protocol:

- finish implementing renegocitiation Client and Server
- implement Certificate Verify / Certificate Request
- add Client Certificates
- add check for non-self signed certificate
- alert correctly on errors
- process session as they should
- put 4 bytes of time in client/server random
- implement compression
- proper separation for key exchange algorithm (hardcoded to RSA at the moment in differents place)
- implements different key exchange algorithm

tls v1.2:

- finish implementation of extensions
- implement finish digest generation with hmac256
- implement finish digest generation with client/server negociated algorithm
- proper version dispatch in marshalling packets
- properly separate different version of the protocol
- implement AEAD

code cleanup:

- remove show derivation on internal crypto state
- opaquify differents data type through newtype

security audit:

- add more unit tests for pure parts
- match security recommendation from the RFC

misc:

- stunnel: actually make it works like stunnel instead of hardcoding the data received/sent
- investigate an iteratee/enumerator interface
- portability
- implement more ciphers
- check & optimize memory footprint
- compare & optimize performance