Depends. Safari will re-use a whole TLS session even if you change hosts/origins (if the IP address/port is the same).
That's just a bit too much in my book. Nevermind that it randomly breaks TLS client certificates selection, because pre-existing TLS session may have been started with a different SNI, and you don't get a chance to re-negotiate TLS session parameters based on SNI. Some websites just randomly break depending on time passed from last visiting another hostname/website served on the same multi-host/load balancer.
Hopefully someone will find a way to abuse this, so that they stop doing it. I had enough of the misdirected request 421 errors from nginx already, due to this.
That's just a bit too much in my book. Nevermind that it randomly breaks TLS client certificates selection, because pre-existing TLS session may have been started with a different SNI, and you don't get a chance to re-negotiate TLS session parameters based on SNI. Some websites just randomly break depending on time passed from last visiting another hostname/website served on the same multi-host/load balancer.
Hopefully someone will find a way to abuse this, so that they stop doing it. I had enough of the misdirected request 421 errors from nginx already, due to this.