Further Reading

This chapter has covered SSL from the perspective of a Java developer. Further details on the protocol, its evolution, supported cipher suites and so on. can be found in the book SSL and TLS: Designing and Building Secure Systems. Its author, Eric Rescorla, has developed ssldump, a freely available tool based on OpenSSL cryptographic library and libpcap packet capture library to analyze SSL traffic by capturing data packets flowing through a network interface card. You can download OpenSSL from http://www.openssl.org, libpcap from http://www.tcpdump.org, and ssldump from http://www.rtfm.com/ssldump. This tool, especially its display format, has been the inspiration behind the SSL protocol analysis capability of JSTK utility

Get J2EE™ Security for Servlets, EJBs and Web Services: Applying Theory and Standards to Practice now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.