[tor-dev] Email Bridge Distributor Interactive Commands
Matthew Finkel
matthew.finkel at gmail.com
Sat Jul 26 08:17:21 UTC 2014
On Fri, Jul 25, 2014 at 10:19:40PM +0000, isis wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
>
> Yawning Angel transcribed 2.9K bytes:
> > On Fri, 25 Jul 2014 13:25:31 +0200
> > Lunar <lunar at torproject.org> wrote:
> >
> > > isis:
> > > > > We can't just make Tor Browser stop accepting obfs2 because some
> > > > > people are using obfs2 bridges right now. But we shouldn't add
> > > > > more people to the set of users of a broken protocol.
> > > >
> > > > Obfs3 is also "broken", it's just that we haven't yet seen a DPI
> > > > box do it IRL. If you want me to only hand out the holy grail, I'm
> > > > never going to hand anything out.
> > >
> > > The holy grail will never exist, indeed. I fail too see why this would
> > > be a reason to continue giving out solutions that are known to be bad
> > > when they have suitable replacement.
> >
> > For what it's worth, the official plan is to kill off obfs2 once we
> > figure out how we want to handle deprecating old transports.
> >
> > https://trac.torproject.org/projects/tor/ticket/10314
>
> Thanks, I was looking for that one. :)
>
> > Personally I think when we deploy the next round of transports (meek,
> > and either ScrambleSuit or obfs4) would be the right time to revisit
> > this, and I can't think of a good reason to keep obfs2 around beyond
> > "there are bridges that only support obfs2" which is a fairly terrible
> > reason keep distributing the protocol to new users.
>
> Scramblesuit is "deployed", if you ask me... We've got roughly 2221
> scramblesuit supporting bridges.
>
Nice!
> > My other objection to the idea a while back was that Orbot only
> > supported obfs2, but that's been fixed for a while now.
>
> So... I'm going to wait for an update from the Huggable Transport folks,
> telling me to phase out obfsXYZ, whenever that happens. Until then, obfs3 is
> still the default transport distributed.
>
> Does this sound okay to everyone? Otherwise you're shoving me back into the
> hell where I get yelled at if I don't make a unilateral decision, and also get
> yelled at if I do make a decision. It's kind of annoying to get yelled at all
> the time. :(
I thought Roger made all of them decisions ;)
I think this is a fine plan for now, at least for the next n tags. We
know it's only a matter of time before it will be deprecated, but I
think it's worth squeezing as much out of them as possible.
Scramblesuit (and obfs4 at some future time) can become default(s)
at a future time when the arms race nears equilibrium (as far as we
can tell).
More information about the tor-dev
mailing list