[ISN] REVIEW: "XML Security", Blake Dournaee

From: InfoSec News (isnat_private)
Date: Wed Dec 04 2002 - 00:52:20 PST

  • Next message: InfoSec News: "[ISN] Industry, govt. group issues security standards"

    Forwarded from: "Rob, grandpa of Ryan, Trevor, Devon & Hannah" <rsladeat_private>
    BKXMLSCR.RVW   20021003
    [Or you could let C4I.org get the credit from Amazon. - WK  :)
    http://www.amazon.com/exec/obidos/ASIN/0072193999/c4iorg ]
    "XML Security", Blake Dournaee, 2002, 0-07-219399-9, U$59.99
    %A   Blake Dournaee
    %C   300 Water Street, Whitby, Ontario   L1N 9B6
    %D   2002
    %G   0-07-219399-9
    %I   McGraw-Hill Ryerson/Osborne
    %O   U$59.99 800-565-5758 fax: 905-430-5020
    %O  http://www.amazon.com/exec/obidos/ASIN/0072193999/robsladesinterne
    %P   379 p.
    %T   "XML Security"
    Chapter one is an outline of the book.  The differences between
    symmetric and asymmetric cryptography are given in chapter two, which
    provides a good treatment of the basics, although there are odd
    additions of extraneous details.  The XML primer, in chapter three,
    follows the all-too-common practice of describing syntax rather than
    function, but the explanation of document parts is useful.  The syntax
    of XML digital signatures, and a brief mention of canonicalization,
    makes up chapter four.  Part two of the introduction to signatures is
    in chapter five, which concentrates on canonicalization, but does not
    present this important concept clearly.  Chapter six provides some
    examples, although neither the problems nor the solutions are defined
    well.  The elements of XML encryption are listed in chapter seven. 
    Chapter eight is a promotion for an RSA product.  The elements of the
    XML key management specifications are given in chapter nine.
    While the syntax of various XML operations is provided properly, the
    book fails to provide the newcomer to the field with any understanding
    of the uses or limitations of the XML security provisions.
    copyright Robert M. Slade, 2002   BKXMLSCR.RVW   20021003
    rsladeat_private  rsladeat_private  sladeat_private p1at_private
    Find book info victoria.tc.ca/techrev/ or sun.soci.niu.edu/~rslade/
    Upcoming (ISC)^2 CISSP CBK review seminars (+1-888-333-4458):
        December 16, 2002   December 20, 2002   San Francisco, CA
        February 10, 2003   February 14, 2003   St. Louis, MO
        March 31, 2003      April 4, 2003       Indianapolis, IN
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.

    This archive was generated by hypermail 2b30 : Wed Dec 04 2002 - 03:30:28 PST