[tor-bugs] #6396 [Tor Bridge]: Reachability tests for obfuscated bridges
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Tue Jul 17 05:09:51 UTC 2012
#6396: Reachability tests for obfuscated bridges
------------------------+---------------------------------------------------
Reporter: asn | Owner:
Type: task | Status: new
Priority: normal | Milestone: Tor: unspecified
Component: Tor Bridge | Version:
Keywords: pt | Parent:
Points: | Actualpoints:
------------------------+---------------------------------------------------
Comment(by arma):
I think 'a' is a good start, and may well be good enough.
It's not clear to me that the bridge authority is the right place to do
complex reachability testing. The bridge authority's main jobs are to a)
receive bridge descriptors, b) give them out to people who know the
identity key, and c) export stuff so bridgedb can work. The design is
pretty flexible about what 'stuff' means exactly.
In a world where bridges can work from one place but not another, and
where making direct connections to all bridge addresses from a central
place is a poor security idea, it seems we should move toward "bridges
test themselves somehow, and the bridge authority trusts that they work as
described." Then the bridge authority does a simple test for "is the
bridge present or not" (though I'd like to get away from even that), and
anything more complex comes in the form of inputs to bridgedb from ooni-
style reachability tests.
(Should we rename this ticket, to constrain it to the bridge authority
piece of reachability tests for obfsbridges?)
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/6396#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list