[tor-relays] We need bridges with iat-mode set to 1 and especially 2 as well!
s7r
s7r at sky-ip.org
Fri Jan 21 13:43:20 UTC 2022
juckiuscaesar at web.de wrote:
> Hi,
> Setting up more and more obfs4 bridges is fine, but it literally took me
> 1 hour to get a bridge supporting iat-mode=2 through
> https://bridges.torproject.org (that is knowing how to circumvent the
> fingerprinting measures on that site, which are intended to make it
> harder for adversaries to get bridge IP's), this is unacceptable as this
> is the only way I can connect to Tor in my country.
> obfs4 has the possibility to obfuscate the packet size and timing of the
> underlying protocol it obfuscates, so why is almost no bridge using it?
> A call for action is needed, additionally, please also add information
> about this to the "How to set up a Relay / Bridge" pages.
> Please do something.
> Regards,
> Anonymous
>
Running in iat-mode=2 requires more than editing the obfs4 bridge config
in $DATADIRECTORY/pt_state ?
I wonder why it is not possible to have the bridge client negotiating
the iat-mode when connecting to a bridge. So that all obfs4 bridges
could run in iat-mode 0, 1 and 2. By reading the obfs4 spec I can see
only these 3 possible values for iat-mode, is there any other?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 495 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20220121/3f8e96c0/attachment.sig>
More information about the tor-relays
mailing list