Claymore: I fully support your idea of encrypted communication between your miner and mining pools. I don't understand people seeing some kind of evil in that. I prefer my mining stay as much anonymous as possible - that's the 1st idea for crypto currencies and especially for Zcash.. Pitty is that it can still be identified according to target IP/port.. Some kind of decentralization here would be nice as well :-)
anyway question for you - how do you handle SSL certificates? Are they hard-coded in your miner, does it download the certificate with the 1st connection and then compare if it didn't change? Otherwise it will be vulnerable to man-in-the-middle attack very easily.
Thank you for all your work, I don't have a problem with fee 2.5% for SSL either. Honestly I'd rather pay 3% for SSL then 2.5% with not encrypted traffic. Just my 2 cents..