This completely revised and expanded second edition of SSL and TLS: Theory and Practice provides an overview and a comprehensive discussion of the Secure Sockets Layer (SSL), Transport Layer Security (TLS), and Datagram TLS (DTLS) protocols that are omnipresent in today's e-commerce and e-business applications and respective security solutions. It provides complete details on the theory and practice of the protocols, offering readers a solid understanding of their design principles and modes of operation. Updates to this edition include coverage of the recent attacks against the protocols, newly specified extensions and firewall traversal, as well as recent developments related to public key certificates and respective infrastructures. This book targets software developers, security professionals, consultants, protocol designers, and chief security officers who will gain insight and perspective on the many details of the SSL, TLS, and DTLS protocols, such as cipher suites, certificate management, and alert messages. The book also comprehensively discusses the advantages and disadvantages of the protocols compared to other Internet security protocols and provides the details necessary to correctly implement the protocols while saving time on the security practitioner's side.
SSL Protocol; TLS Protocol; DTLS Protocol; Firewall Traversal; Public Key Certificates and Internet PKI; Concluding Remarks; Registered TLS Cipher Suites; Padding Oracle Attacks; Abbreviations and Acronyms.
-
Rolf Oppliger
Rolf Oppliger leads eSECURITY Technologies, works for the Swiss federal administration, serves as an adjunct professor of computer science at the University of Z¸rich, Switzerland, and is the Information Security and Privacy editor at Artech House. He earned his Ph.D. in computer science from the University of Berne, Switzerland.