Kipp E.B. Hickman writes: | I'm listening! What is wrong with SSL? What defects does it have in the way | that it tries to solve privacy and authentication? What should we do to make | the next version better? The first thing you need to do is define a threat model. Make explicit your assumptions. What needs to be trusted, and when? Who are your threats? What are your assets, and what are they worth? Next, you should publish the model, and let us rip it into little shreds. This is hard on the ego, but good for your threat model. No one ever thinks of everything. Iterate here. This is where the time & effort belong. Once you have a solid threat model, you should see what protocols and tools are out there that can be used to defend against those threats. I suspect that most of the tools you will find you need exist. Some will not. Having found what wheels don't need to be invented, you need to code your solutions. Then you need to publish that code to allow the security community to decide whether or not to trust it. Adam -- "It is seldom that liberty of any kind is lost all at once." -Hume