About the Author

Chris Shiflett is an author and speaker who leads the web application security practice at OmniTI.

HTTP Developer's Handbook Feedback

Thu, 09 Sep 2004 at 01:08:19 GMT
2 Comments
References

There has never been a lot of attention given to my HTTP Developer's Handbook. I've always believed that this is a direct reflection of the topic and the fact that there is (of course) no community surrounding HTTP like there are with programming languages. The book is also more theoretical in nature, and most developers are very pragmatic.

Recently (within the past week or two), I've noticed some positive feedback on the free sample chapters that I have on my Web site.

Jim O'Halloran writes:

A commenter on my previous How SSL works post, pointed me towards the SSL explanation from Chris Shiflett's HTTP Developer's Handbook chapter on SSL which is a really nice explanation of SSL (including public/private and symetric key encryption.

Scott Granneman writes:

I host Web sites, but we've only recently had to start implementing SSL, the Secure Sockets Layer, which turns http into https. I've been on the lookout for a good overview of SSL that explains why it is implemented as it is, and I think I've finally found one: Chris Shiflett: HTTP Developer's Handbook: 18. Secure Sockets Layer is a chapter from Shiflett's book posted on his web site, and boy it is good.

Shiflett is a clear technical writer, and if this chapter is any indication, the rest of his book may be worth buying.

As anyone familiar with my writing knows, I'm always in favor of making as much of it available for free as possible. With the complimentary comments I've seen lately, I may try to polish up the existing sample chapters (if any graphical artists want to volunteer to redo the artwork, that would be great) as well as make a few additional ones available. I'm allowed to make up to 25% of the book freely available, so please feel free to suggest some chapters (perhaps after looking at the Table of Contents if you don't have a copy).

Thanks to Jim and Scott for the kind words. This author really appreciates it.

About This Post

HTTP Developer's Handbook Feedback was posted on Thu, 09 Sep 2004 at 01:08:19 GMT.

2 Comments

1. Ben Ramsey said:

I agree with Granneman that your writing is clear. I purchased HTTP Developer's Handbook earlier this year and found it a very informative reference and theoretical discussion on HTTP. There were also three chapters that I found leaning toward more practical application, and I think these would be very good to put on-line:

17: Authentication With HTTP

22: Programming Practices

23: Common Attacks and Solutions

Your knowledge of HTTP security issues and best practices is something that should be shared with all, and so, I think these chapters would be the best ones to consider for inclusion on your site.
Thu, 09 Sep 2004 at 18:57:05 GMT Link

2. Chris Shiflett said:

Thanks, Ben. I'll try to pick one of those for my next PDF to HTML conversion (pdf2ps and ps2ascii can only do so much). What do you think about the basic HTTP definition chapters? Maybe one or two of those would make a nice online reference for someone.

I'm assuming the 25% is based on chapters, not page count, so I should be able to pick a few more.
Fri, 10 Sep 2004 at 06:39:21 GMT Link

Ronald wrote:: A little hard for a rookie like me, but useful. I also thought you'd like to know there is a grea...; Posted in A rev="canonical" HTTP Header
Alex wrote:: Aren't you forgetting that the session will expire if _write() is never called? That excludes ...; Posted in
Andy Mabbett wrote:: @Chris Shiflett, #4, belatedly: Google only accepts rel=canonical within the same domain. My s...; Posted in A rev="canonical" HTTP Header
Kenneth Udut wrote:: I've implemented this rev="canonical" idea on http://free.naplesplus.us in the hopes that it catc...; Posted in Save the Internet with rev="canonical"
Mark wrote:: After reading your article and all the comments, what I got out of this was that sessions are not...; Posted in