RFC Errata
RFC 6066, "Transport Layer Security (TLS) Extensions: Extension Definitions", January 2011
Note: This RFC has been updated by RFC 8446, RFC 8449, RFC 9325
Source of RFC: tls (sec)
Errata ID: 5658
Status: Reported
Type: Technical
Publication Format(s) : TEXT
Reported By: Owen Friel
Date Reported: 2019-03-14
Section 3 says:
It should say:
When a client uses DNS SRV to discover and connect to a server, the client SHOULD include the "source domain" in the "host_name" and SHOULD NOT include the "derived domain", where "source domain" and "derived domain" are defined in RFC6125.
Notes:
The original text is all fine, but it is missing some additional clarifying text on use of SNI when a client users DNS SRV to discover the service it is connecting to.