On Sunday 09 December 2007 01:28:09 pm Nelson Bolyard wrote: > Brad Hards wrote, On 2007-12-07 18:09: > > [I've] found Chapter 3 of the OpenSSL book from OReilly to be quite OK. > > There are a lot of "cookbook" books that might be entitled "how to set > up a home brew CA using OpenSSL". I didn't want a book that was focused > on any particular implementation. There is a bit of theory as well, but your point is well makde > > That book recommends "Planning for PK: Best Practices Guide for Deploying > > Public Key Infrastructure" by Russ Housley and Tim Polk. I've never even > > seen a copy. > > Amazon has the entire text of this book online. (Strangely, a search by > title didn't find it, but an author search did.) Probably because there is a typo in the title (Planning for PKI:, not Planning for PK). Sorry about that.
> It had more depth on cert extensions than any others I browsed, but not > as much as I had hoped. I'm not optimistic that a QA developer can > develop positive and negative test cases for explicit policy constraints > after reading it. (:-) But if it cuts the teaching time even by half, > that will have been a big help. You know, you should have told us more about the target audience... Maybe: http://csrc.nist.gov/groups/ST/crypto_apps_infra/pki/pkitesting.html (not the site, but the various tests and documents linked off it) will be of some use after they get through the intro stuff. > Oh, I wasn't looking for any cynicism from "down under". :-) No extra charge :-) Brad _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto