Roskomnadzor Redefines Protocol for National System of Domain Names to Prevent Disruptions
Roskomnadzor, the Russian supervisory body, is altering operations around the National System of Domain Names (NSDI) in order to circumvent system failings experienced on January 30. Following this, websites in Russia underwent a temporary shutdown due to a DNSSEC signature validation failure. Providers will now be barred from employing risky connectivity tactics.
According to a report by Kommersant, subsequent to the system failure in Russia’s national domain zone .ru on January 30, Roskomnadzor has decided to tweak the NSDI’s operational methodology- a part of the technical and organizational security infrastructure for Russia’s internet segment.
Roskomnadzor has proposed amendments to the order regulating NSDI utilization by internet providers. The primary shift involves curtailing the number of permissible methods for providers to connect to NSDI’s authoritative servers. Tactics posing a threat to website accessibility within the .ru zone in the event of a DNSSEC electronic signature validation failure will now be prohibited.
Leveraging NSDI Rules to Enhance Internet Stability
It was precisely such a failure that triggered the widespread incident with .ru websites becoming inaccessible within Russia and beyond. As iterated by official sources, the cause can be traced back to a disruption in the DNSSEC cryptographic key update procedure during the domain name request validation.
The revised guidelines for NSDI aim to eliminate vulnerable channels of interaction between providers and the system, thereby minimizing the potential for future disruptions. Experts believe the imposed changes are a necessitated move and will augment the resilience of NSDI and the reliability of the broader “sovereign internet”.