Removing request-context from the encrypted certificate (sent by the server) causes a decode_error on NSS client while it only cause a “bad_certificate” error on miTLS client.

[oweisse-msft]

This may hide a decode bug with further implications, as this should be an illegal message

The experiment removes the request-context part from the Certificate handshake message of the server. This creates an illegal message (see section 8.3.3 Authentication Messages).