>SRV cannot be used here, because presumptively DNSSEC is not in >use, and thus the client's reference identifier for the STS policy >server must be deterministically constructed from the nexthop >domain.
So how about if we put in a note saying that the host that the SRV points to better be a subdomain of the original, or clients are going to be reluctant to believe it. Yes, that's still a kludge, but it's doesn't cause the mandatory collisions that a reserved hostname does. R's, John _______________________________________________ Uta mailing list [email protected] https://www.ietf.org/mailman/listinfo/uta
