DNS Validation (Man-in-the-Middle protection)
-
Once DNSSEC is standard and the default, all browsers are going to have to actually use the functionality it provides, or it is no point.
Imagine not having a way to validate the certificates in web sites. It would be as trustable/broken as that.Cloudflare now offer it as a standard feature for free, and it is available for end users via the Cloudflare, Quad9, Google and most OpenDNS providers.
ICANN are calling for a more proactive movement from everyone.
https://www.icann.org/news/announcement-2019-02-22-enThere is only 1 extension that makes use of the validation system available, and due to the browser makers locking down extension functionality, they have stopped active development.
Source is available and I am sure the authors would be very happy to see it used or inspire an integrated browser feature.
https://www.dnssec-validator.cz/2018-10-16-end-of-support.htmlIt should be noted, that this functionality in the extension will also indicate a DNS hijacking/redirection within the browser eg. a bad or badly made extension.
-
L LonM moved this topic from Desktop Feature Requests on
-
Thank you for your request. As this post has had less than 5 votes over 4 years it will now be archived.
