Digital Certificates: Applied Internet Security (with CD-ROM)

Paperback (Print)
Used and New from Other Sellers
Used and New from Other Sellers
from $1.99
Usually ships in 1-2 business days
(Save 96%)
Other sellers (Paperback)
  • All (19) from $1.99   
  • New (5) from $19.92   
  • Used (14) from $0.00   

Overview

Digital certificates bind a cryptographic key with one or more attributes of a user. Issued by certification authorities, the certificates protect the Internet by assuring the authenticity of network messages. This technology and its underlying digital signatures are now helping fuel the deployment of electronic commerce on the Internet. Internet users, developers, administrators, and corporate buyers need to have a solid understanding of certificate-based security systems in order to harness their potential.

Digital Certificates: Applied Internet Security is a detailed and practical guide to understanding and working with this important technology. It presents an overview of digital certificates and their role in Internet security, a detailed description of the technologyis inner workings, and a look at the business infrastructure that is essential to its effective utilization. Practical throughout, this book features numerous examples from actual Internet applications to illustrate concepts and demonstrate how the technology works under real-world conditions.

In this comprehensive book you will find:

  • Essential background information on Internet security and cryptography fundamentals
  • Detailed information about digital certificates, the X.509 standard, and Public Key Infrastructures
  • Coverage of Web Browser security, trust-based software management for downloadable code (Java applets, JavaScript, and ActiveX controls), secure e-mail, Web server security, and access control
  • A discussion of the certificate-related security features of Netscape and Microsoft Web browsers, Netscape Messenger, Microsoft Outlook Express, and S/MIME, ASN.1, PKCS, SET, and SSL standards
  • Information on trusted third parties, accountability and reliability, and certification practice statements
  • Coverage of certificate authority service providers, local registration authorities, and security management solutions, based on VeriSign personal and server certificates, VeriSign OnSite enterprise solutions, and Microsoft Certificate Server 1.0

0201309807B04062001

Read More Show Less

Editorial Reviews

Booknews
Notwithstanding resistance from law enforcement agencies, computer security technology is now available to the masses. Commercial Internet transactions, along with the speed of computers enabling cryptographic software solutions, have spawned greater open system use of such. Two software engineers and a security-systems architect demystify digital certificates, the related network identification technology, and business infrastructure. The CD-ROM features sample programming projects in a variety of languages using the Microsoft Certificate Server; minimum requirements are: Netscape Navigator 4.0 or Internet Explorer 4.0; Windows NT 4.0 server with service pack 3, IIS 4, Microsoft Platform SDK 1/98 edition, Microsoft SDK for Java version 2.0, Visual Studio 5, and Visual Basic 5.0. Annotation c. by Book News, Inc., Portland, Or.
Read More Show Less

Product Details

  • ISBN-13: 9780201309805
  • Publisher: Addison-Wesley
  • Publication date: 9/29/1998
  • Edition description: BK&CD ROM
  • Pages: 480
  • Product dimensions: 7.40 (w) x 9.05 (h) x 1.18 (d)

Meet the Author

Jalal Feghhi is a senior software engineer at VeriSign, Inc., a world leader in digital certificate technology. His research interests include Internet security and object technology. Jalal is the author of Web Developer's Guide to Java Beans. Jalil Feghhi is a senior software engineer with @Home Network, Inc. His research areas include component-based software technology and network communications. Jalil is a contributing author to Web Developer's Guide to Java Beans. Peter Williams, an authority in communications security, has worked in research and development of digital certificate technologies since 1991. He is a certificate-based security systems architect at VeriSign, Inc. .

0201309807AB04062001

Read More Show Less

Read an Excerpt

Public-key cryptography and digital certificates are relative newcomers on the Internet scene, although they have been around for many years in closed commercial and financial networks and military systems. In this book, we concentrate on the aspects of these technologies that target the Internet culture and address the needs of Internet consumers.

Internet consumers have already begun to reap the benefits of digital certificates. They can use popular e-mail products to send and receive secure e-mail, connect to secure Web sites to purchase goods or obtain services, and allow downloaded Java applets or ActiveX controls to run on their computers after verifying the origin of the downloaded code.

Systems engineers have traditionally faced many challenges when incorporating security technologies into consumer systems. They usually add protection mechanisms late in the design process, and they can never quite get rid of all the outstanding security issues—the maze of twisty paths and interconnections between protector and protectee seem simply endless. The basic trick to managing the unmanageable seems to be to exploit trust. But, to rely upon such a vague concept to solve engineering problems, we also need an infrastructure that addresses assurance, confidence, liability, insurance, agreements, and accreditation.

However, do trust and the supporting infrastructure enable individuals and corporations to conduct monetary transactions on the Internet? How can we implement the required notion of trust in this global, open network? In this book, we argue that digital certificates are destined to enable secure electronic commerce on the Internet. The technological liberationintroduced by public-key cryptography allows the public component of key pairs to be shared openly, thus creating a basic infrastructure for trust-based security. Packaged in internationally standardized message formats, public keys can be signed and certified to form identity certificates by anyone who wishes to be a certificate-issuing authority.

By using the corresponding personal, private component of the key pair, you can establish your identity to Web sites to purchase goods, obtain services, or just say "Hi! It's me!" to the world in a digitally signed e-mail message. The mathematical relationship between the public and private parts of a key pair enables anyone to ascertain your identity by verifying that you are indeed in the possession of your private key, merely by using your public key. Now, if consumers trust popular, branded certificate-issuing authorities to assure the quality of this kind of key certification, we are well on the way to establishing trust and facilitating commerce on the Internet. We have addressed the hard problem of identifying and authenticating arbitrary, willing parties with standards corporations and society required to embrace electronic commerce.

We would like to invite you to share our passion and take the plunge into the once-so-secret world of cryptography and keys and help build the Internet public-key infrastructure. We encourage you to begin obtaining or issuing certificates and to use them for experimentation, business, or to reduce the cost of using more expensive trusted networking technologies. By using certificate-based security systems, deploying prototype services, coming to grips with the basic building blocks of certificate-issuing systems, and sharing the learning process with others, we will collectively build another layer of net relationships, this time fashioning the Internet's trust networks. By reinventing a world founded on trust instead of fear of dominance, not only do we all win additional safety and security, but the resulting infrastructure will expand commercial and technological opportunities and horizons. In creating a mass medium, however, we need to be careful not to undermine precisely what made the Internet so appealing to ordinary people when we deploy a common security infrastructure. We need to ensure the Internet can still represent the individual, even when it protects institutions. Step forward, digital certificates. Intended Readers, Reading Strategies, and Distinctive Treatment

We have written the book with three groups of readers in mind:

  • Users who require a technical perspective on mass-market public-key security applications
  • Programmers and designers of certificate-based security solutions
  • Senior managers charged with fielding or buying certification authority systems and services

Although we have taken pains to present our discussion in a logical fashion that would permit a sequential reading of the book, you may prefer to take your own route through the chapters.

By exploiting the skills of each author, we have sought to combine an experienced system designer's objective view of actual mass-market system and security technologies, a wizard developer's presentation of the reality of programming and customizing certificate-issuing systems for local needs, and many years of experience in designing and implementing standards-based, certificate-based security systems. We trust that the combination of our backgrounds and skills will enable you to satisfy your reading goals. About This Book

This book addresses issues concerning the scale and diversity of an increasingly prosperous but as yet rather unsecure Internet. It explains how digital certificates establish trust for the Internet and how trust enables applications to operate safely, as intended by their original designers. We have selected topics that range from introducing the fundamentals of security and digital certificates to providing coverage of advanced material on certification practice statements and computer security management. Often, we introduce a concept early on and revisit it later in the book, each time analyzing and explaining it from a different perspective.

We leave it to other books to address these matters and other topics, such as certificate revocation, security policy, and systems for nonrepudiation. One book in particular is an excellent companion to this one: Secure Computing—Threats and Safeguards (McGraw-Hill, 1997), written by Rita C. Summers. This book contains a digest of much of the available published research in the area of secure computing, and it is especially relevant to the advanced topics of this book covered in Part IV. Content of the Book

The book is composed of six parts and four appendices. The first three parts cover the fundamentals of security, cryptography, and digital certificates; certificate-based security applications that address threats to Internet consumers; and vendors that supply public-key-based products and services. Part IV presents advanced material aimed at users and operators interested in the world of commercial-grade public key infrastructure.

Parts V and VI begin a practical journey to round out the ideas presented in the earlier parts of the book. They provide deployment projects to help a programmer or system administrator obtain hands-on experience with the application of digital certificates to enable Web server and client authentication. These parts also demonstrate how to set up a local certificate-issuing system that outsources key management using VeriSign OnSite, and how to program Microsoft Certificate Server to issue certificates using a variety of languages (Java, Visual Basic, C++) and the open X.509 certificate formats. You can refer to the part descriptions that we have provided for each part of the book to find out more information about the material covered in each part.

The four appendices contain material from other sources. Appendix A, from RSA Laboratories, explains the language of certificate notation (ASN.1). Appendix B, from Microsoft, provides a summary of certificate extension formats supported in many of the commonly available certificate-using products. Finally, Appendix C provides a summary of VeriSign Certification Practice Statement, and Appendix D contains VeriSign's perspective on the economics of outsourcing key management. Software Used in This Book

Change is happening fast in the field of digital certificates, and commercial vendors are rapidly deploying new public-key-based security products in the marketplace. This fast rate of change posed a difficult question for us: How much vendor-specific material should we include to present a technological perspective on mass-market public-key security applications without jeopardizing the useful lifespan of this book?

Because this book is about the applied aspects of public-key technology as well as its theory, we decided to provide a rather detailed exposition of some relevant vendor-specific products that were new to the marketplace at the time we were writing this book. However, we limited our coverage of products for which there is already a reasonable amount of documentation. By carefully limiting the number of vendor-specific technologies and providing a considerable amount of essential, basic material, we believe we have written a book that will serve as a fundamental guide to digital certificates.

We have used the following vendor-specific technologies in this book. To explain the fundamentals of trust-based software management, we have used Netscape Communicator 4.04 and Microsoft Internet Explorer 4.0 browsers. To illustrate how to send and receive secure e-mail, we have used Netscape Messenger and Microsoft Outlook Express, which come bundled with the browsers. We have used sample Web pages from the VeriSign public site to illustrate the steps required to obtain certificates and to set up a local certificate-issuing system that outsources key management to VeriSign. Finally, we have used Microsoft Internet Information Server 4.0 to illustrate server and client authentication, and we have developed the practical projects of Part VI with Microsoft Certificate Server 1.0 running on Windows NT Server 4.0. Getting in Touch

For updates to this book, check out the Web page http://www.awl.com/cseng/titles/0-201-30980-7. Acknowledgments

First, we would like to acknowledge many unnamed people who have worked within the standards communities to define and lay out the possibility of a collective security infrastructure for open networks. According to Douglas Steedman,1 the primary forces included Hoyt Kesterson, Sharon Boeyen, and Al Grimstad, who worked on or contributed to the original X.500 Directory, upon which so much of this work is founded. Seminal work in digital certificates in the open Internet space is largely due to Steve Kent and John Linn, their supporters and founders, and a small cast of several hundred active security newsgroup participants. Without their persistence in arguing for such a clearly workable technology as digital certificates in the Internet Engineering Task Force, we probably would not be where we are today. We would also like to acknowledge the outreach programs of various government agencies such as NIST, the National Security Agency and Department of Defense, the U.K. Defense Research Agency, and the R&D and pilot programs of the European Commission.

Policy management ideas have fundamentally affected commercial certificate-based security systems, taking them from pure specifications to viable businesses that solve real security problems. We will not even attempt to list those from the legal, banking, and accounting professions who ensured that this vital topic became a part of the technical infrastructure, but we do recognize their fundamental contribution.

Many people contributed to this book by reviewing parts or all of the manuscript: Russell Nelson from Crynwr Software; Sigmund Handelman from IBM's T.J. Watson Research Center; Theodore S. Barassi from CertCo, LLC; Dave Crocker from Brandenburg Consulting; William James from The James Gang; Norman Weinstein; Tim Matthews from RSA Data Security; and Warwick Ford from VeriSign. We would especially like to thank Arn Schaeffer from VeriSign who meticulously read the entire manuscript during his vacation.

The publishing of this book would not have been possible without Addison Wesley Longman. Karen Gettman and Mary Hart worked with us from start to finish. John Fuller and Jason Jones helped with electronic production of the book. Maureen Hurley acted as the production editor. The marketing team at Addison Wesley Longman included Tracy Russ, Marketing Manager; Katherine Kwack, Marketing Specialist; Deborah King, Publicist; and Laura Potter, Marketing Assistant. Finally, we would like to acknowledge all the hard work that Karen Tongish put into copyediting the manuscript.

Finally, we would like to recognize the following organizations for giving us permission to use their material in this book: Ed Gerck, ITU, Microsoft Corp., Network Associates, Inc., RSA Data Securities, Inc., U.S. Army, Naval Computer and Telecommunications Command, and VeriSign Inc. We would also like to acknowldege VeriSign and @Home as the companies that employed the authors at the time we were writing the manuscript. The ideas presented in this book, however, are our own and not necessarily those of our employers.

Read More Show Less

Table of Contents

Preface.

I. SECURITY, CRYPTOGRAPHY, AND DIGITAL CERTIFICATES.

1. Security and the Internet.

2. Cryptography.

3. Digital Certificates, Certification Authorities, and Public-Key Infrastructures.

II. APPLIED INTERNET SECURITY.

4. Browser Security and Trust-Based Software Management.

5. Secure Messaging and S/MIME.

6. Web Server Security, Certificates, and Access Control.

7. Integrity and Open Standards.

III. SECURITY MANAGEMENT PRACTICE.

8. Security Management Solutions.

9. Certification Services.

10. Local Registration Authorities (LRAs).

IV. THE TRUST DILEMMA.

11. Certificate Policy & Certification Practice.

12. Secure Electronic Commerce.

13. Computer Security Management.

V. WEB SECURITY AND CERTIFICATES.

14. Secure Web Communications n Server Authentication.

15. Secure Web Communications n Client Authentication.

16. Microsoft Certificate Server n The Architecture.

VI. MICROSOFT CERTIFICATE SERVER.

17. Programming Microsoft Certificate Server n The Policy Module and Extension Handlers.

18. Programming Microsoft Certificate Server n The Exit Module.

19. Programming Microsoft Certificate Server n Certificate Clients and Intermediaries.

20. Programming Microsoft Certificate Server n Admin Programs.

Appendix A. Abstract Syntax Notation (ASN.1).

Appendix B. Structuring X.509 Certificate for Use with Microsoft Products.

Index. 0201309807T04062001

Read More Show Less

Preface

Public-key cryptography and digital certificates are relative newcomers on the Internet scene, although they have been around for many years in closed commercial and financial networks and military systems. In this book, we concentrate on the aspects of these technologies that target the Internet culture and address the needs of Internet consumers.

Internet consumers have already begun to reap the benefits of digital certificates. They can use popular e-mail products to send and receive secure e-mail, connect to secure Web sites to purchase goods or obtain services, and allow downloaded Java applets or ActiveX controls to run on their computers after verifying the origin of the downloaded code.

Systems engineers have traditionally faced many challenges when incorporating security technologies into consumer systems. They usually add protection mechanisms late in the design process, and they can never quite get rid of all the outstanding security issues--the maze of twisty paths and interconnections between protector and protectee seem simply endless. The basic trick to managing the unmanageable seems to be to exploit trust. But, to rely upon such a vague concept to solve engineering problems, we also need an infrastructure that addresses assurance, confidence, liability, insurance, agreements, and accreditation.

However, do trust and the supporting infrastructure enable individuals and corporations to conduct monetary transactions on the Internet? How can we implement the required notion of trust in this global, open network? In this book, we argue that digital certificates are destined to enable secure electronic commerce on the Internet. The technological liberation introduced by public-key cryptography allows the public component of key pairs to be shared openly, thus creating a basic infrastructure for trust-based security. Packaged in internationally standardized message formats, public keys can be signed and certified to form identity certificates by anyone who wishes to be a certificate-issuing authority.

By using the corresponding personal, private component of the key pair, you can establish your identity to Web sites to purchase goods, obtain services, or just say "Hi! It's me!" to the world in a digitally signed e-mail message. The mathematical relationship between the public and private parts of a key pair enables anyone to ascertain your identity by verifying that you are indeed in the possession of your private key, merely by using your public key. Now, if consumers trust popular, branded certificate-issuing authorities to assure the quality of this kind of key certification, we are well on the way to establishing trust and facilitating commerce on the Internet. We have addressed the hard problem of identifying and authenticating arbitrary, willing parties with standards corporations and society required to embrace electronic commerce.

We would like to invite you to share our passion and take the plunge into the once-so-secret world of cryptography and keys and help build the Internet public-key infrastructure. We encourage you to begin obtaining or issuing certificates and to use them for experimentation, business, or to reduce the cost of using more expensive trusted networking technologies. By using certificate-based security systems, deploying prototype services, coming to grips with the basic building blocks of certificate-issuing systems, and sharing the learning process with others, we will collectively build another layer of net relationships, this time fashioning the Internet's trust networks. By reinventing a world founded on trust instead of fear of dominance, not only do we all win additional safety and security, but the resulting infrastructure will expand commercial and technological opportunities and horizons. In creating a mass medium, however, we need to be careful not to undermine precisely what made the Internet so appealing to ordinary people when we deploy a common security infrastructure. We need to ensure the Internet can still represent the individual, even when it protects institutions. Step forward, digital certificates.

Intended Readers, Reading Strategies, and Distinctive Treatment

We have written the book with three groups of readers in mind:

  • Users who require a technical perspective on mass-market public-key security applications
  • Programmers and designers of certificate-based security solutions
  • Senior managers charged with fielding or buying certification authority systems and services

Although we have taken pains to present our discussion in a logical fashion that would permit a sequential reading of the book, you may prefer to take your own route through the chapters.

By exploiting the skills of each author, we have sought to combine an experienced system designer's objective view of actual mass-market system and security technologies, a wizard developer's presentation of the reality of programming and customizing certificate-issuing systems for local needs, and many years of experience in designing and implementing standards-based, certificate-based security systems. We trust that the combination of our backgrounds and skills will enable you to satisfy your reading goals.

About This Book

This book addresses issues concerning the scale and diversity of an increasingly prosperous but as yet rather unsecure Internet. It explains how digital certificates establish trust for the Internet and how trust enables applications to operate safely, as intended by their original designers. We have selected topics that range from introducing the fundamentals of security and digital certificates to providing coverage of advanced material on certification practice statements and computer security management. Often, we introduce a concept early on and revisit it later in the book, each time analyzing and explaining it from a different perspective.

We leave it to other books to address these matters and other topics, such as certificate revocation, security policy, and systems for nonrepudiation. One book in particular is an excellent companion to this one: Secure Computing--Threats and Safeguards (McGraw-Hill, 1997), written by Rita C. Summers. This book contains a digest of much of the available published research in the area of secure computing, and it is especially relevant to the advanced topics of this book covered in Part IV.

Content of the Book

The book is composed of six parts and four appendices. The first three parts cover the fundamentals of security, cryptography, and digital certificates; certificate-based security applications that address threats to Internet consumers; and vendors that supply public-key-based products and services. Part IV presents advanced material aimed at users and operators interested in the world of commercial-grade public key infrastructure.

Parts V and VI begin a practical journey to round out the ideas presented in the earlier parts of the book. They provide deployment projects to help a programmer or system administrator obtain hands-on experience with the application of digital certificates to enable Web server and client authentication. These parts also demonstrate how to set up a local certificate-issuing system that outsources key management using VeriSign OnSite, and how to program Microsoft Certificate Server to issue certificates using a variety of languages (Java, Visual Basic, C++) and the open X.509 certificate formats. You can refer to the part descriptions that we have provided for each part of the book to find out more information about the material covered in each part.

The four appendices contain material from other sources. Appendix A, from RSA Laboratories, explains the language of certificate notation (ASN.1). Appendix B, from Microsoft, provides a summary of certificate extension formats supported in many of the commonly available certificate-using products. Finally, Appendix C provides a summary of VeriSign Certification Practice Statement, and Appendix D contains VeriSign's perspective on the economics of outsourcing key management.

Software Used in This Book

Change is happening fast in the field of digital certificates, and commercial vendors are rapidly deploying new public-key-based security products in the marketplace. This fast rate of change posed a difficult question for us: How much vendor-specific material should we include to present a technological perspective on mass-market public-key security applications without jeopardizing the useful lifespan of this book?

Because this book is about the applied aspects of public-key technology as well as its theory, we decided to provide a rather detailed exposition of some relevant vendor-specific products that were new to the marketplace at the time we were writing this book. However, we limited our coverage of products for which there is already a reasonable amount of documentation. By carefully limiting the number of vendor-specific technologies and providing a considerable amount of essential, basic material, we believe we have written a book that will serve as a fundamental guide to digital certificates.

We have used the following vendor-specific technologies in this book. To explain the fundamentals of trust-based software management, we have used Netscape Communicator 4.04 and Microsoft Internet Explorer 4.0 browsers. To illustrate how to send and receive secure e-mail, we have used Netscape Messenger and Microsoft Outlook Express, which come bundled with the browsers. We have used sample Web pages from the VeriSign public site to illustrate the steps required to obtain certificates and to set up a local certificate-issuing system that outsources key management to VeriSign. Finally, we have used Microsoft Internet Information Server 4.0 to illustrate server and client authentication, and we have developed the practical projects of Part VI with Microsoft Certificate Server 1.0 running on Windows NT Server 4.0.

Getting in Touch

For updates to this book, check out the Web page http://www.awl.com/cseng/titles/0-201-30980-7.

Acknowledgments

First, we would like to acknowledge many unnamed people who have worked within the standards communities to define and lay out the possibility of a collective security infrastructure for open networks. According to Douglas Steedman,1 the primary forces included Hoyt Kesterson, Sharon Boeyen, and Al Grimstad, who worked on or contributed to the original X.500 Directory, upon which so much of this work is founded. Seminal work in digital certificates in the open Internet space is largely due to Steve Kent and John Linn, their supporters and founders, and a small cast of several hundred active security newsgroup participants. Without their persistence in arguing for such a clearly workable technology as digital certificates in the Internet Engineering Task Force, we probably would not be where we are today. We would also like to acknowledge the outreach programs of various government agencies such as NIST, the National Security Agency and Department of Defense, the U.K. Defense Research Agency, and the R&D and pilot programs of the European Commission.

Policy management ideas have fundamentally affected commercial certificate-based security systems, taking them from pure specifications to viable businesses that solve real security problems. We will not even attempt to list those from the legal, banking, and accounting professions who ensured that this vital topic became a part of the technical infrastructure, but we do recognize their fundamental contribution.

Many people contributed to this book by reviewing parts or all of the manuscript: Russell Nelson from Crynwr Software; Sigmund Handelman from IBM's T.J. Watson Research Center; Theodore S. Barassi from CertCo, LLC; Dave Crocker from Brandenburg Consulting; William James from The James Gang; Norman Weinstein; Tim Matthews from RSA Data Security; and Warwick Ford from VeriSign. We would especially like to thank Arn Schaeffer from VeriSign who meticulously read the entire manuscript during his vacation.

The publishing of this book would not have been possible without Addison Wesley Longman. Karen Gettman and Mary Hart worked with us from start to finish. John Fuller and Jason Jones helped with electronic production of the book. Maureen Hurley acted as the production editor. The marketing team at Addison Wesley Longman included Tracy Russ, Marketing Manager; Katherine Kwack, Marketing Specialist; Deborah King, Publicist; and Laura Potter, Marketing Assistant. Finally, we would like to acknowledge all the hard work that Karen Tongish put into copyediting the manuscript.

Finally, we would like to recognize the following organizations for giving us permission to use their material in this book: Ed Gerck, ITU, Microsoft Corp., Network Associates, Inc., RSA Data Securities, Inc., U.S. Army, Naval Computer and Telecommunications Command, and VeriSign Inc. We would also like to acknowldege VeriSign and @Home as the companies that employed the authors at the time we were writing the manuscript. The ideas presented in this book, however, are our own and not necessarily those of our employers.

0201309807P04062001

Read More Show Less

Customer Reviews

Be the first to write a review
( 0 )
Rating Distribution

5 Star

(0)

4 Star

(0)

3 Star

(0)

2 Star

(0)

1 Star

(0)

Your Rating:

Your Name: Create a Pen Name or

Barnes & Noble.com Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & Noble.com that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & Noble.com does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at BN.com or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation

Reminder:

  • - By submitting a review, you grant to Barnes & Noble.com and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Noble.com Terms of Use.
  • - Barnes & Noble.com reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & Noble.com also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on BN.com. It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

 
Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously

    If you find inappropriate content, please report it to Barnes & Noble
    Why is this product inappropriate?
    Comments (optional)