Talk to Google recaptcha team about BridgeDB's recaptcha-proxying strategy
BridgeDB proxies recaptcha requests for our users so that we don't leak their infos to Google.
We don't know how happy Google will be about this. It's possible that bridges.torproject.org could get blocked from the recaptcha API.
We could proxy the captcha requests through Tor, it would make bridges.tpo load slightly slower, but then the requests would just look like a Tor user had landed on bridges.torproject.org (from Google's perspective). That could be considered rude, and we don't want Google to start treating Tor users differently. Although this may already be the case, because some google searches over Tor are denied without even a captcha.
We could use a different captcha implementation.
As I already implemented recaptcha support and Google is responsible for making sure they keep working, we should talk to them first and see if the current implementation is acceptable before exploring other options.
It was suggested that Mike or Jake could provide an introduction.
This is the ticket to track the progress of this discussion.