protocol:

- implement Certificate Verify / Certificate Request
- add Client Certificates
- process session as they should
- put 4 bytes of time in client/server random
- proper separation for key exchange algorithm (hardcoded to RSA at the moment in differents place)
- implements different key exchange algorithm
- implement AEAD bulk algorithm (TLS1.2)

code cleanup:

- remove show derivation on internal crypto state
- opaquify differents data type through newtype

security audit:

- add more unit tests for pure parts
- match security recommendation from the RFC

misc:

- investigate an iteratee/enumerator interface
- portability
- implement more ciphers
- check & optimize memory footprint
- compare & optimize performance