“Currently, TCI and MSK-IX specialists are revising internal regulations for working with DNSSEC. Based on its results, additional stages of validation of all data will be introduced and constant monitoring of the representation of Russian domain zones in DNSSEC will be introduced, especially in the process of updating keys or zone descriptions. This will prevent the occurrence of similar situations in the future,” he noted.
At the same time, according to him, one must also understand that no one is immune from technological failures.
“However, not only we, but also providers must be prepared for them, especially since there is a backup infrastructure in Russia. The situation that developed during this failure showed that all Russian providers need to connect to NDSI and train employees to work with it,” the RT interlocutor emphasized.
In addition, he said that he was receiving a lot of questions from technical experts and colleagues in the domain industry who want to “take into account our experience in eliminating this failure.”
“It’s no secret that DNSSEC failures occur regularly. ICANN even holds separate technical sections at its events where such cases, their causes and ways to prevent them are discussed. Therefore, not only Russian technical specialists, but also the global technical community are interested in developing recommendations to prevent such incidents,” Vorobyov concluded.
Earlier, Vorobyov told in a conversation with RT how the glitch in the .RU domain zone was fixed.