I'd suggest wandering down to local bookshop (Yep somethings still aren't on the net ;) ) and pick up a copy of Bruce Schneier's book 'Secrets and lies'.

He also produces a monthly web-zine called CryptoGram that discusses such topics in 'real world' depth.

RSA also some decent explainations of the technology/maths supporting it in their Tech Library.

Probably the best advice that seems to be floating around right at the moment is:
- Know exactly what you're attempting to trust (as opposed the very rare occation of 'who')
- Realise that no form of encryption is a perfect defence for all. If you assume that anything you create can be broken then you're more likely to build a better system.

Enjoy.