diff --git a/.DS_Store b/.DS_Store new file mode 100644 index 0000000..dc30431 Binary files /dev/null and b/.DS_Store differ diff --git a/README.md b/README.md index a2255d4..84d6065 100644 --- a/README.md +++ b/README.md @@ -7,7 +7,13 @@ Check out the article for more info: [paulmillr.com/posts/encrypted-dns/](https: To make settings work across all apps in **iOS 14** & **MacOS Big Sur**, you’ll need to install configuration profile. This profile would tell operating system to use DOH / DOT. Note: it’s not enough to simply set server IPs in System Preferences — you need to install a profile. -On iOS, after installation, go to system **Settings => General => Profile**, select downloaded profile and click “Install” button. +To install, simply open the file in GitHib, and then click/tap on "Raw". The profile should download. On macOS, doubble click on the downloaded file to open it in settings, and approve instalation. On iOS, go to **System Settings => General => Profile**, select downloaded profile and tap the “Install” button. + +## Signed Profiles + +In the signed folder, we have signed versions of the profiles in this repository. These profiles have been signed by @Candygoblen123 so that when you install the profiles, they will have a verified check box on the installation screen. It also ensures that these profiles have not been tampered with. However, since they were signed by a third party, they may lag behind their unsigned counterparts a little. + +[comment]: <> (We recommend that you install a signed profile instead of an unsigned profile because it ensures that it was not modified while it was downloading.) ## Providers @@ -22,4 +28,4 @@ On iOS, after installation, go to system **Settings => General => Profile**, sel - [🇺🇸 Quad9](https://www.quad9.net/doh-quad9-dns-servers/) — Filters malicious domains. Operated by CleanerDNS, Inc. - [🇸🇬🇺🇸 Tiar.app](https://doh.tiar.app) — "Privacy-first DNS provider". Filters some domains. Server is located in SG, hosted on Digital Ocean -To verify resolver IPs and hostnames, compare mobileconfig files to their documentation URLs. Internal workings of the profiles are described on [developer.apple.com](https://developer.apple.com/documentation/devicemanagement/dnssettings). +To verify resolver IPs and hostnames, compare mobileconfig files to their documentation URLs. Internal workings of the profiles are described on [developer.apple.com](https://developer.apple.com/documentation/devicemanagement/dnssettings). In order to verify signed mobileconfigs, you will need to download them to your computer and open them in a text editor, because signing profiles makes GitHub think that they are binary files. diff --git a/signed/adguard-family-https.mobileconfig b/signed/adguard-family-https.mobileconfig new file mode 100644 index 0000000..61ced3d Binary files /dev/null and b/signed/adguard-family-https.mobileconfig differ diff --git a/signed/adguard-https.mobileconfig b/signed/adguard-https.mobileconfig new file mode 100644 index 0000000..348d976 Binary files /dev/null and b/signed/adguard-https.mobileconfig differ diff --git a/signed/alekberg-https.mobileconfig b/signed/alekberg-https.mobileconfig new file mode 100644 index 0000000..7285d6b Binary files /dev/null and b/signed/alekberg-https.mobileconfig differ diff --git a/signed/alibaba-https.mobileconfig b/signed/alibaba-https.mobileconfig new file mode 100644 index 0000000..2bb9273 Binary files /dev/null and b/signed/alibaba-https.mobileconfig differ diff --git a/signed/canadianshield-family-https.mobileconfig b/signed/canadianshield-family-https.mobileconfig new file mode 100644 index 0000000..19d15d7 Binary files /dev/null and b/signed/canadianshield-family-https.mobileconfig differ diff --git a/signed/canadianshield-family-tls.mobileconfig b/signed/canadianshield-family-tls.mobileconfig new file mode 100644 index 0000000..230f0fd Binary files /dev/null and b/signed/canadianshield-family-tls.mobileconfig differ diff --git a/signed/canadianshield-private-https.mobileconfig b/signed/canadianshield-private-https.mobileconfig new file mode 100644 index 0000000..6580b2c Binary files /dev/null and b/signed/canadianshield-private-https.mobileconfig differ diff --git a/signed/canadianshield-private-tls.mobileconfig b/signed/canadianshield-private-tls.mobileconfig new file mode 100644 index 0000000..1fb38fc Binary files /dev/null and b/signed/canadianshield-private-tls.mobileconfig differ diff --git a/signed/canadianshield-protected-https.mobileconfig b/signed/canadianshield-protected-https.mobileconfig new file mode 100644 index 0000000..ab37a19 Binary files /dev/null and b/signed/canadianshield-protected-https.mobileconfig differ diff --git a/signed/canadianshield-protected-tls.mobileconfig b/signed/canadianshield-protected-tls.mobileconfig new file mode 100644 index 0000000..4e7153f Binary files /dev/null and b/signed/canadianshield-protected-tls.mobileconfig differ diff --git a/signed/cloudflare-family-https.mobileconfig b/signed/cloudflare-family-https.mobileconfig new file mode 100644 index 0000000..640f3b1 Binary files /dev/null and b/signed/cloudflare-family-https.mobileconfig differ diff --git a/signed/cloudflare-https.mobileconfig b/signed/cloudflare-https.mobileconfig new file mode 100644 index 0000000..4e82a1a Binary files /dev/null and b/signed/cloudflare-https.mobileconfig differ diff --git a/signed/cloudflare-malware-https.mobileconfig b/signed/cloudflare-malware-https.mobileconfig new file mode 100644 index 0000000..a5338e0 Binary files /dev/null and b/signed/cloudflare-malware-https.mobileconfig differ diff --git a/signed/cloudflare-tls.mobileconfig b/signed/cloudflare-tls.mobileconfig new file mode 100644 index 0000000..9ca63cb Binary files /dev/null and b/signed/cloudflare-tls.mobileconfig differ diff --git a/signed/dnspod-https.mobileconfig b/signed/dnspod-https.mobileconfig new file mode 100644 index 0000000..a43265a Binary files /dev/null and b/signed/dnspod-https.mobileconfig differ diff --git a/signed/google-https.mobileconfig b/signed/google-https.mobileconfig new file mode 100644 index 0000000..fff61ab Binary files /dev/null and b/signed/google-https.mobileconfig differ diff --git a/signed/google-tls.mobileconfig b/signed/google-tls.mobileconfig new file mode 100644 index 0000000..de79f4f Binary files /dev/null and b/signed/google-tls.mobileconfig differ diff --git a/signed/opendns-familyshield.mobileconfig b/signed/opendns-familyshield.mobileconfig new file mode 100644 index 0000000..b67e264 Binary files /dev/null and b/signed/opendns-familyshield.mobileconfig differ diff --git a/signed/opendns-https.mobileconfig b/signed/opendns-https.mobileconfig new file mode 100644 index 0000000..09de316 Binary files /dev/null and b/signed/opendns-https.mobileconfig differ diff --git a/signed/quad9-https.mobileconfig b/signed/quad9-https.mobileconfig new file mode 100644 index 0000000..a9afd47 Binary files /dev/null and b/signed/quad9-https.mobileconfig differ diff --git a/signed/quad9-tls.mobileconfig b/signed/quad9-tls.mobileconfig new file mode 100644 index 0000000..1fee1ac Binary files /dev/null and b/signed/quad9-tls.mobileconfig differ diff --git a/signed/tiarapp-https.mobileconfig b/signed/tiarapp-https.mobileconfig new file mode 100644 index 0000000..6d595af Binary files /dev/null and b/signed/tiarapp-https.mobileconfig differ diff --git a/signed/tiarapp-tls.mobileconfig b/signed/tiarapp-tls.mobileconfig new file mode 100644 index 0000000..ab164b2 Binary files /dev/null and b/signed/tiarapp-tls.mobileconfig differ