Creating this book took a lot of work—far more than was anticipated when the project was begun. Debby Russell suggested the book to us in the spring of 1996, when we were still hard at work on Practical UNIX & Internet Security. Simson took the lead and wrote the bulk of this book. He started working on it in June 1996 and spent the first six months trying to find out what was happening in the world of web security and commerce—and trying to keep up with the steady stream of announcements. In the fall, Gene’s schedule aligned with his interest, and he agreed to join the project.
Many, many people throughout the computer industry gave valuable input for this book.
At Consensus, Christopher Allen and Tim Dierks reviewed our chapters on SSL.
At Cybercash, Carl Ellison sent us many email messages about the role and usefulness of certificates.
At First Virtual, Marshall Rose and Lee Stein gave us lots of juicy information about what they were doing.
At JavaSoft, David Brownell answered many questions regarding Java and Java’s interaction with digital signatures.
At Microsoft, Charles Fitzgerald, Barbara Fox, Rick Johnson, Thomas Reardon, and Michael Toutonghi spent a great number of days and nights acquainting us with the issues of SET, Java, JavaScript, and ActiveX security.
At Netscape, Frank Chen, Eric Greenberg, Jeff Treuhaft, and Tom Weinstein provided us with many technical insights.
At VeriSign, Michael Baum, Gina Jorasch, Kelly M. Ryan, Arn Schaeffer, Stratton Sclavos, and Peter Williams were very patient, answering many questions.
At the World Wide Web Consortium (W3C), Paul Resnick reviewed the chapter on PICS and made several helpful suggestions.
Adam Cain at UIUC provided interesting timing information about SSL for the SSL chapter. Brad Wood from Sandia National Labs gave us excellent comments about the role of encryption in securing web servers. John Guinasso at Netcom gave us interesting insights into the human problems facing ISPs. Mark Shuttleworth at Thawte and Sameer Parekh at Community ConneXion told us more about web servers and dealing with VeriSign than we ever imagined we might need to know. Nessa Feddis at the American Banker’s Association straightened us out about many banking regulations. Eric Young, the author of SSLeay, answered many questions about his program and other aspects of SSL. Jon Orwant looked over the Perl code and answered questions for us.
We would like to thank our reviewers, who made this a better book by scanning the draft text for inaccuracies and confusions. Special thanks are due to Michael Baum, David Brownell, Carl Ellison, Barbara Fox, Lamont Granquist, Eric Greenberg, John Guinasso, Peter Neumann, Marshall Rose, Lincoln Stein, Ilane Marie Walberg, Dan Wallach, and David Waitzman (whose name was inadvertently misspelled in the acknowledgments of Practical UNIX & Internet Security). Special thanks to Kevin Dowd, who provided information on Windows NT host security for Chapter 13, to Bradford Biddle, who gave us permission to include the digital signature policy questions in Chapter 6, and to Bert-Jaap Koops, who let us use his table on export restrictions in Chapter 11.
Our editor Debby Russell did yet another fabulous job editing this book. Chris Reilley created illustrations that helped convey some of the more difficult ideas. Many thanks to Clairemarie Fisher O’Leary, the production editor for this book; Edie Freedman, who designed the front cover; Nancy Priest, who designed the back cover and interior format; Deborah Cunha, the copyeditor; Kathleen Faughnan and Madeleine Newell, who entered edits; and Seth Maislin, who indexed the book.
Thanks to the computer science graduate students at Princeton and UC Berkeley who helped put web security stories on the front pages of our nation’s newspapers. Thanks as well are due to the Graduate School of Public Affairs at the University of Washington, Seattle, where Simson was a visiting scholar during the editing and final production of this book.
And finally, from Simson: “I would like to express my greatest thanks to my wife Beth Rosenberg and my daughter Sonia Kineret.” From Gene: “My thanks to wife Kathy and daughter Elizabeth for putting up with my time in the office spent on yet another book project while already too busy. Also, thanks to everyone at the COAST lab for tolerating my erratic schedule as I did the last-minute edits on this book.”
Get Web Security and Commerce now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
