Sun Jun 8 11:41:21 CEST 2008

ssl for connecting scheme instances

endpoint auth: only server authenticated
mutual auth: both are authenticated
  -> can use PKI or pre-shared keys using SRP

i don't really need a PKI for the p2p links: all my hosts are known,
and pre-shared keys can be easily distributed using ssh PKI.

what i want is probably TSL-PSK
hmm.. in openssl this seems to be a recent feature, only since 0.9.9
(debian has 0.9.8)