Implement RFC 8740 "Using TLS 1.3 with HTTP/2"

[candrews]

RFC 8740 "Using TLS 1.3 with HTTP/2" updates RFC 7540 by forbidding TLS 1.3 post-handshake authentication, as an analog to the existing TLS 1.2 renegotiation restriction.

This RFC fixes a problem with the specifications which breaks the use of client certificate authentication when used with the combination of HTTP/2 and TLS 1.3.

See also:

• https://tools.ietf.org/html/rfc8740
• Relevant issue in Firefox: https://bugzilla.mozilla.org/show_bug.cgi?id=1637754
• Relevant issue in Chrome: https://bugs.chromium.org/p/chromium/issues/detail?id=911653

[jay]

RFC 8740 "Using TLS 1.3 with HTTP/2" updates RFC 7540 by forbidding TLS 1.3 post-handshake authentication, as an analog to the existing TLS 1.2 renegotiation restriction.

Are we already doing this, and if not shouldn't the SSL library do it for us?