I will be making a (hopefully) small number of changes to the existing network IO code infrastructure in the next couple of weeks which should help this happen.
After reviewing the NSS documentation and considering this, I think it's best to create a completely separate SSL class that is somewhat like the normal TCP/IP class. As far as I know, a socket must either be SSL or not from the time it starts listening - i.e. you can't have a normal socket switch to SSL if it detects an encrypted connect attempt.
Is there anything I should consider about your new model as noted above, or can I model the SSL class on existing code?
Thanks -J
