Bulletproof SSL and TLS has been released!
It gives me great pleasure to announce that my book, Bulletproof SSL and TLS, has now been officially released. Writing it took me more than two years (I started in May 2012, believe it or not), during which I spent the equivalent of about 7 months of full time work.
The end result is about 528 pages of text (in print; 513 in the version optimised for screen reading) spread across 16 chapters. The book is a complete package with an introduction to cryptography, SSL, TLS, and PKI, followed by a complete coverage of the current problems with the protocols as well as the entire ecosystem, and a ton of practical advice for configuration and performance tuning. OpenSSL is well covered with two chapters, and there's a chapter for each of Apache, Java and Tomcat, Microsoft and IIS, and Nginx.
During July I went through the entire book to update and refresh the earlier chapters. I extended the OpenSSL chapter with a section on running private certification authorities. The Apache and Nginx chapters were extended to include client certificate authentication. Apache 2.4.10 introduced some changes to how it handles SNI and, naturally, I needed to include that in the book, too. I added Preface to the beginning and Summary to the end. Finally, I added the index, without which the print edition wouldn't be complete.
If you purchased the early access edition since we had announced it in February, now is a good time to go back to the Feisty Duck web site and download the final files. (Final for now, that is.) If you purchased the paper version, your book is currently being printed and will be shipped to you soon.
For more information about Bulletproof SSL and TLS, please visit the Feisty Duck web site:
|MY BOOK: If you like this blog post, you will love Bulletproof SSL and TLS. For system administrators, developers, and IT security professionals, this book provides a comprehensive coverage of the ever-changing field of SSL/TLS and Internet PKI and will teach you everything you need to know to protect your systems from eavesdropping and impersonation attacks. It's available now.|