Have you considered using SSL? It is the protocol used in https requests and as far as I know it uses an asymmetric cypher phase to set up a symmetric key communication. It's the standard used in online banking and credit-card orderings and it is supposed to be pretty safe. It also supports server and client authentication with digital certificates, so it lets the client control the server's identity and offers one more method for the server to know who is performing the request apart from IP.

You can find some modules on CPAN.

Antonio

The stupider the astronaut, the easier it is to win the trip to Vega - A. Tucket