Dear all, I read arma's blog entry calling for someone to see if limiting zig-zag attacks would harm anonymity. Well, I don't have an answer, but I did notice that we could increase the number of bridge authorities by having each bridge authority take a distinct subset of bridges to hand out, and then implementing a honest forwarder that forwards an email asking for bridges to a bridge authority based on some hash function of the requesting gmail address. Compromising an authority results in those bridges being cut off, but only a subset of users are affected. This also prevents zig-zag attacks: there are no clients who see bridges in two distinct authorities mandate. Unfortunately this only works if bridges are careful not to be listed by multiple authorities. Sincerely, Watson Ladd