[ISN] REVIEW: "XML Security", Blake Dournaee

From: InfoSec News (isnat_private)
Date: Wed Dec 04 2002 - 00:52:20 PST

Next message: InfoSec News: "[ISN] Industry, govt. group issues security standards"

Previous message: InfoSec News: "[ISN] U.S. Government Fails to Make Security Grade"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Forwarded from: "Rob, grandpa of Ryan, Trevor, Devon & Hannah" <rsladeat_private>

BKXMLSCR.RVW   20021003

[Or you could let C4I.org get the credit from Amazon. - WK  :)
http://www.amazon.com/exec/obidos/ASIN/0072193999/c4iorg ]

"XML Security", Blake Dournaee, 2002, 0-07-219399-9, U$59.99
%A   Blake Dournaee
%C   300 Water Street, Whitby, Ontario   L1N 9B6
%D   2002
%G   0-07-219399-9
%I   McGraw-Hill Ryerson/Osborne
%O   U$59.99 800-565-5758 fax: 905-430-5020
%O  http://www.amazon.com/exec/obidos/ASIN/0072193999/robsladesinterne
%P   379 p.
%T   "XML Security"

Chapter one is an outline of the book.  The differences between
symmetric and asymmetric cryptography are given in chapter two, which
provides a good treatment of the basics, although there are odd
additions of extraneous details.  The XML primer, in chapter three,
follows the all-too-common practice of describing syntax rather than
function, but the explanation of document parts is useful.  The syntax
of XML digital signatures, and a brief mention of canonicalization,
makes up chapter four.  Part two of the introduction to signatures is
in chapter five, which concentrates on canonicalization, but does not
present this important concept clearly.  Chapter six provides some
examples, although neither the problems nor the solutions are defined
well.  The elements of XML encryption are listed in chapter seven. 
Chapter eight is a promotion for an RSA product.  The elements of the
XML key management specifications are given in chapter nine.

While the syntax of various XML operations is provided properly, the
book fails to provide the newcomer to the field with any understanding
of the uses or limitations of the XML security provisions.

copyright Robert M. Slade, 2002   BKXMLSCR.RVW   20021003

-- 
======================
rsladeat_private  rsladeat_private  sladeat_private p1at_private
Find book info victoria.tc.ca/techrev/ or sun.soci.niu.edu/~rslade/
Upcoming (ISC)^2 CISSP CBK review seminars (+1-888-333-4458):
    December 16, 2002   December 20, 2002   San Francisco, CA
    February 10, 2003   February 14, 2003   St. Louis, MO
    March 31, 2003      April 4, 2003       Indianapolis, IN



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomoat_private with 'unsubscribe isn'
in the BODY of the mail.

Next message: InfoSec News: "[ISN] Industry, govt. group issues security standards"
Previous message: InfoSec News: "[ISN] U.S. Government Fails to Make Security Grade"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Dec 04 2002 - 03:30:28 PST