科技回声

assusdan超过 1 年前

That was scary. Fixed at about 16:55 UTC, total about 1hr of downtime.

评论 #39192780 未加载

dgrin91超过 1 年前

I'm not familiar with DNSSEC. What sis the impact of this? Do web pages fail to load or is it just some security warning? Also was this just someone failing to update a cert in time or is this some sort of hack?

评论 #39192778 未加载

评论 #39192688 未加载

评论 #39193107 未加载

woodruffw超过 1 年前

As a side question: am I correct in reading this to imply that the two "leaf" keys here are both RSA 1024 keys? RSA 1024 has been considered within nation-state capabilities for well over a decade, and NIST has explicitly discouraged them for DNSSEC for close to a decade[1].<p>I can understand not using larger RSA key sizes for framing reasons, but what is stopping the DNSSEC ecosystem from using ECC?<p>[1]: <a href="https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57Pt3r1.pdf" rel="nofollow">https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.S...</a>

评论 #39193191 未加载

评论 #39193250 未加载

评论 #39193238 未加载

Chalbroth超过 1 年前

DNSSEC failure is just the result of many of the nameservers serving .ru and other tlds not responding. This is especially observable if you are IPv4 only.

arcza超过 1 年前

Poor blog's getting the hug of death :)

评论 #39193254 未加载

krunck超过 1 年前

I saw this start at 10:14:29 CST.

评论 #39192988 未加载

Russian TLD .RU fails DNSSEC validation

6 条评论

Russian TLD .RU fails DNSSEC validation

6 条评论