On Fri, 25 Jul 2014 13:25:31 +0200 Lunar <lunar@xxxxxxxxxxxxxx> wrote: > isis: > > > We can't just make Tor Browser stop accepting obfs2 because some > > > people are using obfs2 bridges right now. But we shouldn't add > > > more people to the set of users of a broken protocol. > > > > Obfs3 is also "broken", it's just that we haven't yet seen a DPI > > box do it IRL. If you want me to only hand out the holy grail, I'm > > never going to hand anything out. > > The holy grail will never exist, indeed. I fail too see why this would > be a reason to continue giving out solutions that are known to be bad > when they have suitable replacement. For what it's worth, the official plan is to kill off obfs2 once we figure out how we want to handle deprecating old transports. https://trac.torproject.org/projects/tor/ticket/10314 Personally I think when we deploy the next round of transports (meek, and either ScrambleSuit or obfs4) would be the right time to revisit this, and I can't think of a good reason to keep obfs2 around beyond "there are bridges that only support obfs2" which is a fairly terrible reason keep distributing the protocol to new users. My other objection to the idea a while back was that Orbot only supported obfs2, but that's been fixed for a while now. Regards, -- Yawning Angel
Attachment:
signature.asc
Description: PGP signature
_______________________________________________ tor-dev mailing list tor-dev@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev