[dns-operations] DNSSEC problem at one.com

Stephane Bortzmeyer bortzmeyer at nic.fr
Sat Apr 27 14:32:50 UTC 2013


Anyone has more technical and factual information about this problem?
Error in .SE, in one.com or in Telia?

http://www.one.com/en/info/profile

Update - April 27, 2013 12:52 PM CET

Telenor have solved the issues, but unfortunately some customers using Telia and Bredbandsbolaget as internet provider can still have difficulties accessing domains where DNSSEC are enabled. We are in a dialog with Telia and Bredbandsbolaget, and we have requested them to look into this problem.

Please read more information below, regarding how to work around the issue, by using Google's DNS service.

We apologize for the inconvenience this is causing, and hope for your understanding.

DNSSEC - .se domains - April 26, 2013 11:09 AM CET

Some customers having .se domains are experience problems with access to their domain.

.SE, the company responsible for the .se domain, has made an initiative to increase the security for the Swedish top-level domain, and have therefore implemented DNSSEC and asked us (One.com) to rollout DNSSEC on .se domain hosted by us.

This was done successfully on a group of .se domains during the last 24 hours, and should not have any impact on our customer’s access to their domain other than increasing the DNS (domain name server) security.

Unfortunately we have found out that some customers using Bredbandsbolaget and Telenor as internet provider can have difficult with accessing domains where DNSSEC are enabled, where we have requested them to look into this problem.

To limit the impact, then we are also in talk with .SE and are working on a temporary solution to disable DNSSEC.

We would also recommend customers who have this problem to change DNS server to 8.8.8.8. which is a name servers powered by Google which is fully compatible with DNSSEC.

Guides to change DNS:

Mac: http://www.computerhope.com/issues/ch001161.htm

Windows: http://www.computerhope.com/issues/ch001161.htm#1

For information about DNSSEC:

http://en.wikipedia.org/wiki/Domain_Name_System_Security_Extensions

We apologize for any inconvenience and hope for your understanding.



More information about the dns-operations mailing list