Add remote TLS certificate verification support, implement Strict and Mutual TLS authentication
RFC 9103, Section 9.3, discusses three TLS-based authentication mechanisms:
- Opportunistic TLS;
- Strict TLS;
- Mutual TLS.
Currently, the released version of BIND and its complementary tools have support for the first one.
In order to implement support for Strict and Mutual TLS, the functionality to verify the remote TLS certificates needs to be added first.