Am I wrong, or is Diffie-Helman only useful when you *don't* have a way of verifying who each other are?
No, DH is useful whenever you want to generate a session key between two entities, and its even more useful because it doesn't require any prior knowledge. This means that you don't *need* to verify the identity of the other person. However, without some way of verifying the key of the other party, there is no easy way to detect a monkey-in-the-middle attack. As was put forward, a combination of DH to key exchange and RSA to detect monkey-in-the-middle will protect you, but you lose your anonymity at that point. So, to return to your question, DH is useful even when you have a method of verification. So the answer to your question is yes, you are wrong. -derek