Sign in to turn on 1-Click ordering.
Trade in Yours
For a 0.25 Gift Card
Trade in
More Buying Choices
Have one to sell? Sell yours here
Sorry, this item is not available in
Image not available for
Image not available

Tell the Publisher!
Id like to read this book on Kindle

Don't have a Kindle? Get your Kindle here, or download a FREE Kindle Reading App.

SSl and TLS: Building and Designing Secure Systems [Paperback]

Eric Rescorla
5.0 out of 5 stars  See all reviews (1 customer review)
RRP: 34.99
Price: 32.87 & FREE Delivery in the UK. Details
You Save: 2.12 (6%)
o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o
Only 2 left in stock (more on the way).
Dispatched from and sold by Amazon. Gift-wrap available.
Want it tomorrow, 24 July? Choose Express delivery at checkout. Details


Amazon Price New from Used from
Paperback 32.87  
Trade In this Item for up to 0.25
Trade in SSl and TLS: Building and Designing Secure Systems for an Amazon Gift Card of up to 0.25, which you can then spend on millions of items across the site. Trade-in values may vary (terms apply). Learn more

Book Description

17 Oct 2000 0201615983 978-0201615982 1

Secure Sockets Layer (SSL) is used in virtually every commercial web browser and server. In this book, one of the world's leading network security experts explains how SSL works -- and gives implementers step-by-step guidance and proven design patterns for building secure systems with SSL. Eric Rescorla also provides the first in-depth introduction to Transport Layer Security (TLS), the highly anticipated, maximum-security successor to SSL. Rescorla starts by introducing SSL's fundamentals: how it works, and the threats it is intended to address. One step at a time, he addresses each key SSL concept and technique, including cryptography, SSL performance optimization, designing and coding, and how to work around SSL's limitations. Rescorla demonstrates TLS at work in SMTP-based Internet security applications. The book includes detailed examples of SSL/TLS implementations, with in-depth insight into the key design choices that informed them. For all network and security designers, enterprise developers, system implementers, and suppliers of Internet security products and services.

Frequently Bought Together

SSl and TLS: Building and Designing Secure Systems + Network Security with OpenSSL: Cryptography for Secure Communications
Buy the selected items together

Product details

  • Paperback: 528 pages
  • Publisher: Addison Wesley; 1 edition (17 Oct 2000)
  • Language: English
  • ISBN-10: 0201615983
  • ISBN-13: 978-0201615982
  • Product Dimensions: 2.4 x 18.3 x 22.9 cm
  • Average Customer Review: 5.0 out of 5 stars  See all reviews (1 customer review)
  • Amazon Bestsellers Rank: 726,613 in Books (See Top 100 in Books)
  • See Complete Table of Contents

More About the Author

Discover books, learn about writers, and more.

Product Description

Amazon Review

SSL is Secure Sockets Layer, the most common security protocol used in networks around the world. TLS is Transport Layer Security, its more modern counterpart. Although its primary use is securing Web traffic, SSL (along with TLS) is suitable for and widely used to secure other services, including LDAP (directory access) and e-mail. Securing all this traffic has highlighted sophisticated security problems and their solutions, and so a thorough understanding of SSL and TLS is essential for the construction of secure systems.

SSL and TLS: Designing and Building Secure Systems offers clear and comprehensive descriptions of these security protocols and their implementation, and also provides "designs"--tried and true templates that suit various scenarios. Armed with this book, you can become well versed in the importance of SSL and TLS, be able to work with them to provide solutions, and furthermore identify an appropriate tested "design" that will solve the security problems of a proposed new network installation.

The book starts with an excellent summary of cryptography, and clarifies what the threat to security is. The next five chapters introduce and elucidate SSL itself, in detail but with great care to carry even the neophyte along, keeping comprehension high. Diagrams and examples are plentiful. The author provides information about how to obtain free tools, including his own helpful "ssldump" which significantly aids the person who wishes to learn how to use, interpret, program and plan implementation of this protocol.

Though SSL and TLS is aimed at the professional who expects to be in constant use of network equipment, this book can be used as a good introduction to security issues confronting computer users, even if you never plan to touch a coax cable. --Wilf Hey

From the Back Cover

"This is the best book on SSL/TLS. Rescorla knows SSL/TLS as well as anyone and presents it both clearly and completely.... At times, I felt like he's been looking over my shoulder when I designed SSL v3. If network security matters to you, buy this book."
Paul Kocher, Cryptography Research, Inc.
Co-Designer of SSL v3

"Having the right crypto is necessary but not sufficient to having secure communications. If you're using SSL/TLS, you should have

SSL and TLS sitting on your shelf right next to Applied Cryptography."
Bruce Schneier, Counterpane Internet Security, Inc.
Author of Applied Cryptography

"Everything you wanted to know about SSL/TLS in one place. It covers the protocols down to the level of packet traces. It covers how to write software that uses SSL/TLS. And it contrasts SSL with other approaches. All this while being technically sound and readable!"
Radia Perlman, Sun Microsystems, Inc.
Author of Interconnections

Secure Sockets Layer (SSL) and its IETF successor, Transport Layer Security (TLS), are the leading Internet security protocols, providing security for e-commerce, web services, and many other network functions. Using SSL/TLS effectively requires a firm grasp of its role in network communications, its security properties, and its performance characteristics. SSL and TLS provides total coverage of the protocols from the bits on the wire up to application programming.

This comprehensive book not only describes how SSL/TLS is supposed to behave but also uses the author's free ssldump diagnostic tool to show the protocols in action. The author covers each protocol feature, first explaining how it works and then illustrating it in a live implementation. This unique presentation bridges the difficult gap between specification and implementation that is a common source of confusion and incompatibility.

In addition to describing the protocols, SSL and TLS delivers the essential details required by security architects, application designers, and software engineers. Use the practical design rules in this book to quickly design fast and secure systems using SSL/TLS. These design rules are illustrated with chapters covering the new IETF standards for HTTP and SMTP over TLS.

Written by an experienced SSL implementor, SSL and TLS contains detailed information on programming SSL applications. The author discusses the common problems faced by implementors and provides complete sample programs illustrating the solutions in both C and Java. The sample programs use the free OpenSSL and PureTLS toolkits so the reader can immediately run the examples.


Sell a Digital Version of This Book in the Kindle Store

If you are a publisher or author and hold the digital rights to a book, you can sell a digital version of it in our Kindle Store. Learn more

What Other Items Do Customers Buy After Viewing This Item?

Customer Reviews

4 star
3 star
2 star
1 star
5.0 out of 5 stars
5.0 out of 5 stars
Most Helpful Customer Reviews
5.0 out of 5 stars An excellent book 14 July 2012
Format:Paperback|Verified Purchase
This book is old - but it is excellent, it really explains SSL very well both in technical terms and also in plain english - a must for any IT proffessional.
Comment | 
Was this review helpful to you?
Most Helpful Customer Reviews on Amazon.com (beta)
Amazon.com: 4.2 out of 5 stars  24 reviews
38 of 40 people found the following review helpful
5.0 out of 5 stars Five stars from a designer of SSL 16 Jan 2001
By Paul Kocher - Published on Amazon.com
As one of the three co-designers of SSL v3, I highly recommend this book -- it's the best book I've seen on SSL/TLS. Eric knows the protocol inside and out and does an excellent job of explaining both the practice and theory of SSL and TLS. The book also includes includes lots of practical information that isn't in the spec about how things are actually done and does a great job explaining the underlying cryptography and security.
14 of 14 people found the following review helpful
5.0 out of 5 stars Truly excellent book. 28 Nov 2000
By David Preece - Published on Amazon.com
I was basically hoping for an SSL appendix to Stevens's TCP/IP Illustrated and was not at all disappointed. Rescorla makes excellent use of chronological network traces and has written an SSL equivalent to tcpdump to help illustrate what's going on. This makes for clear explainations, and a steep but none the less thoroughly attainable learning curve.
One word I noticed being used a whole lot was 'why'. Rescorla goes to some lengths to explain the why's of network security, and uses simple concepts to illustrate these.
It also presents a fairly precise history of the whole SSL thing from an entirely neutral political standpoint. He gives credit where it is due - even to Microsoft who, as it turns out, were trying to do the right thing all along. The neutrality also shows when Rescorla goes to lengths to point out potential conflicts of interest when the story involves him, personally.
All in all, if you couldn't tell, I'm very impressed. This is a complex topic, perhaps *the* complex topic and it is handled in a controlled manner. You'll need to be reasonably au fait with TCP/IP and internet protocols in general, but from that point on you're in safe hands.
13 of 13 people found the following review helpful
5.0 out of 5 stars Thoroughly impressed 9 April 2001
By David Wagner - Published on Amazon.com
The definitive reference on SSL and TLS. If you rely on SSL/TLS, need a way to secure communications channels of some system, or are just curious about the protocol, this is the book for you. The author has a very clear and down-to-earth writing style that makes the technical material easy to follow, and the diagrams and protocol traces help make the workings of the protocol more concrete. As a result, it is easier to follow, and gives more practical details, than the RFCs. This one is staying on my shelf.
10 of 10 people found the following review helpful
5.0 out of 5 stars Great book 9 Dec 2000
By Dan Crevier - Published on Amazon.com
I agree with the other reviewers that this is a great book. It's written in such a way that it's useful for readers that intend to use SSL at different levels. For example, there are places that tell you can skip ahead to the next chapter unless you are actually implementing SSL. I also really liked the initial chapter about the general security concepts involved in SSL. It was something I didn't know a lot about and it was very well explained.
8 of 8 people found the following review helpful
5.0 out of 5 stars The book on SSL/TLS I was waiting for. 29 Dec 2000
By anon2001 - Published on Amazon.com
Before this book came along documentation about SSL was fragmentary. You had to learn about SSL from old Netscape draft standards documents, notes, examples, RFCs, existing code, etc. I wished for just such a book as this one. All the essential up-to-date information in one place. I bought it shortly after publication and it exceeded all my expectations. Thorough, clear introduction to the subject of SSL for programmers. The author also provides interesting background material, such as how TLS evolved from pre-existing protocols. The book is very readable and I practically read it from start to finish which is unusual for a technical book. If someone asked me to recommend a book I would suggest this one. And now I am waiting for the book on X.509.
Were these reviews helpful?   Let us know
Search Customer Reviews
Only search this product's reviews

Customer Discussions

This product's forum
Discussion Replies Latest Post
No discussions yet

Ask questions, Share opinions, Gain insight
Start a new discussion
First post:
Prompts for sign-in

Search Customer Discussions
Search all Amazon discussions

Look for similar items by category