dnssec-validator issueshttps://gitlab.nic.cz/labs/dnssec-validator/-/issues2017-08-23T10:32:07+02:00https://gitlab.nic.cz/labs/dnssec-validator/-/issues/57Displays internal firefox resources as DNSSEC secured (not-existent)2017-08-23T10:32:07+02:00rugkDisplays internal firefox resources as DNSSEC secured (not-existent)What I did:
1. I have [Privacy Badger](https://www.eff.org/privacybadger) installed.
2. I clicked on the icon.
3. Sometimes (and very likely at the first start) it shows you an orange message to 'learn more' about how the add-on works...What I did:
1. I have [Privacy Badger](https://www.eff.org/privacybadger) installed.
2. I clicked on the icon.
3. Sometimes (and very likely at the first start) it shows you an orange message to 'learn more' about how the add-on works.
4. I clicked on it and it showed me this site, which is clearly an internal site, as it starts with `resource://`:
`resource://jid1-mnnxcxisbpnsxq-at-jetpack/privacybadger/data/firstRun.html#slideshow`
What happened: It checked the 'domain' and sayed it's not existent and displayed a green icon:
![DNSSEC_Resource](https://gitlab.labs.nic.cz/labs/dnssec-validator/uploads/92a371fbaacc7b413bb451b9e52a5ce7/DNSSEC_Resource.png)
What should happen: Do not check resource:// addresses and maybe hide the icons at all.
2.3.0Martin StrakaMartin Strakahttps://gitlab.nic.cz/labs/dnssec-validator/-/issues/56Firefox will not install DNSSEC validator on the 64-bit edition2017-08-23T10:32:07+02:00Martin StrakaFirefox will not install DNSSEC validator on the 64-bit editionFirefox will not install your DNSSEC validator on the 64-bit edition. Hope you can fix this soon. Thanks for a great product.Firefox will not install your DNSSEC validator on the 64-bit edition. Hope you can fix this soon. Thanks for a great product.2.3.0Martin StrakaMartin Strakahttps://gitlab.nic.cz/labs/dnssec-validator/-/issues/52both `dnssec-plug` and `dane-plug` shouldn't fallback to root servers2017-08-23T10:32:07+02:00Marek Seberaboth `dnssec-plug` and `dane-plug` shouldn't fallback to root serversI use plugins along with Unbound as my system resolver.
Going to https://bad-sig.dane.verisignlabs.com/ will first try to resolve it through set resolver, and if it fails, it tries again by connecting to root NS (root-servers.net)
...I use plugins along with Unbound as my system resolver.
Going to https://bad-sig.dane.verisignlabs.com/ will first try to resolve it through set resolver, and if it fails, it tries again by connecting to root NS (root-servers.net)
There should be option to disable the extension, to use other than set resolver (then it can be used to test system resolver settings)
Issue exists in both binaries (dnssec-plug and dane-plug)
My system is Chrome Canary (version 40), OSX 10.9.5 2.3.0https://gitlab.nic.cz/labs/dnssec-validator/-/issues/50Better warning on validation failure2017-11-17T22:57:26+01:00Ghost UserBetter warning on validation failureIt would be nice if there would be an option to have a proper warning on DNSSEC/TLSA validation failure.
The icons can be easily overlooked.
Some kind of a confirmation dialog requiring explicit user input before allowing the user to d...It would be nice if there would be an option to have a proper warning on DNSSEC/TLSA validation failure.
The icons can be easily overlooked.
Some kind of a confirmation dialog requiring explicit user input before allowing the user to do anything else would be great.2.3.0https://gitlab.nic.cz/labs/dnssec-validator/-/issues/48OS X chromium plugin scripts (tlsa and dnssec) fail to install their respecti...2017-11-17T22:57:27+01:00Ghost UserOS X chromium plugin scripts (tlsa and dnssec) fail to install their respective coresThis issue affects both tlsa and dnssec installation scripts.
Browsers installed:
- Google Chrome (stable) 37.0.2062.124
- Google Chrome Canary 40.0.2173.0
- Chromium (stable) 37.0.2062.124 (281580)
Platform:
- 10.9.5 (13F3...This issue affects both tlsa and dnssec installation scripts.
Browsers installed:
- Google Chrome (stable) 37.0.2062.124
- Google Chrome Canary 40.0.2173.0
- Chromium (stable) 37.0.2062.124 (281580)
Platform:
- 10.9.5 (13F34)
Usage:
mkdir $TMPDIR/dnssec-validator-tmp
cd $TMPDIR/dnssec-validator-tmp
curl -LsO https://secure.nic.cz/files/dnssec-validator/2.2.0/dnssec-plugin-2.2.0.x-macosx.sh
chmod +x dnssec-plugin-2.2.0.x-macosx.sh
./dnssec-plugin-2.2.0.x-macosx.sh
Result:
Cannot install chromium extension on OS X.
A CRX file has been created in the current directory.
-n You may now install the file '/var/folders/z3/dwlmgt356wv9gyshgyyvd3bw0000gn/T/jjj/dnssec-pkg.crx' into those browsers:
-n 'Google Chrome'
-e 1) Run the browser.
-e 2) Open the page chrome://extensions/ .
-e 3) Drag and drop the CRX file into the page and accept the notification.
-e 4) Restart the browser.
Installing the resulting CRX and restarting the browser (for example, Opera) the settings pane always displays the following error:
The DNSSEC validating core could not be initialised. Please install the DNSSEC validating core in the version matching this extension and then restart your browser.
This seems to indicate the core was not installed, however it is unclear what did or did not happen.
(Minor note: `-e` and `-n` output are bashishms)2.3.0Karel SlanýKarel Slanýhttps://gitlab.nic.cz/labs/dnssec-validator/-/issues/47CRITICAL! - Firefox somtimes crashes when "DNSSEC/TLSA Validator" extension ...2017-11-17T22:57:27+01:00kolAflashCRITICAL! - Firefox somtimes crashes when "DNSSEC/TLSA Validator" extension is installedFirefox sometimes crashes when extension is installed.
I followed these instructions and completely deleted the extension, restarted Firefox, deleted all "extensions.dnssec.*" keys in "about:config" and restarted again before installi...Firefox sometimes crashes when extension is installed.
I followed these instructions and completely deleted the extension, restarted Firefox, deleted all "extensions.dnssec.*" keys in "about:config" and restarted again before installing version 2.1.2 of the " DNSSEC/TLSA Validator" extension.
https://addons.mozilla.org/de/firefox/addon/dnssec-validator/#detail-relnotes
Software used:
OS: openSUSE 13.1 Linux (x86_64)
Firefox version 32.0 by openSUSE (x86_64)
DNSSEC/TLSA Validator version 2.1.2 (also tried version 2.2.0.1)
Another reports:
1) I've recently had to disable DNSSEC/TLSA validator (v2.2.0.1) when running in Firefox 36.0.4 'cos it seems to cause FF to repeatedly crash. Some more detail: I looked at page "about:crashes" in Firefox and picked out a couple of crash reports - the most recent and one a week ago. What they had in common was the crash reason: EXCEPTION_ACCESS_VIOLATION_READ, and the following dll highlighted in red as a possible culprit: libDNSSECcore-WINNT-x86.dll. I guessed that this might be used by the FF plugin DNSSEC/TLSA validator (v2.2.0.1). So disabled that plugin. Firefox then stopped crashing. Are the developers maintaining this plugin? If so, will they address this problem? I should say, that when the plugin worked, it was of little use to me - so turning it off was no sacrifice.
2) DNSSEC/TLSA Validator 2.2.0.1 Addon for Firefox browser causes a Firefox (version 36.0) crash if You close Firefox before a web page is fully loaded. It's always a plugin-container error.
2.3.0Karel SlanýKarel Slaný