"Provably secure" is a word applicable to cyphers, not protocols. To use
it in reference to a protocol is nonsense gibberish.
A Google search on "provably secure protocol" comes up with, among others:
http://www.citi.umich.edu/u/honey/talks/cardis98/tsld001.htm
This isn't really a problem with the servers though, the problem lies
in the fact that client-side certs are (effectively) unworkable. I
know of a number of organisations who wanted to use them and ran into
so many problems just with pilots involving small numbers of
(presumably)
