GitLab

AFAIK the existing BridgeDB https and moat distributors do take into account the requester IP address, it does have bridgerings for different IP ranges so we only provide bridges from that bridgering to that IP range.

While bridgedb is being used as distributor of rdsys (#12 (closed)) this mechanism is going to be still working for the existing https and moat distributors. But our new moat circumvention settings (bridgedb#40025 (closed)) will need rdsys to implement this mechanism if we care about it.

It looks like in the real world this protection hasn't stopped big attackers from listing all the bridges, and the effort might not be worth it. So I will say we should just close this issue and forget about distributing bridges by IP.

But I'll like to hear from others with more experience what they think. @cohosh @arma any opinions here?