Comment 5 for bug 1834671

This can be enabled in firefox 68+ by going to "about:config" and setting security.tls.enable_post_handshake_auth to true. It's disabled by default (from upstream), not sure why.