Search results for tag #itsalwaysdns
![[?]](https://cache.treehouse.systems/accounts/avatars/110/628/855/321/239/565/original/02818afb40ed82f7.jpeg)
So I was pretty enthusiastic about #DNS4EU at first.
Then I've discovered it blocklisted some random pastebin. Well, it happens. I mean, pastebins frequently get into trouble because of people pasting random shit. So I've filed an unblock request. I've suddenly got a mail to confirm registration in some random company's system — I suspect it was related to DNS4EU, but no clear indication. I've ignored it.
Then they've blocklisted my mail provider, for no apparent reason. It's still blocked. I've just switched to the "unfiltered" version to be able to access my mail again.
Today I've gotten a mail via my backup MX. My main MX is up. My educated guess is that sysadmins using DNS4EU now get my mail redirected to their "site blocked" server. Isn't that great?
PS. Maybe if more people filed unblock requests for "poczta.ftdl.pl", it would help. It's a non-profit e-mail provider.
![[?]](https://cdn.masto.host/socialwildeboernet/accounts/avatars/000/000/001/original/7a247866b9436e4b.jpeg)
Ultimately I'd prefer a more decentralised system with a "n out of m" architecture. With more than one root key holder, geographically and politically distributed, where you (as user) can declare which root keys you trust. But that is a more complicated discussion for another time. Having one Ceremony Room and the respective amount of key holders that are NOT under US jurisdiction seems to be an achievable and justified goal, in my personal opinion
3/3
I very well remember the discussions on this question when DNSSEC was introduced back in the days. And while the current system has served us all well in the past years, this fundamental question remains. And now that we have a more complicated world, we should recognise that this is a centralised element that is under the sole jurisdiction of one country that has moved towards more exclusionary, maybe even discrimintaory policies.
2/3
I hope there are some discussions on either moving one of the Ceremony Rooms (AKA Key Management Facilities) to another region/country or maybe add one more outside of the US. Having the responsibility for the DNSSEC root key material in one single country under more and more untrustworthy leadership looks like a risk to me that should be addressed. My personal preference would be a Ceremony Room on UN properties in Geneva.
1/3
https://technotes.seastrom.com/2025/11/23/passing-the-torch.html
#DNSSEC #ItsAlwaysDNS #DigitalSovereignty
Alt...
Slide 15 of the slide deck A BRIEF PRIMER ON MANAGING THE KEYS TO THE INTERNET by DAVID HUBERMAN, ICANN’s OFFICE OF THE CTO, showing the location of the two ceremony rooms. One is in Culpeper, Virginia, teh other one is in El Segundo, California. Slidedeck available at https://technotes.seastrom.com/assets/2025-11-23-passing-the-torch/2-David-Huberman_DNS-security-and-the-Root-DNSSEC-KSK-Ceremony.pdf
OK. That was weird.
$ nslookup srv01
Server: 192.168.1.10
Address: 192.168.1.10#53
Non-authoritative answer:
Name: srv01.fritz.box
Address: 192.168.1.38
But
$ ping srv01
ping: cannot resolve srv01: Unknown host
And after an hour it simply works again without anything changed.
![[?]](https://media.bsd.network/accounts/avatars/107/683/346/529/640/775/original/14047a412ade4150.png)
UPDATE: services are recovering, rollback succeeded
Last week AWS, now Azure.
"[...] we began experiencing DNS issues resulting in availability degradation of some services [...]"
UPDATE: They have now changed the wording to "we began experiencing Azure Front Door issues resulting in a loss of availability of some services" and the impact is now CRITICAL — Azure Network Availability Issues on a global level.
https://azure.status.microsoft/en-gb/status
Alt...
Critical
Azure Portal Access Issues
Starting at approximately 16:00 UTC, we began experiencing DNS issues resulting in availability degradation of some services. Customers may experience issues accessing the Azure Portal. We have taken action that is expected to address the portal access issues here shortly. We are actively investigating the underlying issue and additional mitigation actions. More information will be provided within 60 minutes or sooner.
This message was last updated at 16:35 UTC on 29 October 2025
![[?]](https://mastodon-assets.gougere.fr/accounts/avatars/000/000/369/original/22d62f774f88ba53.png)
Amazon people frantically editing /etc/hosts files everywhere to get DynamoDB working again ;) Time for a coffee.
![[?]](https://social.dk-libre.fr/social/oldsysops/s/7e93fa6bf16b47da4f57ddf9072aff8c.png)