bridge and bridge authority proposal
Roger Dingledine
arma at mit.edu
Mon Nov 26 02:34:07 UTC 2007
On Sat, Nov 17, 2007 at 02:22:54PM -0800, Michael_google gmail_Gersten wrote:
> A bridge is a Tor node, that talks to the rest of the tor network, and
> acts as an entry guard. However, unlike normal tor nodes/entry guards,
> there is no public list of all bridges; instead, you have to know a
> bridge's IP address, or identity key. There are central servers that
> can be queried for a key, and will return an IP address, but without
> some privately passed information, there is no tor.
Right.
> The intent of bridges is to act like an HTTPS: server -- the
> communication between entry node and bridge user looks just like an
> secure web page. The idea is to hide that you are using Tor. For this,
> they act, by default, on port 443 where possible. If not, they
> currently use 9001.
Right. (Actually, it's 443 on Windows and 9001 on other platforms
currently.)
> If I understand that much, then my I suggest using 8000, or 8080, or
> some other "user web server" port? 9001 is a normal tor port, and
> easily blocked by someone trying to block tor.
I still think the long-term fix is described in Section 1.7 of
http://www.torproject.org/svn/trunk/doc/spec/proposals/125-bridges.txt
But you're right, the short-term fix should be to stop using such an
obvious port. In Vidalia, the default settings for relays are the same
whether it's a public relay or a bridge relay. Should we change Vidalia's
default ORPort on non-Windows platforms to 8080?
Thanks,
--Roger
More information about the tor-dev
mailing list