It's nice that y'all have offered to handle "unrecoverable" subdomains manually, but I'm pretty sure that won't scale.
I guess mine was unrecoverable because I fat-fingered the email address. Since the email address is only requested once, and is not verified, I suspect there may be a number of such errors in the database.
Some non-manual approaches for (eventual) reclaim of subdomain that would work for me include:
require user to verify email before renewing TLS cert, or sub-domain will be unregistered N days after the cert expires.
auto unregister after no contact from gateway for N days (or maybe Y certificate renewal periods)
After initial registration, display the recorded email, and allow a "confirm or change email address" cycle.
Require user to verify subdomain email prior to allowing the subdomain to be registered. It's all browser based, user could do that in another tab without too much disruption to workflow, imo.
mrstegeman
commented
5 years ago
It's nice that y'all have offered to handle "unrecoverable" subdomains manually, but I'm pretty sure that won't scale.
I guess mine was unrecoverable because I fat-fingered the email address. Since the email address is only requested once, and is not verified, I suspect there may be a number of such errors in the database.
Some non-manual approaches for (eventual) reclaim of subdomain that would work for me include: