Be aware DANE users — Viktor Dukhovni writes:
The ensuing conversation on the LE forum uncovered a second potential future incompatibility to plan for:
https://community.letsencrypt.org/t/short-chain-and-dane/208422/8?u=ietf-dane
Let's Encrypt are apparently also planning to *randomise* the choice of intermediate issuer CA used with each renewal. Instead of consistently
using say "R3", they'll randomly choose one of R3/R4/E1/E2.
(Source:
https://www.mail-archive.com/postfix-users@postfix.org/msg100537.html)
#DANE #Email #postfix
Carsten Strotmann /
npub14a…hvj5s
2023-11-16 10:16:57
Author Public Key
npub14a589zvw3wchjmhr9ex3m82fkd0fwcn5rnalfna9d89q7985zf8sehvj5sPublished at
2023-11-16 10:16:57Event JSON
{
"id": "6c07d5c5da4aee69fd5f8957188f85be80526831fcca77d09a25da0280a9f52b",
"pubkey": "af6872898e8bb1796ee32e4d1d9d49b35e9762741cfbf4cfa569ca0f14f4124f",
"created_at": 1700129817,
"kind": 1,
"tags": [
[
"t",
"dane"
],
[
"t",
"email"
],
[
"t",
"postfix"
],
[
"proxy",
"https://mastodon.social/users/cstrotm/statuses/111419707710128956",
"activitypub"
]
],
"content": "Be aware DANE users — Viktor Dukhovni writes:\n\nThe ensuing conversation on the LE forum uncovered a second potential future incompatibility to plan for:\n\nhttps://community.letsencrypt.org/t/short-chain-and-dane/208422/8?u=ietf-dane\n\nLet's Encrypt are apparently also planning to *randomise* the choice of intermediate issuer CA used with each renewal. Instead of consistently\nusing say \"R3\", they'll randomly choose one of R3/R4/E1/E2.\n\n(Source:\nhttps://www.mail-archive.com/postfix-users@postfix.org/msg100537.html)\n\n#DANE #Email #postfix",
"sig": "af649b9e48ed17793cf134ca3d48195487dbba5ca7747292c92c230d71882c44632118e737d2d87c9b9a11170fc6083c7594bf0e001b7fba6f0d4bb93bcba621"
}