Here is a quick project to try out this weekend… download and try out the Bloodhound web browser from the DNSSEC Tools Project.
This web browser is a modified version of Mozilla Firefox that supports local validation of DNSSEC and also usage of the DANE protocol. The cool part about Bloodhound is that it validates ALL web addresses used in the building of a web page, i.e. it is not just validating only the main URL for a site. Given that many web pages today make many calls to other web sites for various components and pieces of the site, Bloodhound will ensure that all of those are validated via DNSSEC.
Once you have Bloodhound installed, you can visit our lists:
where you should see failures happen when you attempt to go to the “bad” sites.
More information about how to configure Bloodhound is available on the DNSSEC Tools Project website. The Bloodhound browser was created as an experimental project to advance DNSSEC deployment and as a test bed for how DNSSEC validation can be build directly into applications. If you have feedback or would like to get more information, please see the bottom of the Bloodhound web page for how to get in touch with the folks at the DNSSEC Tools Project.