- Web Security & Commerce
- Preface
- I. Introduction
- II. User Safety
- 2. The Buggy Browser: Evolution of Risk
- 3. Java and JavaScript
- 4. Downloading Machine Code with ActiveX and Plug-Ins
- 5. Privacy
- III. Digital Certificates
- 6. Digital Identification Techniques
- Ten Policy Questions
- Is legislation necessary at all?
- Where should PKI legislation occur?
- Is licensing of certification authorities the right approach?
- Should legislation endorse public key cryptography, or be “technology neutral”?
- Should legislation endorse the X.509 paradigm?
- How should liability and risk be allocated in a PKI?
- What mechanisms should be used to allocate risk?
- Should digitally signed documents be considered “writings” for all legal purposes?
- How much evidentiary weight should a digitally signed document carry?
- Should governments act as CAs?
- 7. Certification Authorities and Server Certificates
- 8. Client-Side Digital Certificates
- 9. Code Signing and Microsoft’s Authenticode
- IV. Cryptography
- 10. Cryptography Basics
- 11. Cryptography and the Web
- 12. Understanding SSL and TLS
- V. Web Server Security
- 13. Host and Site Security
- 14. Controlling Access to Your Web Server
- 15. Secure CGI/API Programming
- VI. Commerce and Society
- 16. Digital Payments
- 17. Blocking Software and Censorship Technology
- 18. Legal Issues: Civil
- 19. Legal Issues: Criminal
- VII. Appendixes
- A. Lessons from Vineyard.NET
- Planning and Preparation
- Lesson: Whenever you are pulling wires, pull more than you need.
- Lesson: Pull all your wires in a star configuration, from a central point out to each room, rather than daisy-chained from room to room. Wire both your computers and your telephone networks as stars.
- Lesson: Use centrally located punch-down blocks or 10Base-T wiring blocks for both your computer networks and your telephone networks.
- Lesson: Don’t go overboard.
- Lesson: Plan your computer room carefully: you will have to live with its location for a long time.
- IP Connectivity
- Commercial Start-Up
- Ongoing Operations
- Security Concerns
- Lesson: Don’t run programs with a history of security problems (e.g., sendmail).
- Lesson: Make frequent backups.
- Lesson: Limit logins to your servers.
- Lesson: Beware of TCP/IP spoofing.
- Lesson: Defeat packet sniffing.
- Lesson: Restrict logins.
- Lesson: Tighten up your system beyond manufacturer recommendations.
- Lesson: Eschew free software.
- Phone Configuration and Billing Problems
- Credit Cards and ACH
- Lesson: If you have the time to write it, custom software always works better than what you can get off the shelf.
- Lesson: Live credit card numbers are dangerous.
- Lesson: Encrypt sensitive information and be careful with your decryption keys.
- Lesson: Log everything, and have lots of reports.
- Lesson: Explore a variety of payment systems.
- Lesson: Make it easy for your customers to save you money.
- Monitoring Software
- Security Concerns
- Conclusion
- Planning and Preparation
- B. Creating and Installing WebServer Certificates
- C. The SSL 3.0 Protocol
- D. The PICS Specification
- E. References
- A. Lessons from Vineyard.NET
- Index
- Colophon
The last piece of the cryptography puzzle is a system for establishing the identity of people who hold cryptographic keys. In recent years, such a system has come to be called the public key infrastructure, as we discussed in Chapter 6.
Recall that public key encryption systems require that each user creates two keys:
A public key, which is used for sending encrypted messages to the user and for verifying the user’s digital signature.
A secret key, which is used by the user for decrypting received messages and for signing the user’s digital signature.
While secret keys are designed to be kept secret, public keys are designed to be published and widely distributed.
Schematically, you might imagine that public and secret keys contain little information other than the actual values that are needed for public key encryption and decryption, as shown in Figure 10.4.
It turns out, though, that we need to store more information with each public key. In addition to the encryption information, we may wish to store the user’s name (see Figure 10.5) or some other kind of identifying information. Otherwise, if we had public keys for three people—say, Sascha, Wendy, and Jonathan—there would be no easy way to tell them apart. And we need to store more information with each secret key, so we have a way of telling which secret key belongs to which public key.
Figure 10-5. A better representation for public and secret keys, containing space for the user’s name
The name field can contain anything that the key holder wishes. It might contain. “Sascha Strathmore.” Or it might contain “S. Strathmore” or “Ahcsas Obsidian” or even “Head Honcho”. Once the key is created with a name, it can be signed by a third party. Third parties that verify the information on the key before it is signed are called certification authorities; these are described in detail in Chapter 7.
-
No Comment