A broken DNSSEC rollover took down .AL. Now 1.1.1.1 tells you when validation is bypassed
Cloudflare Blog·6h·Reputable
When a failed DNSSEC key rollover took down the .AL TLD, we deployed a Negative Trust Anchor to restore resolution. This time, though, clients didn't have to take our word for it: 1.1.1.1 returned EDE 33, a new DNS error code that signals directly in the response that DNSSEC validation was bypassed.
Categories cybersecurity · privacy · cybercrime
Original source / advisory ↗Published
7/14/2026, 1:00:00 PM
Fetched
7/14/2026, 6:19:29 PM
Trust
reputable · 80/100
Language
en