Discuss other ways for the bridge authority to run bridge reachability tests
When discussing public bridges on IPv6, Nick, Roger, Linus, and I came up with how the bridge authority would test reachability of bridges. We were wondering if these tests are conducted directly, which would make it easy to extend them to IPv6, or if we'd have to implement IPv6 exiting before.
Roger says that if the bridge authority does these tests via Tor, relays might learn bridge addresses. The direct test has the disadvantage of someone who observes the bridge authority to learn about all bridges.
Also copying Roger's response from an email here:
For more on this disadvantage, see #8 (closed) at https://blog.torproject.org/blog/research-problems-ten-ways-discover-tor-bridges
I think the first fix we'll try is that bridges pick some static nodes to do their testing, and then the bridge authority trusts them that they were right. We'll want to either make sure the bridge picks nodes that can do ipv6 testing too, or have the bridge authority fill in whatever tests the bridge couldn't do, or something else.
Maybe we should open another ticket for this topic.