[TLS] TLS client fingerprinting

Hello, Recently I've become aware that "TLS fingerprinting" is a thing. I understand it has been deployed by Google, Cloudflare, Apple and others to (at a guess) "authenticate" TLS clients. For example, I understand that certain Google Android cloud services refuse to interop with anything that d

Re: [TLS] TLS client fingerprinting

Anecdotally, I'm aware of similar reports where TLS fingerprinting is used as part of anti-bot efforts and various projects try to work around it, e.g. curl-impersonate . David Benjamin and I spoke about this at IETF 115 and felt that randomizing t