> using TLS
> server name indication ?
We could certainly mandate that the client (not the severs) support this. It's very common these days. It's really trivial to implement on the client -basically you just stuff the domain name in an optional header. That way if the servers want to do one IP per certificate, they can just ignore it and not implement it but if they want to use one IP for many domains, they can implement it and it will interoperate with the all clients.
I forget which one but I seem to recall some other RAI spec took this approach.
_______________________________________________
Geopriv mailing list
Geopriv@ietf.org
https://www.ietf.org/mailman/listinfo/geopriv
