Dear Colleagues,
Thanks for all information. fyi, currently we are still in progress for pandi.id security development initial stage.as .id registry.
Cheers, /tap Sent from [ProtonMail](https://protonmail.ch), encrypted email based in Switzerland.
-------- Original Message -------- Subject: New tools in Postfix 3.1-20160207 Local Time: February 8, 2016 9:39 am UTC Time: February 8, 2016 2:39 AM From: ietf-dane@dukhovni.org To: dane-users@sys4.de
It will soon (when 3.1 is released this month) be much easier to manage your certificates and TLSA records with Postfix:
http://www.postfix.org/TLS_README.html#built-in
http://www.postfix.org/postfix-tls.1.html
This only supports DANE-EE(3) "3 1 1" TLSA records at present, but should simplify interaction with Let's Encrypt by generating the CSR for you, and separates creation of keys/certs from deployment, giving you the opportunity to update the TLSA records first, let the old records expire from secondary nameservers and caches and then deploy...
-- Viktor.