>TLS in the traditional sense 'requires' that there be an X.509 >certificate to use in authenticating (and to some extent authorizing - >can you be a CA? sign email? etc...) endpoints, ideally you do 'tls >mutual authentication'...
That is incorrect. I believe that an endpoint (lets call it Alice) can connect to another endpoint (lets call it Bob) and Alice can say to Bob, "Hello Dude, lets negotiate a secret key between us". "Yokkely dokelly", says Bob, "Lets do that". They then exchange some stuff to and fro and then Alice says "Righty then, lets encrypt!" and Bob says, "Yabba Doodle Doo". At this point further communications are encrypted and secure against eavesdropping. Alice still has no idea who she is talking to (other than it is the dude that picked up the phone), and Bob has no idea who he is talking too other than the fact it is whoever rang him up. The Security part in Transport Layer Security is Encryption. Authentication is lathered on top as an afterthought and requires external measures be taken in order to have *any* effect whatsoever. -- The fact that there's a Highway to Hell but only a Stairway to Heaven says a lot about anticipated traffic volume.
