* I don't think that's quite what I'm proposing. I'm proposing (optionally) sending the SNI with a client certificate. I agree that SNI in ClientHello is needed to choose server certificates for IPv4, for the reason you say.
I didn’t say IPv4. I might have all my “virtual origins” behind a single IP address, or a couple of them.
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
