Domain name resolution in RU zone (DNSSEC) incident went back to work (second key signed)

Domain name resolution in RU zone (DNSSEC) incident went back to work (second key signed)

On the evening of January 30, 2024, at 21:00 Kyiv time, the incident with the resolution of domain names in the RU zone (DNSSEC was broken) went into the stage of returning to work (signed with a second key). Access to sites began to return.

The coordination center for *.RU/.РФ domains reports that the technical problem related to the global DNSSEC infrastructure, which caused the unavailability of sites in the .RU zone, has been resolved.

Problems in the work of the DNS may be observed for some time until the updated data spreads through the domain name system.

Previously, on January 30, 2024, there were problems with the resolution of domain names in the RU zone (DNSSEC was broken). The cause of the problem was an incorrect DNSSEC zone signature.

2 hours after the incident, the Coordination Center for the *.RU and *.РФ domains reported a “technical problem” related to the global DNSSEC infrastructure.

According to unconfirmed information, during the incident, specialists of the Center for Monitoring and Management of the Public Communication Network (CMUSC) advised to disable DNSSEC, although this is dangerous and may lead to problems with the appearance of fraudulent sites and an increase in phishing incidents.

Some communication providers in the Russian Federation, for example, Selectel, have confirmed the localization of the problem and its solution.

An abnormal situation with the resolution of domain names in the RU zone (DNSSEC was broken) lasted 3 hours and 40 minutes.

Related posts