[Cryptography] What references would you recommend for web security?

[R Perlman]

We're working on the 3rd edition of our textbook ("Network Security:
Private Communication in a Public World").  We have a chapter on web
security that needs updating.  In particular, the references we cited in
the 2nd edition (2002) are all 20 years old.  I'm sure there are better
references today.

Do any of you have any favorite books or tutorial overview documents on web
security (e.g., cookies, HTTP, OATH, cross site scripting, cross site
request forgery) that would be good for us to cite?

Also, would any of you like to be reviewers?  SInce we've recruited Ray
Perlner (a NIST employee) to be a coauthor on this edition, we are required
by NIST to have 2 reviewers for each chapter, one from inside Ray's NIST
division, and one from outside. Most of the chapters have been reviewed,
but there are still fun ones that need reviewers, such as email security.



Thanks,

Radia Perlman
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.metzdowd.com/pipermail/cryptography/attachments/20211128/b1903309/attachment.htm>