Enable Encrypted SNI

In testing DOH(DNS over https), encrypted SNI(Server Name Indication) was not enable for brave browser. To reproduce, I’ll be using cloudflare dns. Install config file from here - https://paulmillr.com/posts/encrypted-dns/ in safari iOS browser because config profile install doesn’t work in brave iOS. Then check dns over https here - https://www.cloudflare.com/ssl/encrypted-sni/ in brave iOS browser.

The benefits to enabling will be the hostname will be private in a tls connection.

Encrypted SNI was an experimental project that has been abandoned by Cloudflare (although that test page still works). They are now working on a new project.

so why sni is still on their website to test it :

@gmacar seems to mean ECH (encrypted ClientHello). Here and here are some Claudflare’s blog posts. Test here.