Comment 123 for bug 308181

Coincidentally, the XMPP folks are struggling with the same problem. XMPP client SRV records work wonderfully, but they rely on the server using Start-TLS with a signed certificate that matches the virtual domain. This has been a complaint of mine for some time, because obtaining certificates for all of our 270 domains is the biggest obstacle to enabling all of the email domains within our chat service. They have recognized the shortfall in this methodology (no doubt Google Apps Talk had something to do with this) and are working on the following draft to solve the problem.

http://tools.ietf.org/html/draft-hildebrand-dna-00