Viktor Dukhovni: > There are at present no plans for server-side SNI support in Postfix. > OpenSSL does not even implement server-side SNI completely correctly > as yet.
What stops us from implementing SNI? Looking at some on-line
posts, this involes one SSL_CTX per certificate and one call-back
that looks up the desired server name with SSL_get_servername()
and that sets the corresponding context with SSL_set_SSL_CTX().
Wietse
