paulmillr / encrypted-dns

DNS over HTTPS config profiles for iOS & macOS
https://paulmillr.com/posts/encrypted-dns/
The Unlicense
3.35k stars 334 forks source link

cloudflare-tls.mobileconfig ServerName should be one.one.one.one #33

Closed jasonmader closed 3 years ago

jasonmader commented 3 years ago

https://developer.apple.com/documentation/devicemanagement/dnssettings/dnssettings

If no ServerAddresses are provided, the hostname will be used to determine the server addresses. This key must be present only if the DNSProtocol is TLS.

The ServerName string used is cloudflare-dns.com which is in the X509v3 Subject Alternative Name of the certificate, but resolves to web servers for Cloudflare's DNS. The ServerName should probably be one.one.one.one which resolves to the actual DNS servers.

paulmillr commented 3 years ago

pull reqs are welcome