Anyway, I managed to keep up the schedule. Echoing George's request, I wrote a design specification [https://github.com/changlan/http-transport/blob/master/design.md] based on Steven's document.

In brief, I apply the BOSH technique to transfer bidirectional-streams over HTTP, which is the skeleton of the design.

To disguise Tor's content patterns, we should make the traffic indistinguishable from random bits. Since there is an assumption that user and bridge share a cryptographically secure secret, I simply encrypt the data under AES-128 counter mode.

To achieve scanning resistance, the user should send a secure message MAC(IP | Port | Timestamp, K) to the bridge. If the message gets verified on the bridge's side, the user gets accepted. Otherwise, the bridge will refuse to respond the user (or behave like a normal HTTP server). (I am not a crypto guy, so the scheme above may have flaws. Any review?)

And finally the traffic should be able to pass through proxies. I guess proxies will not cache POST response; am I correct?

That's it. There are some optional components that I am not sure whether to implement or not, such as packet-size obfuscation, Format-Transforming Encryption, etc. I think packet-size obfuscation is necessary, but I would rather put it in a TODO list for now.

One thing that is still arguable is that whether the traffic pattern of BOSH is safe enough. In other words, how to evaluate whether the traffic pattern revealed in this HTTP transport is common in other applications (XMPP for example).

I have implemented the transport within the pyobfsproxy framework as well as unit tests.[https://github.com/changlan/obfsproxy] Currently scanning resistance and content encryption are not enabled [https://github.com/changlan/obfsproxy/commit/5b5e8b543919c5b3cda756b3a9e7f411f02765c7], but the BOSH technique is applied. Tests and code reviews are welcome!

Thanks.

Best wishes,

Chang