Client authentication on HTTP/2 over TLS 1.3

Hello,

RFC8740(Using TLS 1.3 with HTTP/2) forbids TLS 1.3 post-handshake
authentication. And it seems to me that "Secondary Certificate
Authentication in HTTP/2" has been expired.

What is the current recommended way for client-authentication after a
TLS 1.3 connection is established without client authentication?

--Kazu

Received on Tuesday, 16 January 2024 23:19:18 UTC