== Objective ==

Normal SSL/TLS applications are sending the client certificates in plaintext when the client authenticates, which is a privacy issue.

There is now a solution called EncryptedClientAuthentication :

== How to do it ==

 *do the initial handshake without client auth
 *