Keith Moore <moore@cs.utk.edu> writes: > > It's true that this is a backward compatibility problem > > in that STARTTLS as currently defined doesn't actually contain > > the domain name. As I indicated before, I consider this to > > be a design error. There wouldn't have been a compatibility > > problem if the domain name had been included in STARTTLS from > > the beginning. > > Not clear. SMTP can relay a single copy of a message to multiple > recipients at multiple domains. Your suggestion would force a > separate TLS session, or a separate SMTP session, for every distinct > recipient domain. Yes, that's true, but that's inherent in the "one certificate" model. Like I said earlier, if you want to have some set of certificates vouching for MX records, then you want DNSSEC. -Ekr