might die with FF 57 Rated 3 out of 5 stars
I'm not aware of any plans porting the addon to the webextension technology, so this addon probably dies with FF57+. :-(
Currently we are inspecting the possibilities how to rewrite the add-on into WebExtensions.
At the moment the add-on uses a binary core performing the validation which communicates over js-ctypes. Our survey indicates that the WebExtensions interface doesn't provide sufficient functionality. If we decided to rewrite our extension using WebExtensions then it would cripple its current functionality.
I'm not sure but I think that we are likely to stop developing and supporting the add-on for FF57+.
Do not work in Firefox 45.9.0 on Linux Rated 1 out of 5 stars
Do not work in Firefox 45.9.0 on Linux
Addon says wrong tlsa record Rated 2 out of 5 stars
After updating to the latest version this addon says that the tlsa record is wrong. I always have to reload the page to make it green. This is inaccteptable.
x64 missing Rated 3 out of 5 stars
This extension uses external DLLs and they are x86 only. Native backend does not work on x64 firefox version or its clones - cyberfox, waterfoxThis review is for a previous version of the add-on (188.8.131.52.1-signed.1-signed).
Excelent Rated 5 out of 5 stars
Great add-on, everyone must have it installedThis review is for a previous version of the add-on (184.108.40.206.1-signed.1-signed).
Totally broken, development halted Rated 1 out of 5 stars
Crashes FF all the time.
Last "Hotfix" is dated May 15, 2015.
Please developers, if you are unwilling to support continous maintenance, remove the add-on.
Installationproblem because no Add-on-Sign Rated 3 out of 5 stars
the manually installation of mf-dnssec-tlsa-validator-220.127.116.11-windows.xpi get declined by Firefox because missing Add-on-Sign, and the automatically installation works, but not the program after, it says not installed correctl,y This is on Win7/64 with Firefox 47, so currently the only installation working fine is with firefox portable v47This review is for a previous version of the add-on (18.104.22.168.1-signed.1-signed). This user has 2 previous reviews of this add-on.
Works for me Rated 4 out of 5 stars
Runs fine on my Firefox 47.
I had to leave the resolver on "without resolver" or explicitly specify my provider's DNS server, otherwise some sites totally fried my Fox. It seems my local resolver isn't able to properly work with DANE.
I think it's bad design that a slow/malfunctioning network component can completely prevent a user from interacting with the client. So this is why I won't give full five stars.
There's one tiny problem I've noticed that might become a bigger problem in the future: e10s. If it's activated via "browser.tabs.remote.force-enable", this add-on won't display a warning in case TLSA validation fails. Only the red lock is displayed then and the site will load.
Broken Rated 2 out of 5 stars
Never validates anything because because, and I quote, an "error occurred in DNSSC validator core".
Therefore this does nothing in FF v46.0.1.
Good intent but bad software Rated 1 out of 5 stars
Its purpose is good and I wish Firefox would be able to integrate DNSSEC validation. But what this addon does only is to crash FF42.This review is for a previous version of the add-on (22.214.171.124.1-signed.1-signed).
Pale Moon support Rated 5 out of 5 stars
First thanks for this great addon!
Can you please add Pale Moon support? The addon verifing nothing with Pale Moon :(
Rated 4 out of 5 stars
Needs to be updated for e10s multi-process.This review is for a previous version of the add-on (126.96.36.199.1-signed.1-signed).
awesome addon, a must have for security! Rated 5 out of 5 stars
it has only a minor problem:
i have "hacked" my pc to change the dns response to see what happens
and i saw a small red icon that tell me dns problem, this is not good!
if someone send you fake dns you should warn user with a big message easily visible not just change the icon from green to red
other thing: i saw that with the default settings pages opens fast but the green/grey/red icon is slow
so i have chaged settings to: custom 188.8.131.52
instead of "without resolver"
and now it give informations istantly (the ip was there i wrote nothing)
sad that duckduckgo, google, wikipedia and others doesn't use dnssec
Rated 3 out of 5 stars
This addon is a good idea and implemented well but crashes Firefox ocassionally. I had to start Firefox in Safe Mode and disable it manually to start Firefox again.This review is for a previous version of the add-on (184.108.40.206.1-signed.1-signed).
Rated 5 out of 5 stars
Works extremely well, CentOS 7 64-bit distro build of FireFox. I am very happy to have this, wish this was a part of FireFox itself. If your local ISP resolver doesn't work with it, set your resolvers to google's public resolvers - they work with DNSSEC.This review is for a previous version of the add-on (220.127.116.11.1-signed.1-signed).
This addon doesn't turn up when searching for "dnssec". Rated 4 out of 5 stars
This addon doesn't turn up when searching for "dnssec".This review is for a previous version of the add-on (18.104.22.168.1-signed.1-signed).
Works well if setup properly and your DNS servers are reliable Rated 5 out of 5 stars
I have it configured to validate all https requests on the page, not just the main one, and it works well. The only time I've had a problem is when my DNS servers were down or stopped supporting DNSSEC.This review is for a previous version of the add-on (22.214.171.124.1-signed.1-signed).
DNSSEC/TLSA-Validator Rated 1 out of 5 stars
Dangerous extension, crashes firefox, both 2.1.2 and 2.2.0 version!This review is for a previous version of the add-on (126.96.36.199-signed.1-signed).
good job Rated 4 out of 5 stars
I love the detail depth this addon is made with. it goes even further than described on its help and info page.
heck, in my afternoon long effort to understand what's going on exactly, i found two bugs in my routers firmware! thanks only just for that.
But isn't it possible to cache the results a little longer, at least as long firefox makes the next request to that page? I checked my connection, and whenever i switch to a tab that i haven't used for a short while (30 secs roughly), that addon triggers a new dns lookup (which in turn triggers a lot of lookups, usually taking several seconds, especially when "no resolver" is selected).
also, with "no resolver", are the root keys actually verified?
though i really love the functionality of this addon, i beginn to feel that its beautiful twin gui icons might not be enough, since most webpages make requests to a whole lot of other domains. they might wanna show info about all requested domains.
in that light, i feel it could be useful to, instead of whitelisting, make it function with a kind of ignore-all-but-what-i-specify-here-list. then again if so, we'll probably never gonna have a safer www.
to everyone who's looking for dnssec servers and didn't get the memo, googles public dns does it.
i confirmed it with a friend. even when set to use system settings, the addon makes rootserver lookups. that shouldn't be the case, should it?
Rated 1 out of 5 stars
Extension crashes Firefox, both 2.1.2 and 188.8.131.52 versionsThis review is for a previous version of the add-on (184.108.40.206-signed.1-signed).