On Fri, 25 Jul 2014 13:25:31 +0200 Lunar lunar@torproject.org wrote:
isis:
We can't just make Tor Browser stop accepting obfs2 because some people are using obfs2 bridges right now. But we shouldn't add more people to the set of users of a broken protocol.
Obfs3 is also "broken", it's just that we haven't yet seen a DPI box do it IRL. If you want me to only hand out the holy grail, I'm never going to hand anything out.
The holy grail will never exist, indeed. I fail too see why this would be a reason to continue giving out solutions that are known to be bad when they have suitable replacement.
For what it's worth, the official plan is to kill off obfs2 once we figure out how we want to handle deprecating old transports.
https://trac.torproject.org/projects/tor/ticket/10314
Personally I think when we deploy the next round of transports (meek, and either ScrambleSuit or obfs4) would be the right time to revisit this, and I can't think of a good reason to keep obfs2 around beyond "there are bridges that only support obfs2" which is a fairly terrible reason keep distributing the protocol to new users.
My other objection to the idea a while back was that Orbot only supported obfs2, but that's been fixed for a while now.
Regards,