TLSA Validator

Check TLSA records

What is TLSA Validator?

TLSA Validator is a Chrome extension designed to enhance your browsing security. It validates the existence and legitimacy of DNSSEC signed DNS and TLSA records for domains. By leveraging the DANE protocol, it guarantees the authenticity of a domain's TLS/SSL certificate. Notably, it necessitates communication with an external binary application via the native messaging interface. A colorful icon system intuitively displays DNSSEC and TLSA validation results right in your address bar, with additional details available upon click.

Download

Extension stats

By: CZ.NIC Labs

View on Chrome Web Store

Users: 1,000+

Rating: 4.09 (23)

Version: 2.2.0.3 (Last updated: 2014-09-04)

Creation date: 2014-09-04

Risk impact: High risk impact

Risk likelihood: Low risk likelihood

Manifest version: 2

Permissions:

tabs
webRequest
webRequestBlocking
browsingData
nativeMessaging
*://*/*

Size: 97.84K

Ranking

# 23388

Other rankings

#1976 in Social Networking ▲ 8

Other platforms

Not available on Firefox

Not available on Edge

Want to check extension ranking and stats more quickly for other Chrome extensions? Install Chrome-Stats extension to view Chrome-Stats data as you browse the Chrome Web Store.

Extension summary

Analyze keywords

TLSA Validator allows you to check the existence and validity of DNSSEC signed DNS records for domains. If a valid DNSSEC chain to the domain is found it will also check for the existence of TLSA records. TLSA records can store hashes of remote server TLS/SSL certificates. The authenticity of a TLS/SSL certificate for a domain name is verified by DANE protocol (RFC 6698). DNSSEC and TLSA validation results are displayer by using several icons. Additional explanatory texts are shown in the page’s address bar. Clicking on a given icon symbol reveals more detailed security information.

IMPORTANT! This add-on communicates with an external binary application through the native messaging interface. The binary application is required for correct working of the add-on. The binary can be downloaded from www.dnssec-validator.cz/pages/download.html#package. Keep in mind that the version of the binary and of the extension must match.

User reviews

These summaries are automatically generated weekly using AI based on recent user reviews. Chrome Web Store does not verify user reviews, so some user reviews may be inaccurate, spammy, or outdated.

Pros

Helpful security plugin
Simple verification of DNSSEC and TLSA entries
Easy to see if a site can be trusted
Works perfectly with latest Chrome/Chromium
Installation of supporting binary is simple

Cons

Stopped working in latest Chrome
Not widely supported by hosting companies and DNS registrars
Outdated functionality
TLSA requires manual setup which is complex for most users

Most mentioned

Stopped working or out of date
Helpful security plugin
DNSSEC works great but TLSA is not widely adopted

Recent reviews

The module had stopped working, and they had official announcement about this on there website. https://www.dnssec-validator.cz/

Farhan Islam, 2020-01-31

Thank you very much for this helpful security plugin. Simple shows if the domainname is secured by dnssec and if it is so, it checks if the site has a valid tlsa entry for the current address and corresponding certificate. Very easy to see, if the site could be trusted.