TLS based authentication is even worse. It’s the wrong layer in today’s Internet, given Cloudflare, load balancers etc.

Not everybody trusts whatever first hop terminates TLS to also do authentication, and it completely falls flat at non-repudiation for transaction approval.