Opened 6 months ago

Last modified 6 months ago

#34212 assigned task

Set up a domain-fronted end point for wolpertinger

Reported by: phw Owned by: phw
Priority: Medium Milestone:
Component: Circumvention/Wolpertinger Version:
Severity: Normal Keywords:
Cc: dcf, cohosh, phw Actual Points:
Parent ID: #32740 Points: 1
Reviewer: Sponsor: Sponsor30-can


Censorship measurement platforms like OONI can request bridges to test from wolpertinger's REST API. Some platforms may be unable to talk to wolpertinger because it runs on, which may be blocked. (This isn't an issue for OONI because it intends to proxy wolpertinger requests over its backend.)

We should set up a domain-fronted endpoint to fix this issue: In addition to a direct connection to, censorship measurement platforms should be able to use a domain front at

After reading #27469 and #16650, I believe that we need to configure another azure reflector, e.g.,, which is hooked up to

Child Tickets

Change History (1)

comment:1 in reply to:  description Changed 6 months ago by dcf

Replying to phw:

After reading #27469 and #16650, I believe that we need to configure another azure reflector, e.g.,, which is hooked up to

If you only care about reachability, then yes, all you need is a CDN configuration pointing to That's also the easiest to deploy and use because you don't need anything more than curl to interact with it.

If you need confidentiality from the CDN (i.e., if you suspect that the CDN is eavesdropping on connections and recording bridge addresses), then the above model is not good enough. The problem is that you have hop-by-hop TLS from the client to the CDN, and from the CDN to BridgeDB, but no end-to-end secure channel. For end-to-end security I think you have two options:

  1. Do like Moat, and tunnel an end-to-end TLS session through the hop-by-hop CDN TLS sessions. The end-to-end security is provided by the existing TLS certificate of This is more awkward to use because you need to run e.g. meek-client and meek-server at the endpoints to build the tunnel.
  2. Provide a layer of security in Wolpertinger separate from TLS. That is, don't just return some bridge addresses in plaintext, but use something like an NK or IK Noise protocol to establish an ephemeral session key and return an authenticated ciphertext in one round trip. The client could send its part of the handshake as a URL query parameter or POST body, and the server could return its part of the handshake followed by an authenticated ciphertext in its response body.
Note: See TracTickets for help on using tickets.