Amazon.co.jp�F Network Security With Openssl: John Viega, Matt Messier, Pravir Chandra: �m��

��e��

Most applications these days are at least somewhat network aware, but how do you protect those applications against common network security threats? Many developers are turning to OpenSSL, an open source version of SSL/TLS, which is the most widely used protocol for secure network communications. The OpenSSL library is seeing widespread adoption for web sites that require cryptographic functions to protect a broad range of sensitive information, such as credit card numbers and other financial transactions. The library is the only free, full-featured SSL implementation for C and C++, and it can be used programmatically or from the command line to secure most TCP-based network protocols. Network Security with OpenSSL enables developers to use this protocol much more effectively. Traditionally, getting something simple done in OpenSSL could easily take weeks. This concise book gives you the guidance you need to avoid pitfalls, while allowing you to take advantage of the library?s advanced features. And, instead of bogging you down in the technical details of how SSL works under the hood, this book provides only the information that is necessary to use OpenSSL safely and effectively. In step-by-step fashion, the book details the challenges in securing network communications, and shows you how to use OpenSSL tools to best meet those challenges. As a system or network administrator, you will benefit from the thorough treatment of the OpenSSL command-line interface, as well as from step-by-step directions for obtaining certificates and setting up your own certification authority. As a developer, you will further benefit from the in-depth discussions and examples of how to use OpenSSL in your own programs. Although OpenSSL is written in C, information on how to use OpenSSL with Perl, Python and PHP is also included. OpenSSL may well answer your need to protect sensitive data. If that?s the case, Network Security with OpenSSL is the only guide available on the subject.

Book Description

Most applications these days are at least somewhat network aware, but how do you protect those applications against common network security threats?

Many developers are turning to OpenSSL, an open source version of SSL/TLS, which is the most widely used protocol for secure network communications.

The OpenSSL library is seeing widespread adoption for web sites that require cryptographic functions to protect a broad range of sensitive information, such as credit card numbers and other financial transactions.

The library is the only free, full-featured SSL implementation for C and C++, and it can be used programmatically or from the command line to secure most TCP-based network protocols.

Network Security with OpenSSL enables developers to use this protocol much more effectively. Traditionally, getting something simple done in OpenSSL could easily take weeks. This concise book gives you the guidance you need to avoid pitfalls, while allowing you to take advantage of the library's advanced features. And, instead of bogging you down in the technical details of how SSL works under the hood, this book provides only the information that is necessary to use OpenSSL safely and effectively.

In step-by-step fashion, the book details the challenges in securing network communications, and shows you how to use OpenSSL tools to best meet those challenges.

As a system or network administrator, you will benefit from the thorough treatment of the OpenSSL command-line interface, as well as from step-by-step directions for obtaining certificates and setting up your own certification authority. As a developer, you will further benefit from the in-depth discussions and examples of how to use OpenSSL in your own programs. Although OpenSSL is written in C, information on how to use OpenSSL with Perl, Python and PHP is also included.

OpenSSL may well answer your need to protect sensitive data. If that's the case, Network Security with OpenSSL is the only guide available on the subject.

��i�̐��ׂĕ\��

�J�X�^�}�[��r��[

��5��

��4��

��3��

��2��

��1��

2��̃J�X�^�}�[��r��[

5��̂�� 4.0

�J�X�^�}�[��r��[��

�ł��Q�l�ɂȂ��J�X�^�}�[��r��[

6 �l��A3�l�̕��A��̃��r��[��Q�l�ɂȂ��Ɠ��[��Ă��܂��B

�^�}��{�B��肾��ȃI�[�v��\�[�X�B��ɖԗ��ł��Ȃ��B 2003/7/13

By cxj01155

�`��:�y�[�p�[�o�b�N

��I��C��[��I�Ƃ肠��A��{�ꉻ��ė~��̂Ő��T�B
��Ƃ��͋��܂��B�Ȃ��openSSL�ɖ{��Ƃ́I�j�b�`��Ǝv��Ă��猋�\��W��[�Ȃ悤�ł��ˁB��̕\��̓^�}��I�I�I

openSSL�́A��C�u��ł��Ȃ��b�`�̃R�}��h�S�ł��ASSL�̃e�X�g�@�\��Ƃ��A��肾��ȃI�[�v��\�[�X�ł��B��e�L�X�g�t�@�C��O�O�ɓǂ߂Ηǂ��̂ł��A�h��ł��ˁB��ł��p��Ȃ̂ɁB

��͂��ɑS�`�o�h��Ă��邱�Ƃ͂��܂��񂪁A�T�O�I�Șb�E�v��O��@�E�R�}��h�̎g�p�@�Eperl/PHP�̃C��^�t�F�[�X�ȂǁA��ʂ�L�q��AopenSSL�̑S�̔c��ł��܂��B

��Ƃ� man �� e�L�X�g�t�@�C��@�� google �ł��΂�I

�{��̖{�̓y�[�p�[�o�b�N�ł��B�ł��ɂƂ�Ƃ��ꂢ�ł��B��ĂĂ��ꂵ��Ȃ�{�ł��B

�R��g |

��̃��r��[�͎Q�l�ɂȂ�܂��H

�͂�

��

3 �l��A2�l�̕��A��̃��r��[��Q�l�ɂȂ��Ɠ��[��Ă��܂��B

OpenSSL��g��ăv��O��~��O��l�̂��߂̖{ 2004/1/29

By �̂肼�[

OpenSSL�𗘗p��ĈÍ��s��l�b�g��[�N�A�v��P�[�V��
��ō\�z��l�̂��߂̏��Ђł��B

Apache��SSL�̋@�\�𗘗p��邾��̐l�ɂ͈Ӗ��܂��B
�i��A��ł��B�{��ǂނƁA�͂��u�ΏۊO��v�Ə��
��܂��B�j

�ꂩ��A�v��\�z��l�ɂƂ��ẮA��{��̏��Ђ��Ȃ��߁A
�L�p��Ǝv��܂��B

› ��̃J�X�^�}�[��r��[��\��

Amazon.com �ōł��Q�l�ɂȂ��J�X�^�}�[��r��[ ^(beta)

Amazon.com: 16��̃J�X�^�}�[��r��[

25 �l��A25�l�̕��A��̃��r��[��Q�l�ɂȂ��Ɠ��[��Ă��܂��B

openssl programming cleanly explained 2004/10/12

By H. Wang - (Amazon.com)

The book starts with a general introduction of encryption in general, then SSL protocol in general. Then openssl command line interface is introduced with some easy to follow examples. Later openssl programming is explained in detail.

As the only free SSL programming library with source code available, openssl is notorious for its undocumented/underdocumented/misdocumented manuals. Starting a software project using openssl without prior experience is often a painful experience if you simply rely on the manuals coming with the source code. Given thousands of interfaces/data structures, it is an overwhelming job to understand openssl in depth. Your best bet is usually reading the sample source code that comes with package, but often it leaves lots of questions - what does this api do? Why use this one? Under what circumstances should I use this one? You may rely on openssl mailing list, but answer is not guaranteed and you have to do your own home work first.

So come this book finally. It explains (using many examples) most interfaces a typical openssl programmer would use in reality. It is a really easy to read from chapter to chapter since the authors apparently try to explain most api using a short and clear example.

I wish when the next version comes out, it can do:

1. fix typos. Yeah, it does contain some typos. Good proofreading is needed.

2. Include topics in openssl 0.9.7. Like CRL.

3. What's going on under hood. How openssl code is organized, how interface control of flow goes. This helps understand the openssl library and debugging as well.

9 �l��A9�l�̕��A��̃��r��[��Q�l�ɂȂ��Ɠ��[��Ă��܂��B

Great Book to Use When Writing an SSL app. 2005/5/28

By M. Behur - (Amazon.com)

If you have little or no experience with SSL, or OpenSSL, get this book. It explains the principles behind SSL, and then goes on to cover OpenSSL. The companion website opensslbook.com contains the latest examples.

The only drawbacks to the book are the way that the authors cover random number generators for windows, (totally excludes the MS crypto function cryptgenrand(), in favor of the Author's own entropy collection system), and the creation of certificates could have been covered a little better. I also kept having to consult the Openssl API documentation for clarification on certain things, but overall this is a great book.

18 �l��A15�l�̕��A��̃��r��[��Q�l�ɂȂ��Ɠ��[��Ă��܂��B

Excellent! 2002/11/23

By Antonio A. Rodriguez - (Amazon.com)

OpenSSL is a terrific programming resource, but the online documentation on it
is hard to understand and index. This book brings most of it all together, and
provides enough examples to answer most of your questions.

One thing that it lacks is tie-ins with Java; most of its examples are in Perl
and Python. I'm currently trying to see if certain ideas can be implemented in Java.

A great book, and great read!

› Amazon.com�̃J�X�^�}�[��r��[��(16)

��̃��r��[�͎Q�l�ɂȂ�܂��H ��ӌ��̓N�`�R�~�ł��B

Network Security With Openssl [�y�[�p�[�o�b�N]

�L��y�[��ђǉ��

��i�̐��

��e��

Book Description

�o�^��

��̏��i��ɔ��Ă��̂́H

��̏��i�Ƀ^�O��

�J�X�^�}�[��r��[

�N�`�R�~

�V��N�`�R�~��쐬��

��X�g�}�j�A

�֘A��i��T��

��L�[��[�h�̏��i��T��

�t�B�[�h�o�b�N

Network Security With Openssl [�y�[�p�[�o�b�N]

�L�����y�[������ђǉ����

���i�̐���

���e����

Book Description

�o�^���

���̏��i��������ɔ����Ă���̂́H

���̏��i�Ƀ^�O������

�J�X�^�}�[���r���[

�N�`�R�~

�V�����N�`�R�~���쐬����

���X�g�}�j�A

�֘A���i��T��

�����L�[���[�h�̏��i��T��

�t�B�[�h�o�b�N

�L��y�[��ђǉ��

��i�̐��

��e��

�o�^��

��̏��i��ɔ��Ă��̂́H

��̏��i�Ƀ^�O��

�J�X�^�}�[��r��[

�V��N�`�R�~��쐬��

��X�g�}�j�A

�֘A��i��T��

��L�[��[�h�̏��i��T��