Perhapse I missed it, but I don't recall seeing anything to do with authentication/trust issues when setting up an encrypted DCC connection. I'm not too familiar with SSL/TLS, but I would think authentication needs to be a part of the connection negotiation to prevent man-in-the-middle attacks for example. -- Dave