Mutual TLS was necessary but a giant pain in the butt for an app I worked on that needed to do over the air updates over WiFi. Getting it working across all of the moving parts was a significant part of the overall effort for the OTA part of that project.

OCSP existed back then which helped but I don’t know if stapling had been widely implemented yet.