Đang tải... (xem toàn văn)
Đây là bộ sách tiếng anh cho dân công nghệ thông tin chuyên về bảo mật,lập trình.Thích hợp cho những ai đam mê về công nghệ thông tin,tìm hiểu về bảo mật và lập trình.
[...]... OpenSSL Installing TCPDump Installing TCPDump on a Windows System Installing TCPDump on a Linux System Installing OpenSSL Installing OpenSSL on a Windows System Installing OpenSSL on a Linux system Appendix C Understanding the Pitfalls of SSLv2 Implementing the SSL Handshake SSL Client Hello SSL Server Hello SSL Client Master Key SSL Client Finished SSL Server Verify SSL Server Finished SSL send SSL. .. 364 365 368 369 370 372 373 374 377 Differences Between SSL 3.0 and TLS 1.0 Differences Between TLS 1.0 and TLS 1.1 Chapter 7 378 379 Adding Server-Side TLS 1.0 Support Implementing the TLS 1.0 Handshake from the Server’s Perspective 381 TLS Client Hello TLS Server Hello TLS Certificate TLS Server Hello Done TLS Client Key Exchange RSA Key Exchange and Private Key Location Supporting Encrypted Private... about SSL/ TLS, the first half of the book just sets the stage for SSL/ TLS by presenting all of the protocols and standards they rely on If you’re just looking for a description of TLS, and have a reasonable understanding of cryptography and PKI in general, you should be able to safely skip ahead to Chapter 6 and start there with the overview of TLS itself However, at some point, you should jump back and. .. (Client Perspective) Adding TLS Support to the HTTP Client Understanding the TLS Handshake Procedure TLS Client Hello Tracking the Handshake State in the TLSParameters Structure Describing Cipher Suites Flattening and Sending the Client Hello Structure TLS Server Hello Adding a Receive Loop Sending Alerts Parsing the Server Hello Structure Reporting Server Alerts TLS Certificate TLS Server Hello Done ftoc.indd... compliance, and the use of disk, tape, and cloud for recovery and backup strategies David has written several articles and blogs over the years In addition, he is the co-author of Implementing Backup and Recovery, the Technical Editor of Cloud Security, Security 2020, and Web Commerce Security Design and Development with Wiley and Sons, and is recognized worldwide as an authority on the subject of backup and. .. Afterward, it moves on to a detailed examination of cryptographic concepts and finally applies them to SSL/ TLS, the current standard for Internet security You examine what SSL/ TLS does, what it doesn’t do, and how it does it After completing this book, you’ll know exactly how and where SSL fits into an overall security strategy and you’ll know what steps yet need to be taken, if any, to achieve additional... Support to Your TLS Library,” implements the latest version of the TLS protocol, 1.2, on top of the TLS 1.0 implementation that Chapters 6–8 developed Here you see elliptic curve cryptography put to use Additionally, AEAD-mode ciphers are examined, since TLS 1.2 is the first version of TLS to permit this mode Chapter 10, “Other Applications of SSL, ” takes a look at the non-HTTP uses that SSL/ TLS has been... Certificate Parsing ECDHE Support in TLS ECC Client Hello Extensions The Current State of TLS 1.2 Chapter 10 Other Applications of SSL Adding the NTTPS Extension to the NTTP Algorithm Implementing “Multi-hop” SMTP over TLS and Protecting Email Content with S/MIME Understanding the Email Model The SSL/ TLS Design and Email Multipurpose Internet Mail Extensions (MIME) Protecting Email from Eavesdroppers... Protocol: Client-Side TLS 297 Chapter 7 Adding Server-Side TLS 1.0 Support 381 Chapter 8 Advanced SSL Topics 415 Chapter 9 Adding TLS 1.2 Support to Your TLS Library 479 Chapter 10 Other Applications of SSL 543 Appendix A Binary Representation of Integers: A Primer 567 Appendix B Installing TCPDump and OpenSSL 573 Appendix C Understanding the Pitfalls of SSLv2 579 Index 629 xvii ffirs.indd xvii 12/24/2010... Handle Certificate Signing Requests (CSRs) Correlating Public and Private Keys Using PKCS #12 Formatting Blacklisting Compromised Certificates Using Certificate Revocation Lists (CRLs) Keeping Certificate Blacklists Up-to-Date with the Online Certificate Status Protocol (OCSP) Other Problems with Certificates Chapter 6 A Usable, Secure Communications Protocol: Client-Side TLS Implementing the TLS 1.0 Handshake . 12:41:17 PM Implementing SSL/ TLS Using Cryptography and PKI Joshua Davies ffirs.indd iiiffirs.indd iii 12/24/2010 12:41:17 PM12/24/2010 12:41:17 PM Implementing. iiffirs.indd ii 12/24/2010 12:41:17 PM12/24/2010 12:41:17 PM Implementing SSL/ TLS Using Cryptography and PKI ffirs.indd iffirs.indd i 12/24/2010 12:41:17 PM12/24/2010