DNSSEC/TLSA Validator

Author(s):



DNSSEC/TLSA Validator allows you to check the existence and validity of DNS Security Extensions (DNSSEC) signed records. If a valid DNSSEC chain related to the domain is found the plug-in will also check for the existence of Transport Layer Security Association (TLSA) records. TLSA records store hashes of remote server TLS/SSL certificates. The authenticity of a TLS/SSL certificate for a domain name is verified by the DANE protocol (RFC 6698). DNSSEC and TLSA validation results are displayer by using several icons. Clicking on a given icon symbol reveals more detailed information.

DNSSEC/TLSA Validator uses external libraries to resolve and validate DNSSEC/TLSA signatures and to verify HTTPS server certificates. More info is available on the www.dnssec-validator.cz
page.

RECOMMENDATION: If you are still using DNSSEC Validator 1.1.5 then you should manually uninstall the old version and restart the browser before installing version 2.x. into Firefox. If you don't do that the new version 2.x will most likely cause crashes of the plug-in core.

WARNING: Please note that this is a security extension that relies on properly working DNS resolvers. The browser can be slowed down with blocking calls when resolving DNSSEC/TLSA records. This takes a long time on broken resolvers.

Download files:

dnssec-validator-0.17.3beta2-linux.xpi
dnssec-validator-0.17.3beta2-mac.xpi
dnssec-validator-0.17.3beta2-windows.xpi
dnssec-validator-1.0-linux.xpi
dnssec-validator-1.0-mac.xpi
dnssec-validator-1.0-windows.xpi
dnssec-validator-1.0.3-linux.xpi
dnssec-validator-1.0.3-mac.xpi
dnssec-validator-1.0.3-windows.xpi
dnssec-validator-1.0.4-linux.xpi
dnssec-validator-1.0.4-mac.xpi
dnssec-validator-1.0.4-windows.xpi
dnssec-validator-1.1.2.1-signed.1-signed-linux.xpi
dnssec-validator-1.1.2.1-signed.1-signed-mac.xpi
dnssec-validator-1.1.2.1-signed.1-signed-windows.xpi
dnssec-validator-1.1.3.1-signed.1-signed-linux.xpi
dnssec-validator-1.1.3.1-signed.1-signed-mac.xpi
dnssec-validator-1.1.3.1-signed.1-signed-windows.xpi
dnssec-validator-1.1.4.1-signed.1-signed.1-signed-linux.xpi
dnssec-validator-1.1.4.1-signed.1-signed.1-signed-mac.xpi
dnssec-validator-1.1.4.1-signed.1-signed.1-signed-windows.xpi
dnssec-validator-1.1.5.1-signed.1-signed.1-signed-linux.xpi
dnssec-validator-1.1.5.1-signed.1-signed.1-signed-mac.xpi
dnssec-validator-1.1.5.1-signed.1-signed.1-signed-windows.xpi
dnssec-validator-2.1.2.1-signed.1-signed-linux.xpi
dnssec-validator-2.1.2.1-signed.1-signed-mac.xpi
dnssec-validator-2.1.2.1-signed.1-signed-windows.xpi
dnssec-validator-2.2.0.1.1-signed.1-signed-linux.xpi
dnssec-validator-2.2.0.1.1-signed.1-signed-mac.xpi
dnssec-validator-2.2.0.1.1-signed.1-signed-windows.xpi
dnssec-validator-2.2.0.2.1-signed.1-signed-linux.xpi
dnssec-validator-2.2.0.2.1-signed.1-signed-mac.xpi
dnssec-validator-2.2.0.2.1-signed.1-signed-windows.xpi
dnssec-validator-2.2.0.3-linux.xpi
dnssec-validator-2.2.0.3-mac.xpi
dnssec-validator-2.2.0.3-windows.xpi
dnssec-validator-2.2.0.4-linux.xpi
dnssec-validator-2.2.0.4-mac.xpi
dnssec-validator-2.2.0.4-windows.xpi


This page is part of the LegacyCollector website.
Disclaimer: All material on this site is property of their respective owners and available under
open licenses to the best of our knowledge. If you are an author and would like anything removed,
then please write an e-mail to legacy [at] collector dot org.