I am developing devices that call home. Instead of having our server DNS hardcoded, I want to use a DNS server. I want the device to rely the least on the network infrastructure, so I would like to have only https requests, without any DNS requests. The documentation suggests to use:
Now…as you watch the message boards, you’ll see several locations where 1.1.1.1 doesn’t work, for various reasons beyond Cloudflare’s control. That’s going to the biggest failure point in this process.
Thanks! I think that using curl https://1.1.1.1 is less secure, since I don’t see how it can verify that the certificate matches - the certificate is for Cloudflare-dns.com.
Regarding guarantee, perhaps I should use a better term. I understand that there is no contractual obligation. My question is whether it’s a part of the public API so Cloudflare wouldn’t change it without a good reason, or whether it’s a hack that works now but may not work tomorrow.
Regarding availability, thanks for letting me know! I think that I’ll use 1.0.0.1 instead, as is suggested here.
So now the only thing that bothers me, because of stability concerns, is why doesn’t the documentation mention using curl https://1.1.1.1. Why rely on the system’s DNS lookup when you don’t have to?