TLSA Validator

Check TLSA records

TLSA Validator: Secure DNSSEC & TLS/SSL Certificate Check

TLSA Validator is a Chrome extension designed to enhance your browsing security. It validates the existence and legitimacy of DNSSEC signed DNS and TLSA records for domains. By leveraging the DANE protocol, it guarantees the authenticity of a domain's TLS/SSL certificate. Notably, it necessitates communication with an external binary application via the native messaging interface. A colorful icon system intuitively displays DNSSEC and TLSA validation results right in your address bar, with additional details available upon click.

Download

Extension stats

By: CZ.NIC Labs

Users: 1,000+

Rating: 4.09

(23)

Version: 2.2.0.3 (Last updated: 2014-09-04)

Creation date: 2014-09-04

Risk impact: High risk impact

Risk likelihood:

Low risk likelihood

Manifest version: 2

Permissions:

tabs
webRequest
webRequestBlocking
browsingData
nativeMessaging
*://*/*

Size: 97.84K

Ranking

# 23,609 ▼ 19

Other rankings

#1991 in Social Networking ▼ 5

Other platforms

Not available on Android

Not available on Firefox

Not available on Edge

Want to check extension ranking and stats more quickly for other Chrome extensions? Install Chrome-Stats extension to view Chrome-Stats data as you browse the Chrome Web Store.

Extension summary

Analyze keywords

TLSA Validator allows you to check the existence and validity of DNSSEC signed DNS records for domains. If a valid DNSSEC chain to the domain is found it will also check for the existence of TLSA records. TLSA records can store hashes of remote server TLS/SSL certificates. The authenticity of a TLS/SSL certificate for a domain name is verified by DANE protocol (RFC 6698). DNSSEC and TLSA validation results are displayer by using several icons. Additional explanatory texts are shown in the page’s address bar. Clicking on a given icon symbol reveals more detailed security information.

IMPORTANT! This add-on communicates with an external binary application through the native messaging interface. The binary application is required for correct working of the add-on. The binary can be downloaded from www.dnssec-validator.cz/pages/download.html#package. Keep in mind that the version of the binary and of the extension must match.

User reviews

These summaries are automatically generated weekly using AI based on recent user reviews. Chrome Web Store does not verify user reviews, so some user reviews may be inaccurate, spammy, or outdated.

Pros

Helpful security plugin that checks if a domain is secured by DNSSEC and has a valid TLSA entry.
Easy to use and understand for determining if a site can be trusted.
Works perfectly with the latest Chrome or Chromium after installation.

Cons

Module had stopped working, with official announcements regarding issues.
Not all hosting companies and DNS registrars support TLSA, making it less effective.
Many users report that it does not work in the latest version of Chrome.

Most mentioned

The module had stopped working.
Helpful security plugin for checking DNSSEC and TLSA.
Lack of support for TLSA among hosting companies and DNS registrars.

User reviews

The module had stopped working, and they had official announcement about this on there website. https://www.dnssec-validator.cz/

Farhan Islam, 2020-01-31

Thank you very much for this helpful security plugin. Simple shows if the domainname is secured by dnssec and if it is so, it checks if the site has a valid tlsa entry for the current address and corresponding certificate. Very easy to see, if the site could be trusted.