Loading ...
Sorry, an error occurred while loading the content.

REVIEW: "Understanding PKI", Carlisle Adams/Steve Lloyd

Expand Messages
  • Rob, grandpa of Ryan, Trevor, Devon & Ha
    BKUNDPKI.RVW 20031107 Understanding PKI , Carlisle Adams/Steve Lloyd, 2003, 0-672-32391-5, U$49.99/C$77.99 %A Carlisle Adams %A Steve Lloyd %C P.O.
    Message 1 of 1 , Jan 8, 2004
    • 0 Attachment
      BKUNDPKI.RVW 20031107

      "Understanding PKI", Carlisle Adams/Steve Lloyd, 2003, 0-672-32391-5,
      %A Carlisle Adams
      %A Steve Lloyd
      %C P.O. Box 520, 26 Prince Andrew Place, Don Mills, Ontario M3C 2T8
      %D 2003
      %G 0-672-32391-5
      %I Addison-Wesley Publishing Co.
      %O U$49.99/C$77.99 416-447-5101 fax: 416-443-0948
      %O http://www.amazon.com/exec/obidos/ASIN/0672323915/robsladesinterne
      %O http://www.amazon.ca/exec/obidos/ASIN/0672323915/robsladesin03-20
      %P 322 p.
      %T "Understanding PKI"

      Part one is about concepts. Chapter one (and the first chapter of
      every section) is an outline of the contents of this part of the book.
      A simple introduction to symmetric cryptography, and the basics of
      asymmetric, is provided in chapter two. The purpose and components of
      a public key infrastructure (PKI) is reviewed in chapter three.
      Chapter four relates core PKI to the standard security model of
      confidentiality, integrity, and availability. Some extension of the
      basic services is given in chapter five (although there is no mention
      of the most common hybrid form of encryption). Certificates and some
      fundamentals of certification are in chapter six. Chapter seven looks
      at key and certificate management. Certificate revocation, in chapter
      eight, is oddly undetailed in comparison to the previous material.
      Chapters nine to thirteen cover, in short order, trust models,
      certificate and information dissemination, operational factors, and
      digital signature legislation. What PKI does, and doesn't, do is
      presented in chapter fourteen, which probably should have come earlier
      in the book. Chapter fifteen speculates on the future of PKI.
      Chapter sixteen, and the last chapter of every part, outlines
      conclusions and further reading. The material is very terse: in this
      case, only two pages.

      Part two is entitled standards. There is the introduction, and then
      chapter eighteen lists major standards. The status of some of those
      standards is discussed in chapter nineteen. Chapter twenty provides
      examples of the piloting of standards, and points out that the
      standards do not always confer interoperability. The reading list in
      chapter twenty one is a bit bigger than that in sixteen.

      Part three concerns deployment. There is a generic cost/benefit
      argument in chapter twenty three. Chapters twenty four and twenty
      five basically reiterate earlier material in regard to deployment.
      Some specific issues are mentioned in regard to the business models
      discussed in chapter twenty six. There are almost no conclusions and
      suggestions for further reading in chapter twenty seven.

      This book does cover many issues associated with PKI, but in a very
      pedestrian fashion. There is nothing here that is not covered by many
      volumes dealing with cryptography as a general topic, such as
      Schneier's "Applied Cryptography" (cf. BKAPCRYP.RVW) or the simpler
      works like Mel and Baker's "Cryptography Decrypted" (cf.BKCRPDEC.RVW).
      Indeed, any number of general security texts provide as much detail on
      PKI as does this book.

      copyright Robert M. Slade, 2003 BKUNDPKI.RVW 20031107

      ====================== (quote inserted randomly by Pegasus Mailer)
      rslade@... slade@... rslade@...
      Politicians are the same all over the world, we build bridges
      where there are no rivers. - Nikita Khrushchev
      http://victoria.tc.ca/techrev or http://sun.soci.niu.edu/~rslade
    Your message has been successfully submitted and would be delivered to recipients shortly.