Outage on The Coders Bloghttps://thecodersblog.com/tag/outage/Recent content in Outage on The Coders BlogHugoen-usWed, 06 May 2026 22:22:12 +0000When DNSSEC Goes Wrong: Responding to the .de TLD Outagehttps://thecodersblog.com/dnssec-incident-response-for-de-tld-2026/Wed, 06 May 2026 22:22:12 +0000https://thecodersblog.com/dnssec-incident-response-for-de-tld-2026/<p>Millions of .de domains vanished from the internet on May 5, 2026, not due to a sophisticated attack, but a seemingly routine DNSSEC key rotation gone awry. DENIC, the registry for Germany&rsquo;s country-code top-level domain, inadvertently published incorrect DNSSEC signatures, triggering widespread SERVFAIL errors on validating resolvers worldwide. For users of services like Cloudflare&rsquo;s 1.1.1.1, this meant the .de TLD effectively ceased to exist for several agonizing hours.</p> <h3 id="the-core-problem-broken-signatures-broken-resolution">The Core Problem: Broken Signatures, Broken Resolution</h3> <p>The incident stemmed from a faulty Zone Signing Key (ZSK) rotation. During this process, DENIC’s system introduced malformed RRSIG records for the .de zone. Specifically, the ZSK tag 33834 was found on an NSEC3 record, a configuration that, when combined with other factors in the validation chain, broke the cryptographic trust model. When a validating resolver queried for a .de domain, it received these flawed signatures, leading it to conclude the DNS data was untrustworthy and respond with SERVFAIL. This &ldquo;fail-closed&rdquo; nature of DNSSEC, while intended to prevent spoofing, directly translated operational errors into complete service unavailability.</p>Cloudflare Outage Disrupts X, ChatGPT, Downdetector: What Happened and Resilience Lessonshttps://thecodersblog.com/cloudflare-outage-disrupts-x-chatgpt-downdetector-what-happened-and-resilience-lessons/Tue, 18 Nov 2025 00:00:00 +0000https://thecodersblog.com/cloudflare-outage-disrupts-x-chatgpt-downdetector-what-happened-and-resilience-lessons/<p><em>Disclaimer: This post summarizes publicly available status-page and press report information as of publication. Root cause analysis (RCA) has not yet been published at the time of writing; therefore speculative explanations are avoided.</em></p> <h2 id="1-human-context--why-this-felt-big">1. Human Context – Why This Felt Big</h2> <p>Early on November 18, 2025 (UTC morning, mid‑morning ET) users attempting to reach high‑traffic destinations such as X (formerly Twitter) and ChatGPT encountered challenge failures and generic connectivity / 5xx style errors. Even downtime tracking platform Downdetector briefly showed disruption, creating a recursive reliability moment: when the monitoring site is also impaired, user anxiety escalates.</p>