Currently the library does not enforce any SSL verification, and relies on OpenSSL defaults. But instead it should verify peer by default, and have switch to disable verification