Ukraine asks ICANN to revoke Russian domains and shut down DNS root servers

World map with glowing lines to represent how countries are connected by the global Internet.

A Ukraine government official on Monday asked the nonprofit group that oversees the Internet’s Domain Name System (DNS) to shut down DNS root servers in Russia and revoke Russian domains such as .ru, .рф, and .su. The letter to ICANN (Internet Corporation for Assigned Names and Numbers) was posted here, and ICANN has confirmed that it received the letter.

Several Internet experts say that granting Ukraine’s request would be a bad idea. Executive Director Bill Woodcock of Packet Clearing House, an international nonprofit that provides operational support and security to Internet exchange points and the core of the domain name system, wrote a Twitter thread calling it “a heck of an ask on the part of Ukraine. As a critical infrastructure operator, my inclination is to say ‘heck no’ regardless of my sympathies.”

Sent days after Russia’s invasion of Ukraine began, the letter said that Russia’s “atrocious crimes have been made possible mainly due to the Russian propaganda machinery using websites continuously spreading disinformation, hate speech, promoting violence and hiding the truth regarding the war in Ukraine. Ukrainian IT infrastructure has undergone numerous attacks from the Russian side impeding citizens’ and government’s ability to communicate.”

The letter asked ICANN, which is based in California, to “revoke, permanently or temporarily, the domains ‘.ru’, ‘.рф’ and ‘.su’. This list is not exhaustive and may also include other domains issued in the Russian Federation.” Next, the letter asked ICANN to “contribute to the revoking for SSL certificates for the above-mentioned domains” and to “shut down DNS root servers” in Saint Petersburg and Moscow. ICANN has previously explained that “root servers respond to DNS lookup requests made by DNS resolvers generally operated by Internet service providers.”

The letter was sent by Mykhailo Fedorov, Ukraine’s vice prime minister and minister of digital transformation, to ICANN CEO Göran Marby. “Apart from these measures, I will be sending a separate request to RIPE NCC asking to withdraw the right to use all IPv4 and IPv6 addresses by all Russian members of RIPE NCC (LIRs-Local Internet Registries), and to block the DNS root servers that it is operating,” Fedorov wrote. RIPE NCC (Réseaux IP Européens Network Coordination Centre) is the regional Internet registry.

Cutoff would make sites unreachable and reduce security

The text of Fedorov’s letter was also sent in an email by Andrii Nabok, Ukraine’s representative to ICANN’s Governmental Advisory Committee, to Marby and other people at ICANN, the American Registry for Internet Numbers (ARIN), the Number Resource Organization (NRO), and the United Nations. Woodcock posted the email’s full text on Pastebin Monday.

Woodcock wrote that Ukraine’s request to remove Russian top-level domains from the root zone would make Russian websites and email “unreachable from outside Russia, and unreachable for some inside Russia as well, depending [on] how their ISPs and recursive resolvers are configured.” Ukraine’s request to shut down the root name servers inside Russia “would make connectivity spotty for many users inside Russia, but mostly regular folks, not government or military users,” he added. Thirdly, Woodcock wrote that Ukraine’s request to revoke “IP address delegations to Russian networks… would break the RPSL and RPKI security that protects their routing.”

“Taken together, these three actions would have the effect of making Russian civilian Internet users much more vulnerable to man-in-the-middle attacks, such as are used to compromise banking credentials and website passwords,” he wrote. Woodcock explained that the actions “would have little to no effect on the Russian government or military,” pointing out that what Ukraine requests “is exactly the attack the Russians practiced for last July, which means their defenses are probably at optimum readiness right about now.”

Ukraine’s letter to ICANN argued that the requested “measures will help users seek for reliable information in alternative domain zones, preventing propaganda and disinformation.”

But Woodcock contended that Ukraine’s request is a bad plan in the short term “because it would cut the Russian man-on-the-street off from international news and perspectives, leaving them with only what the Russian government chooses to tell them” and that it’s a bad plan in the long term because it “would set the precedent that small industry associations in Los Angeles and Amsterdam would be playing arbiter in international conflicts, and messing with countries’ supposedly sovereign country-code top-level domains. And if that were to happen, a lot more countries than just China and Russia would secede from the common-consensus-Internet that allows us to all talk to each other.”



Menu