On 27 January 2016 at 14:11, David Benjamin <david...@chromium.org> wrote: > Why do you say it's an optimization? They're exactly the same except the > simplified one reduces to normal 0-RTT + mid-stream CertificateRequest (a > combination that's possible with or without my restriction) and the other is > a brand new handshake flow to worry about.
I get your point, but I don't see that as a simplification. In my mind, post-handshake client authentication doesn't happen. Or, I don't see it being commonplace. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
