RFC 6066, "Transport Layer Security (TLS) Extensions: Extension Definitions", January 2011Source of RFC: tls (sec)
Errata ID: 5658
Publication Format(s) : TEXT
Reported By: Owen Friel
Date Reported: 2019-03-14
Section 3 says:
It should say:
When a client uses DNS SRV to discover and connect to a server, the client SHOULD include the "source domain" in the "host_name" and SHOULD NOT include the "derived domain", where "source domain" and "derived domain" are defined in RFC6125.
The original text is all fine, but it is missing some additional clarifying text on use of SNI when a client users DNS SRV to discover the service it is connecting to.