Here Is Some REAL Transport Security - MST
First lets look at SSL/TLS and why it is Broken By Design:
* enormous complexity which means lots of lines of code. Between 30000(Google's TLS) and 400000 lines of code (OpenSSL). ALL major implementations have had exploitable bugs in the past couple of years.
* depends on the security of Certificate Authorities
* requires Public Key cryptography as an added bonus of complexity (and potential weakness)
Talk is cheap, can I do it better ? Here is my attempt:
+ less than 1000 lines of code. That means: any competent crypto software engineer can usefully review it
+ All SSL/TLS assurances
+ No public key crypto. Your bank/telco/utility company/stock broker can send you an envelope with a 16 byte key. If you do not trust the post office, visit said institution's branch office to collect the key.