TLS servers are weird. There are not many people who work on them, so few people think about the challenges. Notably, I had discussion over the years with designers of TLS stacks that did not understand the needs. Instead of explaining it again and again, I decided to write this blog. Just to drop a link next time. Clients have it easy A client knows where it wants to go, what it expects to see, etc. This is all configured before the connection starts:
