Completely useless for PKI programming

The title "Secure Programming Cookbook" is more than a reach, but downright misleading. I bought this book fully expecting to find recipes for using OpenSSL's crypto library to generate CSRs, handle private CA functions such as create Digital ID Certificates, and other functions actually used in writing secure applications. What I found was the author spending more time talking about products and services offered by Verisign, and very little code whatsoever. There is some code for verifying a certificate, and downloading a revocation list, but sadly I've found more useful information reading OpenSSL's lackluster man pages than I have in this book. If you're looking for high level information about "how stuff works", or some simple command-line help, this book will suit you. If you're looking for content living up to the book's title - content that would actually help you implement things like PKI - you'll unfortunately come up short.

Other Reviews

• Completely useless for PKI programming
• Good developer reference
• a good reference if you've really got to be secure
• Great book for anyone using C
• A task-oriented reference guide