On Wed, Apr 20, 2016 at 01:19:29PM -0500, I wrote: > On Wed, Apr 20, 2016 at 03:53:24PM +0000, Viktor Dukhovni wrote:
[ LE certificate expired, DANE notification received ] > My temporary fix was to remove the TLSA records, sorry. I cannot > risk losing mail as my poor brain tries to digest all this. :) 14 months later I got back to this. :) > I'm going to consider my options here before I replace the TLSA > records. I am thinking I only want my LE cert on submission (so > that MUAs will be able to verify it) and to replace my port 25 cert > with one from my own private CA. And this is what I have done, initially on domain nodns4.us, but several other zones are signed and will be using TLSA records. Thanks again for all your work on DANE and Postfix. Thanks also to P@rick and the sys4.de gang for the validation site. Question: I noticed my domain in a drop-down list there. Is the validation site maintaining a list of DANE-enabled and former DANE zones? IOW, should I drop a note to Victor when adding more zones, or is the validation site taking care of that? -- http://rob0.nodns4.us/ Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:
