>1) use Server Name Indication TLS extension. At the moment none of the >email specs requires it. But maybe it is something that the draft should >encourage. >2) run each domain on its own IP/port, then each IP/port can use >separate certificate with a single domain.
Given that there are mail services with tens of thousands of domains on the same set of servers, and probably at least one mail service with 100,000 domains, this really doesn't scale. >From previous messages, I understand that both publishing and checking SRV-ID are entirely optional. It would be nice to adjust to draft to make that clear. R's, John _______________________________________________ Uta mailing list [email protected] https://www.ietf.org/mailman/listinfo/uta
