implementations and security in general. It also explains the enhancements done to rectify those weaknesses at various levels of the protocols/technology stacks.

It goes on to discuss the issues in HTTP and browser implementations and how major platforms had failed in different security validations specially with regards to certificates.

Book gives some very good recommendations on how to implement SSL/TLS reliably and also includes how to test for known recent vulnerabilities like Heartbleed and the likes. It also discusses how some of the key technologies like CSP, HSTS, Pinning and how they enhance the security.

Last few chapters focus on configuring some known and widely used tech stacks. It demonstrate how configurations for SSL/TLS are done with Apache, Microsoft Windows(IIS), Nginx, Tomcat and also describes the TLS capabilities in Java platform.

The book mainly targets System Administrators, Developers and Managers but I feel it is a very good source of information for anyone interested in SSL/TLS and security in general.

---
Disclosure: I received a copy of this book from the publisher in exchange for writing this review on behalf of CodeRanch.

More info at Amazon.com
 
With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime.
reply
    Bookmark Topic Watch Topic
  • New Topic