This is implemented in firefox, but not enabled by default indeed. See https://hg.mozilla.org/mozilla-central/rev/1bb8ad865648:
// Turn off post-handshake authentication for TLS 1.3 by default, // until the incompatibility with HTTP/2 is resolved: // https://tools.ietf.org/html/draft-davidben-http2-tls13-00 pref("security.tls.enable_post_handshake_auth", false); And chrom{e,ium} isn't even considering implementing it until the specification is clarified. ** Changed in: chromium (Ubuntu Bionic) Status: New => Confirmed ** Changed in: chromium (Ubuntu Disco) Status: New => Confirmed ** Changed in: chromium (Ubuntu Eoan) Status: New => Confirmed ** Changed in: firefox (Ubuntu Bionic) Status: New => Fix Released ** Changed in: firefox (Ubuntu Disco) Status: New => Fix Released ** Changed in: firefox (Ubuntu Eoan) Status: New => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1834671 Title: TLSv1.3 client certificate authentication with renegotiation unsupported in browsers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1834671/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
