Cover V06, I06
Article
Figure 1
Figure 2
Figure 3
Figure 4
Figure 5
Figure 6
Listing 1
Listing 2
Sidebar 1

jun97.tar


Sidebar: Information Resources

Online Resources

RSA Laboratories Web site (http://www.rsa.com). Here you can find some white papers, standards, and a very comprehensive FAQ on cryptosystems. In particular:

RSA Crypto FAQ: http://www.rsa.com/rsalabs/newfaq/

PKCS Standards: http://www.rsa.com/rsalabs/pubs/PKCS/

Button S, and Kaliski Jr. An Overview of the PKCS Standards. An RSA Laboratories Technical Note. Revised November 1, 1993. http://www.rsa.com/rsalabs/pubs/PKCS/

Steve Duss and Tim Matthews. S/MIME: Anatomy of a Secure E-mail Standard. Messaging Magazine: http://www.ema.org/html/pubs/mmv2n4/s-mime.htm

Nortel at Canada maintains a site for its security product suite named Entrust (http://www.entrust.com). Here you can find much information on CAs and PKI management. Look for: Entrust Certificate Demo. You can use this free demo service to get demonstration client and server X.509 certificates to enable SSL: http://www.entrust.com/new.htm

White papers. Many white papers and security primers, including some IETF working drafts on PKI: http://www.entrust.com/library.htm

Internet and IETF Information at InterNIC: http://ds.internic.net/ds/dspg0intdoc.html. Here you can find tons of information and pointers on the working PKI, IPng, and IP security standards currently adopted by the available certificate server products. In particular look for these Internet Drafts from IETF working groups:

IP Security Protocol:

http://www.ietf.cnri.reston.va.us/ids.by.wg/ipsec.html

Public Key Infrastructure:

http://www.ietf.cnri.reston.va.us/ids.by.wg/X.509.html

Site Security Handbook:

http://www.ietf.cnri.reston.va.us/ids.by.wg/ssh.html

Internet MCI Security Engineering: http://www.security.mci.net/. Here you can find information on DoS attacks as well as pointers to vendors patches to work around the problem. Also look for the white paper by Dale Drew, Protection of TCP/IP Based Network Elements: Security Checklist.

SunWorld Magazine online is an excellent resource for sys admins (http://www.sunworld.com). Here, Peter Galvin writes a monthly security colum. Recently, an encryption primer by Dave Kosiuhttp was featured: http://www.sun.com/sunworldonline/swol-03-1997/swol-03-encrypt.html

Felten, E.W., D. Balfanz, D. Dean, and D. S. Wallach. Web Spoofing: An Internet Con Game. Technical Report available at: http://www.cs.princeton.edu/sip

Cylink Corporation - Tutorials and White papers:

http://www.cylink.com/tutorial/

The WWW security FAQ by Lincoln D. Stein, Whitehead Institute for Biomedical Research:

http://www-genome.wi.mit.edu/WWW/faqs/ \

www-security-faq.html

Computer Security Institute (http://www.csi.com). Here you can access the main outcomes from recent security surveys performed by the institute, as well as information on security courses.

National Computer Security Association (NCSA; http://www.ncsa.com). The Association sells many good books on security, and some whitepapers are also available on line.

Printed Resources

There are many good books about security published by O'Reilly, Prentice-Hall, John Wiley and others. However, I have not seen a book with a good coverage of the subject addressed here. The reader is encouraged to visit regularly the local technical bookstore - among that mountain of overhyped books a few are really worthy, and new books appear weekly.

Many excellent articles on security are also featured in Sys Admin magazine, in particular the October and November 1996 issues. The article by Arthur Donkers, Building a Secure Web Site, is particularly illuminating and contains a good description of the SSL handshake, SSL implementation on the Apache Web Server, and shows the use of the freeware implementation of SSL and SSLeay. SSLeay utilities include req, a program to generate public cryptography key pairs, certificate requests, and self-signed X.509 certificates. This utility can be useful to those outside the United States who need to use 1024-bit length certificates. n