'Although the resumption master secret depends on the client’s second flight, servers which do not request client authentication MAY compute the remainder of the transcript independently and then send a NewSessionTicket immediately upon sending its Finished rather than waiting for the client Finished.'
But when cli act as server with argument '-a', it still send NewSessionTicket before receiving ClientFinished.
In https://github.com/h2o/picotls/issues/10, explain the reason why picotls could send NewSessionTicket before receiving ClientFinished.
'Although the resumption master secret depends on the client’s second flight, servers which do not request client authentication MAY compute the remainder of the transcript independently and then send a NewSessionTicket immediately upon sending its Finished rather than waiting for the client Finished.'
But when cli act as server with argument '-a', it still send NewSessionTicket before receiving ClientFinished.