Protect bridges from local ISP
Right now it is sufficient to know the IP address of a bridge in order to use it. This allows an ISP to scan if its customers are operating bridges. Furthermore, if a country (or an ISP) wants to check if its users/citizens are connecting to a TOR bridge, it could first log outgoing connections to (e.g.) https ports and then establish a connection and check if a TOR bridge responds on the port.
One possibility to work around this problem would be to require some kind of "token" to connect the a bridge. The directory server could provide the client with the IP address of a bridge and with the token that is required to connect. If the client does not provide the token to the bridge after the connection has been established, the bridge could just close the connection (or even better) return a HTTP error message that looks similar to (e.g.) Apache error messages.
This would make it harder for an ISP to check if its customers are running a bridge. Furthermore, it provides some kind of "plausible deniability" to people that are accussed of (illegally) connecting to the TOR network.
[Automatically added by flyspray2trac: Operating System: All]