If that's the answer to "what's the term for encryption that a middle man cannot decrypt", NO: peer-to-peer simply means... well, pretty much it means sending IP packets directly to each other rather than through a central server (yes, not much of a thing, but it meant you could get free music more easily, so the term got a lot of traction)
That's right. It is certainly possible to use peer-to-peer to send unencrypted packets. Peer-to-peer does not imply encryption. It does imply avoiding a "middleman". Thus, to send encrypted packets without using a middleman, peer-to-peer is a viable method.
No, it only implies avoiding a central server (and not even for every aspect of the service), you still run through routers, ISPs, NSA etc.
If you are certain that there's no middleman, you don't need encryption.
N.B. Maybe someone defines it in another way today, but when the term became popular, with Napster, it really meant simply not having a central server for certain functions, or even more banally not downloading your mp3s from a web site or ftp server; it did have some significance also because the legal aspect of it was more uncertain; when people started getting 100k dollars fines, peer-to-peer stopped meaning much, sometimes it's better to send packets directly to each other, other times through a server, but you almost always encrypt and almost always ought to encrypt end-to-end
The central server is the "middleman" as I am using that term. Routers are not middlemen under the meaning I am using. I am referring to peer-to-peer without any supernode forwarding traffic. No central server. There may be a "rendezvous server" involved in allowing two nodes to discover how to connect to one another, however that server does not route traffic.
I never implied a need for encryption associated with peer-to-peer. The parent comment asked about avoiding a middleman.
I have no idea what "end-to-end encryption" means, nor do I seek to know. I do not wish to be part of that debate. The record of how that term is being applied speaks for itself.
To me, "peer-to-peer" (with no central server) is in the spirit of end-to-end. This is why for example, people will sometimes say, "The internet was originally peer-to-peer."
I know that the term "peer-to-peer" could be interpreted in many ways, but to the best of my knowledge it is usually interpreted how I wrote above.
Which I think it's pretty much how you defined it too in your (last) comment, so I'm not sure what we're debating.
The important thing was that no one reading these comments get the impression that the multitude of systems that describe themselves as "peer-to-peer" are for sure using "encryption that a middle man cannot decrypt".
---
> The parent comment asked about avoiding a middleman
Middle man in cryptography is anyone intercepting a message
---
> I have no idea what "end-to-end encryption" means, nor do I seek to know
Well, I don't mean to be rude, but then there's not much you can say in a discussion about encryption...
---
Look, the important thing was to underscore that the https://news.ycombinator.com/item?id=23554823 comment was (apparently) wrong, I don't have any interest in winning a battle, I appreciate your enthusiasm, you probably currently don't know everything about cryptography or networking and there's nothing wrong with that, no one is born expert and no one knows everything there is to know. I have to go to sleep, bye
Just because the peer-to-peer software known to you may suck does not mean that the concept of peer-to-peer is obsolete. Nevermind Wireguard and other known examples of peer-to-peer software that does not suck, consider that there is software you do not know about. The idea that "peer-to-peer" is Napster plus some list of crappy, widely known software fiddling around with DHTs and dreaming about "the next big thing" is nonsense. Peer-to-peer is just a design principle
The term the parent comment used was "middle man" not man-in-the-middle. As for "E2EE", I have never seen djb even use that term. I see many untrustworthy "tech" companies using it though.
I don't know what's going on here, I never said that any peer-to-peer software sucks or that the concept is obsolete, in fact I much prefer it if a system is distributed/peer-to-peer.
All I said and cared to stress, to avoid that someone reading this make mistaken assumptions about p2p software (although probably few of this site's users would run the risk), is that ^^^they don't, as you claimed in https://news.ycombinator.com/item?id=23554823 , automatically imply "encryption that a middle man cannot decrypt"^^^.
You admitted you don't even know what end-to-end encryption is, and apparently don't know much about encryption, what are you debating?
---
> The term the parent comment used was "middle man" not man-in-the-middle
It's the same thing (unless the post author meant "a man of middle age")
---
> As for "E2EE", I have never seen djb even use that term
You mean Daniel J. Bernstein with djb? Do you mean that you are actually knowledgeable about encryption? I don't mean to be insulting but it didn't seem so (and there wouldn't be anything bad in that), it's hard to believe that someone with basic familiarity with encryption wouldn't know what end-to-end encryption is.
If with "that term" you meant the E2EE acronym, I indeed wouldn't be surprised if Daniel J. Bernstein never used it, it's the first time I see it myself (but it obviously doesn't mean anything more than "end-to-end encryption").
---
I don't know why you took it so personally, maybe I sounded aggressive in saying NO in uppercase, if so I'm sorry, it was just to make it more visible
I mean the term as it is being used by Zoom and others, not just the acronym. What I commented is that I am not interested in the term "end-to-end encryption". To me, at this point, it does not mean anything. It is no more meaningful than "cloud computing", "big data" or "AI". I prefer to read source code, not marketing copy. I want to know what something "does" not what it "is". The former is factual the later is potentially subjective. IMO, it is irrelevant what you or I know or do not know. No one really cares. Focus on the comment, not trying to make assumptions about the user who submitted it.
Example comment: "Peer-to-peer is a viable design for videoconferencing for small groups. If one is concerned about a "middle man" then it is worth investigating a peer-to-peer design."
Bah (yes, looking at the source code instead of the description is a good advice, and to focus on the comments is another one, but I really lost you) (sorry for the late reply)
