DNSSEC and DANE

- OTHER

Method of validating a DNS response against a trusted root server. Mitigates various attacks that could reroute a user to a fake site while showing the real URL for the original site.

IE

  1. 5.5 - 10: Partial support
  2. 11: Partial support

Edge

  1. 12 - 80: Partial support
  2. 81: Partial support

Firefox

  1. 2 - 75: Partial support
  2. 76: Partial support
  3. 77 - 78: Partial support

Chrome

  1. 4 - 5: Partial support
  2. 6 - 30: Partial support
  3. 31 - 80: Partial support
  4. 81: Partial support
  5. 83 - 85: Partial support

Safari

  1. 3.1 - 13: Partial support
  2. 13.1: Partial support
  3. TP: Partial support

Opera

  1. 9 - 67: Partial support
  2. 68: Partial support

iOS Safari

  1. 3.2 - 13.3: Partial support
  2. 13.4: Partial support

Opera Mini

  1. all: Partial support

Android Browser

  1. 2.1 - 4.4.4: Partial support
  2. 81: Partial support

Blackberry Browser

  1. 7: Partial support
  2. 10: Partial support

Opera Mobile

  1. 10 - 12.1: Partial support
  2. 46: Partial support

Chrome for Android

  1. 81: Partial support

Firefox for Android

  1. 68: Partial support

IE Mobile

  1. 10: Partial support
  2. 11: Partial support

UC Browser for Android

  1. 12.12: Partial support

Samsung Internet

  1. 4 - 10.1: Partial support
  2. 11.1: Partial support

QQ Browser

  1. 10.4: Partial support

Baidu Browser

  1. 7.12: Partial support

KaiOS Browser

  1. 2.5: Partial support

Browsers have generally decided to not implement DNSSEC validation because the added complexity outweighs the improvements to the browser. DNSSEC is still useful as it is widely used to protect delivery of records between DNS servers, only failing to protect the delivery from the last DNS server to the browser.

Certificate transparency is widely used and tries to provide the same security as DNSSEC but by very different means.

Resources:
Chrome implementation bug
Firefox implementation bug
Wikipedia - DNSSEC