I can see this problem even in the case where the client sends an empty Certificate message during the handshake. If the application does not tell the client what happened, a NewSessionTicket has no way of indicating if it will include client-auth in the next session.
David
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
