Rating: 
Summary: Complete and succinct discussion of PKI
Review: "Understanding Public-Key Infrastructure" is well written and is a terrific book. It is the most complete and succinct book available on the subject of PKI. Other books deal with various detailed aspects of Public-Key Infrastructure, but this particular book is the best available in forming a clear overall perspective of the subject area. A great book for managers or technical readers which are looking for good, solid information but which don't want excessive details. I enjoyed the book, and feel the authors did an excellent job in describing the subject of PKI. The approach taken in this book is useful, not hyped. The coverage is broad and extensive but not encumbered by inordinate detail about algorithms and protocols. Explanations are clear and concise. I am pleased to recommend the book to anyone looking for a very good, succinct but thorough treatment of the subject area.
Rating:
Summary: Complete and succinct discussion of PKI
Review: "Understanding Public-Key Infrastructure" is well written and is a terrific book. It is the most complete and succinct book available on the subject of PKI. Other books deal with various detailed aspects of Public-Key Infrastructure, but this particular book is the best available in forming a clear overall perspective of the subject area. A great book for managers or technical readers which are looking for good, solid information but which don't want excessive details. I enjoyed the book, and feel the authors did an excellent job in describing the subject of PKI. The approach taken in this book is useful, not hyped. The coverage is broad and extensive but not encumbered by inordinate detail about algorithms and protocols. Explanations are clear and concise. I am pleased to recommend the book to anyone looking for a very good, succinct but thorough treatment of the subject area.
Rating:
Summary: PKI book that makes sense
Review: Carlisle and his co authors have written a book that will allow the Security practioner, as well as the Security techie, to understand the basics of PKI Infrastrucutres. I had the opportunity to meet Carlisle at the Secure Summit this past Jan., and we had a very interesting dicussion about this book, how he came to write it, etc. Just sorry I didn't have my copy for an autograph. I have ordered my 2d copy, sent the first copy I bought to a buddy who needed to understand the innnards of PKI. This book is an easy read but loaded with good data on PKI. I would recommend this book to managers who need to understand PKI but don't need to do the technical pieces. For my part, I am Security professional with over 30 years experience.
Rating: 
Summary: Nearly worthless
Review: I bought this book because of the excellent reviews it got. However upon reading this I can't see any justification for these reviews. First of all it is very high level; I mean appropriate for your manager's, manager's manager maybe. This book is all about fawning over Diffie Hellman and philosophizing about how pki should be used etc. There is no technical information in this book, no code, no flow charts, no diagrams, no data structures. It doesn't even explain how pki is applied, for example to ssl. All the real information in this book could have been condenced to a few pages. I really needed this book to be good and it was not. Look if you want to go to a cocktail party and impress someone with no technical exposure then maybe this is your book. Otherwise there must be better choices.
Rating:
Summary: Great PKI Project Manager's Guide/tutorial/overview
Review: I gave this five stars for the breadth of coverage. I don't need yet another book on cryptography -- I already have a shelf full. Carlisle and Steve cover the PKI turf without getting unnecessarily bogged down in technical details. For example, they cover the functions and differences of ECDSA versus ECDH in about a paragraph. If you want to know how the algorithms work, read Applied Cryptography. This has a clear, concise, and non-technical explanation of just about every concept, standard, and issue a project manager would need to know about PKI. I give credit for not trying to cover the technical issues in depth -- rather, this takes the approach of: here's the issue, here are the alternatives, and if you want to know more read ...The concepts and issues are very current, and cover proposed and draft standards, including Privilege Management Infrastructure, certificate revocation mechanisms, trust models, etc. Excellent coverage!
Rating: 
Summary: Has value for Technical Architects / Security Analysts
Review: I think there's some merit to people expecting a more hands on approach in a book like this. But those expectations seems unrealistic. The book is not titled "Implementing PKI," it's called "Understanding PKI." There is value in a concepts book. For experienced technical professional trying to get a grip on the terminologies and concepts of security and PKI, this book is succinct and touches all the major points. For those looking for screenshots of people right clicking icons, there's a thousand other books like that! Most of those so called "technical books" are not that technical. It's nice to have a book that's not product specific for a change. This book does what it intends to do well. There is a need for more technical books but this book is valuable in it's present form. I have given several copies to peers. I hope this review helps you balance out your opinions before deciding for or against this book.
Rating:
Summary: Has value for Technical Architects / Security Analysts
Review: I think there's some merit to people expecting a more hands on approach in a book like this. But those expectations seems unrealistic. The book is not titled "Implementing PKI," it's called "Understanding PKI." There is value in a concepts book. For experienced technical professional trying to get a grip on the terminologies and concepts of security and PKI, this book is succinct and touches all the major points. For those looking for screenshots of people right clicking icons, there's a thousand other books like that! Most of those so called "technical books" are not that technical. It's nice to have a book that's not product specific for a change. This book does what it intends to do well. There is a need for more technical books but this book is valuable in it's present form. I have given several copies to peers. I hope this review helps you balance out your opinions before deciding for or against this book.
Rating:
Summary: Has value for Technical Architects / Security Analysts
Review: I think there's some merit to people expecting a more hands on approach in a book like this. But those expectations seems unrealistic. The book is not titled "Implementing PKI," it's called "Understanding PKI." There is value in a concepts book. For experienced technical professional trying to get a grip on the terminologies and concepts of security and PKI, this book is succinct and touches all the major points. For those looking for screenshots of people right clicking icons, there's a thousand other books like that! Most of those so called "technical books" are not that technical. It's nice to have a book that's not product specific for a change. This book does what it intends to do well. There is a need for more technical books but this book is valuable in it's present form. I have given several copies to peers. I hope this review helps you balance out your opinions before deciding for or against this book.
Rating:
Summary: comprehensive and still very readable: a must!
Review: I'm giving courses on PKI. I was looking for a good reference for my students. Finally found one! I read it cover to cover: comprehensive, very easy to read, vendor-neutral (very important to me), not biaised: also gives you the pros and cons, issues with PKI. A must to read if interested in PKI.
Rating:
Summary: Brian Wilson must work for Verisign...
Review: Its not Entrust's fault if they are the only PKI vendor that actively supports standards, develops the most technologically advanced and secure PKI solutions, and carry out the best practices.
| 
