FORWARD/TLS_FORWARD: support forwarding to hostname, DANE
The FORWARD
/ TLS_FORWARD
policies currently require an IP address as a target. Instead, a hostname could be provided. However, the initial bootstrap + handling TTL could be quite complex.
If the bootstrap + TTL problem would be solved, TLS_FORWARD
could also support DANE RFC8310#section8.2