[13813] in cryptography@c2.net mail archive
Re: SSL
daemon@ATHENA.MIT.EDU (Ian Grigg)
Thu Jul 10 13:59:50 2003
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Thu, 10 Jul 2003 10:49:28 -0400
From: Ian Grigg <iang@systemics.com>
Reply-To: iang@systemics.com
To: Jill.Ramonsky@Aculab.com
Cc: cryptography@metzdowd.com
Jill.Ramonsky@Aculab.com wrote:
> Instead, I have a
> different question: Where can I learn about SSL?
Most people seem to think the RFC is unreadable,
so ...
> As in, could someone reccommend a good book, or online tutorial, or
> something, somewhere, that explains it all from pretty much first
> principles, and leaves you knowing enough at the end to be able to make
> sensible use of OpenSSL and similar? I don't want a "For Dummies" type book
> - as I said, I'm reasonably competent - but I would really like access to a
> helpful tutorial. I want to learn. So what's the best thing to go for?
I am reading Eric Rescorla's book at the moment,
and if you are serious about SSL, it is worth the
price to get the coverage. It's well written,
and relatively easy to read for a technical book.
It costs a steep $50. It's not a "For Dummies."
You have to be comfortable with all sorts of things
already.
It's giving me the intellectual capital to attack
the engineering failures therein and surrounding
the deployment of same. Maybe Eric will offer me
$100 for my annotated copy just to shut me the
f**k up ;-) I've so far discovered .... well,
that's another story, and I sense Perry's keenness
to be less redundant and stay more ontarget.
PS: next step is Ferguson & Schneier's recent book
which has been described as "how to re-invent SSL."
--
iang
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
