Review: Network Security with OpenSSL
Reviewed by: Andrew Wong
Network Security with OpenSSL Authors: John Viega, Matt Messier & Pravir Chandra
Network Security with OpenSSL is an excellent reference manual. The initial sections of the book are concerned with explaining and justifying the need for secure communications along with the limitation of SSL. The authors briefly tour the reader through different technologies used in SSL: Message Digests, Symmetric Ciphers, Public Key Cryptography, S/MIME and passphrases. The book will serve as a good reader to those unfamiliar with cryptography as a whole, as it is an excellent reader on the topic of public key cryptography.
The book is divided into nine sections, ranging from how to create a certification authority to programming SSL usage in C. The authors make a point of reviewing and explaining the command line parameters as well as useful mathematical libraries included with the SSL package. The authors have gone out of their way to provide examples that can serve as an easy reference to a programmer so that they can flip to and quickly find an implementation that is useful. The examples that do exist are good, however the books emphasis is on command lines and C. Perl and PHP are mentioned no examples are used, which is a weakness. Examples on setting a PHP website to communicate with a Apache server would make the book worth it’s weight in gold, as any web administrator or hobbyist would then follow the book to setup a secure website, as far as communication between the user and the server is concerned. As previously stated this book is an excellent to have as a reference, it explains how and why these techniques are used and also has a nice tangent about using the math library.
Excellent book, I’d recommend it to anyone dealing with Network Security. I'd give this book 4/5 Baltzers:
attachment:baltzerHead.png attachment:baltzerHead.png attachment:baltzerHead.png attachment:baltzerHead.png
Network Security with OpenSSL is available from O'Reilly Media Inc. for $61.95 CA. A [http://www.oreilly.com/catalog/openssl/chapter/ch01.pdf sample chapter] can be viewed on the the O'Reilly website.