Tested with stable version openldap-2.3.38 and with release version 2.4.7. ACL part is tested using 2.4.11. Using OpenLDAP with HIP is pretty straight forward thing to do. Simplest way is to run hipd on both machines and just use command like
hipconf run normal ldapsearch -x -H ldap://<fqdn> -b 'dc=<MY-DOMAIN>,dc=<COM>' '(objectclass=*)'
The name can be something found from /etc/hosts and /etc/hip/hosts or you can use OpenDHT to resolve names to HIT and address. Search can also be done directly with HIT by command
hipconf run normal ldapsearch -x -H ldap://[<HIT>] -b 'dc=<MY-DOMAIN>,dc=<COM>' '(objectclass=*)'
You can search also by using the opportunistic mode by using command
hipconf run opp ldapsearch -x -H ldap://<fqdn> -b 'dc=<MY-DOMAIN>,dc=<COM>' '(objectclass=*)'
Ldapadd can be used similarly with LDAPURI and HITs.
Maybe the most intereseting part are the ACL rules with OpenLDAP. In the newer versions you can use IPv6 formatted peername rules, so it is interesting when we remember that HITs are IPv6 formatted. Below is the basic example of a rule that grants write/read/search permissions to self, read/search permissions to all processes from HIT_1 without authentication and no permissions to the rest of the world.
access to * by self write by peername.ipv6=<HIT_1> anonymous read by * none
Longer how-to can be found from http://www.cs.helsinki.fi/u/sklvarjo/openldap.htm