DNSSEC

Check the DNSsec status of every website you browse.
What is DNSSEC?
'DNSSEC' is a Firefox add-on designed to increase security during browsing by verifying the DNSSEC status of visited domains. It indicates whether these domains' zones are appropriately signed with DNSSEC. Although it leverages web services like Cloudflare’s 1.1.1.1 or Google Public DNS for DNS queries, transmitting your browsing history in the process, projections for a custom DNS over HTTPS service in the future promise enhanced privacy.
Download

Add-on stats

Users: 559 ▲ 18
Rating: 3.10 (39)
Version: 1.1.1resigned1 (Last updated: 2024-04-25)
Creation date: 2017-11-25
Weekly download count: 9
Firefox on Android: Yes
Risk impact: High risk impact
Risk likelihood: Moderate risk likelihood
Manifest version: 2
Permissions:
  • tabs
  • webRequest
  • webNavigation
  • storage
  • <all_urls>
Size: 25.69K

Ranking

# 4098 ▲ 26
Other rankings
#78 in status keyword 9 #104 in query keyword 6 ▼ 1 #129 in browsing keyword 26 ▲ 2 #141 in performance keyword 13 ▼ 1

Other platforms

Not available on Chrome
Not available on Edge
Want to check extension ranking and stats more quickly for other Firefox add-ons? Install Chrome-Stats extension to view Chrome-Stats data as you browse the Firefox Browser Add-ons.
Chrome-Stats extension

Add-on summary

Analyze keywords

This add-on will display whether or not the visited domains' zones are signed with DNSSEC in your URL bar.

Please note, for the most privacy-inclined users, that it uses Cloudflare's 1.1.1.1 (by default) or Google Public DNS web services to perform DNS queries. So your browsing history will, in a way, be transmitted to Cloudflare or Google.

In the future, we will allow using a custom DNS over HTTPS service.

User reviews

These summaries are automatically generated weekly using AI based on recent user reviews. Firefox Browser Add-ons does not verify user reviews, so some user reviews may be inaccurate, spammy, or outdated.
Pros
  • Works well for DNSSEC validation
  • Simple user interface
  • No extra steps to install
  • Helpful for enhancing security against DNS manipulation
  • Positive feedback indicating improvement over time
Cons
  • Limited to only Cloudflare and Google as DNS resolvers
  • Inaccurate results reported by users
  • Privacy concerns due to reliance on external resolvers
  • Cannot verify local domains properly
  • Some users experienced complete failure of the add-on functionality
Most mentioned
  • Inability to choose custom DNS resolver
  • Inaccurate DNSSEC validation results
  • Preference for local resolver usage
  • Security concerns regarding reliance on specific providers
  • Request for additional features like DANE pinned certificate verification
Recent reviews
While cloudflare.com/ssl/encrypted-sni/#results tells me that "DNSSEC. Attackers cannot trick you into visiting a fake website by manipulating DNS responses for domains that are outside their control," this extension claims that "cloudflare.com not secure by DNSSEC. Domain www.cloudflare.com is not secure through DNSSEC. Your connection is prone to man-in-the-middle attacks."
by Korwin, 2024-08-18
Results inaccurate when choosing Cloudflare as the resolver, but can be worked around by choosing Google as the resolver. No option for custom resolver or even native recursive resolution.
by Wolfizen, 2024-06-11
Can hopefully be made even better with https://bugzilla.mozilla.org/show_bug.cgi?id=1852752
by Firefox user 18361289, 2024-04-06
View all user reviews

Add-on safety

Risk impact

DNSSEC is risky to use as it requires a number of sensitive permissions that can potentially harm your browser and steal your data. Exercise caution when installing this add-on. Review carefully before installing. We recommend that you only install DNSSEC if you trust the publisher.

Risk likelihood

DNSSEC is probably trust-worthy. Prefer other publishers if available. Exercise caution when installing this add-on.

Upgrade to see risk analysis details