Currently we client authenticate after handshake and during handshake. Why not unify these by making all client authentication take place after the handshake? This will simplify the state machine.
https://github.com/tlswg/tls13-spec/issues/421 talks about this in the last sentence. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
