It appears that two-way ssl client authentication is behaving differently in IOS 11 beta 1 & 2 when compared to iOS 10.
The tcpdump indicates a different (handshake) flow in iOS 11 beta when compared to iOS 10.
It (seems) to appear like iOS 11 is trying to use the client certificate to negotiate an SSL connection as opposed to using it to authenticate the client authentication challenge.
Looking for insight into what might have changed in iOS 11 beta, or an updated status of two-way ssl client authentication in iOS 11 beta, and how to keep track of any progress.
I have a working implementation using iOS 10 using two-way ssl client authentication, but my existing implementation now does not work in iOS 11 (if Mandatory/Optional client certificate authentication is enabled on the load balancer.) (I do have an ATS exception for TLS 1.0 which is required for ATS on this older development LB, but if I don't require a certificate challenge on the LB (turn two-way auth off) it will allow my existing implementation to work in iOS 11).
Any insight into possible difference between iOS 11 beta and iOS 10 in this regards would be apprieciated.
Thanks,
mochamo