The SSL approach of using public/private key (asymmetric) mechanisms to establish a symmetric working key for data encryption seems like it would be a good approach for end-to-end secure data transmission at the application level. Especially when one end is in an insecure (whitebox) environment such as a mobile phone.
Basically I could use the SSL protocol (How does SSL/TLS work?) to get a symmetric working key and encrypt my application data for end-to-end communication. Clearly I would need to develop client and server side components to make this work.
Is this possible? How about some pointers to examples?