Product Description

An in–depth technical guide on the security technology driving Internet e–commerce expansion.
"Planning for PKI" examines the number–one Internet security technology that will be widely adopted in the next two years. Written by two of the architects of the Internet PKI standards, this book provides authoritative technical guidance for network engineers, architects, and managers who need to implement the right PKI architecture for their organization. The authors discuss results and lessons learned from early PKI pilots, helping readers evaluate PKI deployment impact on current network architecture while avoiding the pitfalls of early technical mistakes. Four technical case studies detail the do′s and don′ts of PKI implementation, illustrating both successes and failures of different deployments. Readers will also learn how to leverage future PKI–related technologies for additional benefits.

Product Details

• Amazon Sales Rank: #51000 in Books
• Published on: 2001-04-09
• Original language: English
• Number of items: 1
• Binding: Paperback
• 352 pages

Review
"Rather than being an abstract academic text, the authors, Russ Housley and Tim Polk, write from years of practical experience. Housley is the Chief Scientist for Spyrus, and Polk is the technical lead for PKI at NIST. At a little over 300 pages, Planning for PKI is a valuable reference to the workings of PKI."
––Ben Rothke; UnixReview.com (5/7/01)

Review
"Planning for PKI is a valuable reference to the workings of PKI."––Reviewed by Ben Rothke; UnixReview.com (5/7/01)

From the Back Cover
An in–depth technical guide to the security technology driving Internet e–commerce.

"Planning for PKI" examines this cornerstone Internet security technology. Written by two of the architects of the Internet PKI standards, this book provides authoritative technical guidance for network engineers, architects, and managers who need to implement the right PKI architecture for their organization. Readers will learn that building a successful PKI is an on going process, not a one–time event. The authors discuss results and lessons learned from three early PKI deployments, helping readers avoid the pitfalls and emulate the successes of early PKI adopters.

Using plain and direct language, the authors share their extensive knowledge of PKI standards development in the Internet Engineering Task Force (IETF) and elsewhere. Subtle points about the Internet PKI standards are liberally sprinkled throughout the book. These nuggets provide insight into the intent of some of the esoteric topics in the standards, enabling greater interoperability.

"Planning for PKI" gathers the PKI state–of–the–art into one volume, covering everything from PKI history to emerging PKI–related technologies.

Customer Reviews

Informative, within limits
I bought this book because I have to understand PKI in order to administrate IPsec and TLS. It has given me a lot of useful information, and on that basis the book can be recommended.

The authors appear to have had a very narrow focus, and poor critical faculties, however. Much of what they suggest is indefensible in security engineering terms.

A security expert would reject such advice out of hand, so no real harm is done. Anyone else should read a more general book on security engineering first.

I also have concerns about the authors' objectivity. All the case studies involve Spyrus hardware, and one of the authors is their Chief Scientist. Apart from the blurb on the back cover, this vested interest is never declared. There is no informed discussion of methodologies that compete with PKI, such as PGP, nor acknowledgement of many of the flaws in PKI.

So. If you need to know, buy this book. But be careful.