[FIG(quote)[
[FIGCAPTION[
[1] [CITE@en[RFC 6125 - Representation and Verification of Domain-Based Application Service Identity within Internet Public Key Infrastructure Using X.509 (PKIX) Certificates in the Context of Transport Layer Security (TLS)]]
([TIME[2015-03-13 22:27:53 +09:00]] 版)
<https://tools.ietf.org/html/rfc6125#section-1.8>
]FIGCAPTION]

> source domain:  The fully qualified DNS domain name that a client
>       expects an application service to present in the certificate
>       (e.g., "www.example.com"), typically input by a human user,
>       configured into a client, or provided by reference such as in a
>       hyperlink.  The combination of a source domain and, optionally, an
>       application service type enables a client to construct one or more
>       reference identifiers.

]FIG]