>As I read that spec, it says mandatory to implement, not mandatory to >use (it's up to the application whether it claims to be capable of using >it or not) - but it permits servers to mandate its use. *Almost* there - >but if this draft wishes to mandate its use, it will have to say so (and >say which identifier it's going to send - AFAIK, it only gets to send one.) Even with SNI, we still have the problem that there's no way for the CA to tell what SRV-IDs it should sign other than using RFC 6186 lookups. But the MUA can do the same 6186 lookup, and that scales a lot better for the many mail systems that handle large and changing sets of client domains. R's, John