Thanks for all information.
currently we are still in progress for pandi.id security development initial stage.as .id registry.
-------- Original Message --------
Subject: New tools in Postfix 3.1-20160207
Local Time: February 8, 2016 9:39 am
UTC Time: February 8, 2016 2:39 AM
From: ietf-dane@dukhovni.org
To: dane-users@sys4.de
It will soon (when 3.1 is released this month) be much easier
to manage your certificates and TLSA records with Postfix:
http://www.postfix.org/TLS_README.html#built-in
http://www.postfix.org/postfix-tls.1.html
This only supports DANE-EE(3) "3 1 1" TLSA records at present,
but should simplify interaction with Let's Encrypt by generating
the CSR for you, and separates creation of keys/certs from
deployment, giving you the opportunity to update the TLSA records
first, let the old records expire from secondary nameservers and
caches and then deploy...
--
Viktor.