If the server is not authenticated, you really cannot have a private channel—it is too easy for a man-in-the-middle to eavesdrop, relaying traffic between the two legitimate parties. If you don’t have privacy or authentication, why use SSL? There are actually “anonymous” modes where public-key cryptography is used to agree on an encryption key, but neither client or server present certificates; but, I’ve never seen them used, probably because they can’t address the man-in-the-middle eavesdropping attack.

Yes, the server provides a certificate. The server can request a certificate from the client. The client can respond with a certificate, or ignore the request. If the request is ignored, the server can choose to continue with an anonymous client, or terminate the connection.

The roles of client and server are established during the SSL handshake. The first message is called ClientHello. The party that sends this message is the client. Normally, this would be the party that initiated the TCP connection, but it doesn’t have to be (in fact, there’s nothing in SSL that requires TCP as transport).

Yes, as I mentioned in #1, SSL has “anonymous” modes where neither party can securely authenticate the other. This would provide a private, tamper-proof channel between to unknown parties. However, since you don’t know who’s on the other end of the channel, you don’t know that it’s a man-in-the-middle, who has carried out two simultaneous handshakes and is intercepting all of the traffic between you and the party you thought you were talking to. To thwart this, you’d have to have an authentication protocol on top of SSL that, in order to be secure, would inevitably wind up looking a lot like authenticated SSL.