The most elegant solution would be to make
User support %n. I gave thought to the problem and I think that while some tokens cannot be used in some directives (e.g. because the value of the token is yet to be determined, or some setups could lead to circular references), %n is safe because it's "the original remote hostname, as given on the command line", i.e. already known at runtime, fixed. For any directive that supports any token, there is no reason to exclude %n; still there are directives that don't support %n, as if developers wanted to arbitrarily protect(?) users. (cont'd)