SSL and TLS: Building and Designing Secure Systems

SSL is Secure Sockets Layer, the most common security protocol used in networks around the world. TLS is Transport Layer Security, its more modern counterpart. Although its primary use is securing Web traffic, SSL (along with TLS) is suitable for and widely used to secure other services, including LDAP (directory access) and e-mail. Securing all this traffic has highlighted sophisticated security problems and their solutions, and so a thorough understanding of SSL and TLS is essential for the construction of secure systems.

SSL and TLS: Designing and Building Secure Systems offers clear and comprehensive descriptions of these security protocols and their implementation, and also provides "designs"--tried and true templates that suit various scenarios. Armed with this book, you can become well versed in the importance of SSL and TLS, be able to work with them to provide solutions, and furthermore identify an appropriate tested "design" that will solve the security problems of a proposed new network installation.

The book starts with an excellent summary of cryptography, and clarifies what the threat to security is. The next five chapters introduce and elucidate SSL itself, in detail but with great care to carry even the neophyte along, keeping comprehension high. Diagrams and examples are plentiful. The author provides information about how to obtain free tools, including his own helpful "ssldump" which significantly aids the person who wishes to learn how to use, interpret, program and plan implementation of this protocol.

Though SSL and TLS is aimed at the professional who expects to be in constant use of network equipment, this book can be used as a good introduction to security issues confronting computer users, even if you never plan to touch a coax cable. --Wilf Hey