Ukraine asks ICANN to revoke Russian domains and shut down DNS root servers

A Ukrainian government official on Monday asked the nonprofit group that oversees the Internet’s domain name system (DNS) to shut down DNS root servers in Russia and revoke Russian domains such as .ru, .рф and .su. The letter to ICANN (Internet Corporation for Assigned Names and Numbers) was posted hereand ICANN has confirmed receipt of the letter.

Several Internet experts say granting Ukraine’s request would be a bad idea. Executive Director Bill Woodcock of Packet Clearing Housean international non-profit organization that provides operational support and security at Internet exchange points and at the heart of the domain name system, wrote a Twitter feed calling it “a hell of a request from Ukraine. As a critical infrastructure operator, my inclination is to say ‘hell no’ regardless of my sympathies.”

Sent a few days after the start of Russia’s invasion of Ukraine, the letter stated that Russia’s “atrocious crimes have been made possible mainly by the Russian propaganda machinery using websites continuously spreading disinformation , hate speech, promoting violence and hiding the truth about the war in Ukraine”. The IT infrastructure has suffered numerous attacks from the Russian side, hampering the ability of citizens and the government to communicate.”

The letter asked California-based ICANN to “revoke, permanently or temporarily, the ‘.ru’, ‘.рф’ and ‘.su’ domains. This list is not exhaustive and may also include other domains issued in the Russian Federation.” Next, the letter asked ICANN to “assist in the revocation of SSL certificates for the aforementioned domains” and to “shut down the DNS root servers” in St. Petersburg and Moscow. ICANN has previously Explain that “root servers respond to DNS lookup queries made by DNS resolvers typically operated by Internet Service Providers”.

The letter was sent by Mykhailo Fedorov, Ukrainian Deputy Prime Minister and Minister of Digital Transformation, to ICANN CEO Göran Marby. “Apart from these measures, I will send a separate request to the RIPE NCC asking to withdraw the right to use all IPv4 and IPv6 addresses from all Russian members of the RIPE NCC (LIRs-Local Internet Registries) and to block the servers DNS root. that it works,” Fedorov wrote. NCC BLACKBERRY (Réseaux IP Européens Network Coordination Center) is the regional Internet registry.

Shutting down would make sites inaccessible and reduce security

The text of Fedorov’s letter was also emailed by Andrii Nabok, Ukraine’s representative to ICANN’s Governmental Advisory Committee, to Marby and others at ICANN, the ‘American Registry for Internet Numbers (ARIN), the Number Resource Organization (NRO) and the United Nations. Woodcock published the full text of the email on Pastebin Monday.

Woodcock wrote that Ukraine’s request to remove Russian top-level domains from the root zone would make Russian websites and emails “inaccessible from outside Russia, and inaccessible to some in Russia as well, according to [on] how their ISPs and recursive resolvers are configured.” Ukraine’s request to shut down root nameservers in Russia “would make connectivity patchy for many users in Russia, but mostly for ordinary users, not government users or military,” he added. Third, Woodcock wrote that Ukraine’s request to revoke “IP address delegations to Russian networks … would break the RPSL and RPKI security that protects their routing.”

“Taken together, these three actions would have the effect of making Russian civilian internet users much more vulnerable to man-in-the-middle attacks, such as those used to compromise banking credentials and website passwords,” he wrote. Woodcock explained that the actions “would have little or no effect on the Russian government or military”, pointing out that what Ukraine is asking “is exactly the attack on The Russians trained last Julywhich means their defenses are probably at the optimal level of readiness right now.”

Ukraine’s letter to ICANN argued that the “requested measures will help users find reliable information in alternative domain areas, preventing propaganda and misinformation.”

But Woodcock argued that Ukraine’s request is a bad short-term plan “because it would cut off the Russian man in the street from international news and perspectives, leaving him with only what the Russian government chooses of him. say” and that it’s a bad long-term plan because it “would set the precedent that small industry associations in Los Angeles and Amsterdam would arbitrate international disputes and mess with code top-level domains of so-called sovereign countries. And if that happened, many more countries than China and Russia would break away from the common consensus internet that allows us all to talk to each other.”

Previous IPS Panel Market Drivers and Restraints by Segment - Business Ethics
Next Russia releases list of IP addresses and domains attacking its infrastructure with DDoS attacks