Let's Encrypt certificates for port 25 SMTP and DANE TLSA

Viktor Dukhovni ietf-dane at dukhovni.org
Tue Dec 15 02:21:36 CET 2015

[ FYI, from postfix-users ]

> On Dec 14, 2015, at 2:57 PM, Jacob Hoffman-Andrews <jsha at eff.org> wrote:
> On 12/14/2015 11:23 AM, Viktor Dukhovni wrote:
>> May I ask for your help in providing configuration guidance to LE
>> users who also plan to publish DANE TLSA records.
> I'd be happy to help, but am a little constrained on time. If you've got
> time, would you mind posting a quick explanation at
> https://community.letsencrypt.org/c/server-config of why "3 0 1" records
> are risky with LE certificates, and the alternatives? I think the email
> below is a good start, and if you prefer not to create an account on our
> forums I could repost it with permission. I'll then pin the post for
> some time to make people see it.




More information about the dane-users mailing list