Learning how to use the API for OpenSSL — the best-known open library for secure communication — can be intimidating, because the documentation is incomplete. Fill in the gaps, and tame the API, with the tips in this article. After setting up a basic connection, see how to use OpenSSL’s BIO library to set up both a secured and unsecured connection. And learn a bit about error detection as well.
SUNXACML, an opensource library for XACML just released last week.
http://sunxacml.sourceforge.net/
OASIS XACML — eXtensible Access Control Markup Language
http://www.oasis-open.org/committees/xacml/repository/cs-xacml-spec…
No new info here, this article serves to only summerise and
rehash the Oreilly OpenSSL book. Hint to budding authors, don’t try to get credit by publishing article on the net that are a blatent ripoff of an already published book.
Thanks for posting the article. I’m just dipping my toes into this stuff, and besides the nice intro, looks like there’s some useful links at the bottom of the article too.
The code there is not enough to be secure, it doesn’t seem to check the certificate constraints so it’s vulnerable to man in the middle attacks.
Uh, no kidding. It says that in the article. Not to mention that it doesn’t cover important topics like “sending data” over our newfound SSL connection.