I can imagine a lot of thought was already spent on this :) Is a public client which uses a client certificate solely for the purpose of obtaining a private key bound token considered credentialed?
WeChat ID
aaronpk_tv