[ISN] Book Review: "Web Security", Rohit Khare

From: mea culpa (jerichot_private)
Date: Thu Jul 23 1998 - 23:38:58 PDT

Next message: mea culpa: "[ISN] Book Review: "Web Security and Commerce", Simson Garfinkel/Gene Spaff"

Previous message: mea culpa: "[ISN] Book Review: "Java Security", Scott Oaks"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: "Rob Slade" <rsladet_private>

BKW3JI23.RVW   980411

"Web Security", Rohit Khare, 1997, 1-56592-329-4 ISSN 1085-2301,
U$29.95/C$42.95
%E   Rohit Khare editort_private
%C   103 Morris Street, Suite A, Sebastopol, CA   95472
%D   1997
%G   1-56592-329-4 ISSN 1085-2301
%I   O'Reilly & Associates, Inc.
%O   U$29.95/C$42.95 800-998-9938 fax: 707-829-0104 nutst_private
%P   272 p.
%S   World Wide Web Journal
%T   "Web Security: A Matter of Trust"

Many issues of the World Wide Web Journal coincide with major
specification announcements: Web standards that have been in process,
and anticipated, for some time determine the topic.  That does not
seem to be the case with this issue, although the first report covers
the use of PICS (Platform for Internet Content Selection) 1.1 labels
for DSig 1.0 signature labels, the second gives more detail on DSig,
and the third reports on the Joint Electronic Payment Initiative
(JEPI).

Still, the "technical" papers in this issue seem to have a decidedly
philosophical bent.  This emphasis is not necessarily a bad thing,
since it serves to redirect attention from the minutiae of Web server
"hole patching" and towards a more fundamental question, that of
trust.  An interesting reversal of perspective occurs when you turn
from the concept of a closed and opaque system to one where
everything, including identity, is transparent.

Topics included in the papers include a cryptography primer, the
REFEREE system for trust management, SSL (Secure Sockets Layer) and
the free SSLeay implementation, security for the DNS (Domain Name
System), name server security in BIND, security in CGI (Common Gateway
Interface) and API (Application Programmer Interface) programming,
secure electronic business with E2S (End-to-End Security), concerns
and benefits with medical record availability, digital signature
legislation and regulation, and the risks and government promotion of
key escrow and recovery.

copyright Robert M. Slade, 1998   BKW3JI23.RVW   980411

-o-
Subscribe: mail majordomot_private with "subscribe isn".
Today's ISN Sponsor: New Dimensions International [www.newdimensions.net]

Next message: mea culpa: "[ISN] Book Review: "Web Security and Commerce", Simson Garfinkel/Gene Spaff"
Previous message: mea culpa: "[ISN] Book Review: "Java Security", Scott Oaks"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 12:59:38 PDT