Does OpenSSL implement the Token Binding extension? https://tools.ietf.org/html/draft-ietf-tokbind-protocol Token Binding finds its roots in Origin Bound Certificates (https://www.usenix.org/system/files/conference/usenixsecurity12/sec12-final162.pdf). I'm also aware of some related, independent work by a fellow named Jacob Thompson of Independent Security Evaluators. https://securityevaluators.com/knowledge/case_studies/mutual/ Token Binding and OCB are a useful tool to stop MitM in some security models, like those used on the web and by browsers.
