On Fri, Jul 31, 2015 at 12:07:02PM -0400, Mike wrote:
> > The key success metric will be whether you'll still remember that
> > you published TLSA records when it is tme to deploy a new SSL
> > certificate.
> >
> > https://dane.sys4.de/common_mistakes#3
> > https://dane.sys4.de/common_mistakes
> >
> > At present indeed both of your domains are configured correctly.
> > Good luck.
> >
>
> I had read the "common mistakes" page previously. Good, helpful stuff
> therein.
>
> Even before I read it, though, I modified the script I use to publish my
> certs to show a reminder prompt about adding/removing the TLSA records
> (with multiple TTL periods elapsed) *before* the new certs are published.
Excellent. I'm already looking forward to not having to send you
a failure notice! :-)
--
Viktor.
