DANE, was A Deep Dive on the Recent Widespread DNS Hijacking

• Previous message (by thread): DANE, was A Deep Dive on the Recent Widespread DNS Hijacking
• Next message (by thread): DANE, was A Deep Dive on the Recent Widespread DNS Hijacking
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 2/26/2019 11:10 AM, John Levine wrote:
> In article <B68C84D4-9D1A-4303-94CA-59CEBFB6B934 at pch.net> you write:
>> We need to get switched over to DANE as quickly as possible, and stop wasting effort trying to keep the CA system alive with
>> ever-hackier band-aids.
> 
> What's the DANE version of a green-bar cert?
> 
> 

At one point, there was the DNSSEC/TLSA validator plug-in for browsers.
I had used it and it worked quite well, displaying a green key for valid
DANE.

  https://www.dnssec-validator.cz/

Unfortunately, Firefox's API change, circa version 57, was the start of
browser changes that halted the project.

I'd really like to see similar functionality return, not as a plug-in,
but as a part of the base browser.


===

End of Support

Tue 16 October 2018

After struggling and failing to implement the DNSSEC/TLSA Validator
extension for Firefox Quantum (57+) we've decided to stop the
development and support of the extension.

Firefox 56 was the last version which provided necessary APIs that
enabled the DNSSEC/TLSA Validator to check DNS records and certificates  …

===

• Previous message (by thread): DANE, was A Deep Dive on the Recent Widespread DNS Hijacking
• Next message (by thread): DANE, was A Deep Dive on the Recent Widespread DNS Hijacking
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]