I see this as a nice temporary solution to limit ossification introduced by corporate (in)security measures and middleboxes, but I’m not too optimistic about its impact on the CAPTCHA hell brought about by TLS fingerprinting. Increasingly, it looks like hosting providers will just treat any statistical anomalies in their logs as hostile traffic; any variance is a cause for suspicion, when it should be treated as an invitation to make sites more robust and compatible with different user agen...
