Talk:Tcpcrypt

Notability

I don't agree. USENIX Security Symposium is not a highly esteemed security conference. For cryptographic protocols such as this CRYPTO, EUROCRYPT etc. are far more prestigeous. Furthermore, just presenting a paper at a conference is not enough to establish notability. 62.203.0.154 (talk) 17:42, 27 August 2010 (UTC)

1. Per WP:PROD, if a proposed deletion has been contested once, you cannot propose it for deletion again. You have to go for the whole WP:AFD process.
2. The notability guideline defines notability as "significant coverage in reliable sources that are independent of the subject". The article, as it stands, has 2 references to news articles, with significant coverage from reliable sources (LWN.net and Network World), and a USENIX presentation.
3. The CRYPTO and EUROCRYPT conferences are focused on theoretical cryptography research — ciphers, hashes, cryptosystems and abstract cryptographic protocols. You won't find entries on concrete, applied network protocols there — like TLS, IPsec, SSH, tcpcrypt. USENIX Security Symposium is exactly the conference for this. -- intgr [talk] 18:12, 27 August 2010 (UTC)

Intgr, your assessement is hard to follow. First decrying CRYPTO and EUROCRYPT as conferences where only abstract protocols are discused (what is an abstract cryptographic protocol anyway) is quite unfounded. Many of the results there are very useful in practice. I haven't done a count, but it would not surprise me if more results on TLS, SSH were published in those "out-of touch with the world" conferences. But that is besides the point. We want to know whether tcpcrypt is notable. A newpaper article is hardly a measure of notability. Most journalists don't have the skills to judge the notability of a paper. They do a good job if the can capture the essence of a paper. Really notable cryptographic results usually get dozens of articles on news cites. Neither is a draft for an IETF submission a sign of notability. Anyone can do that. Furthermore, the protocol has just been presented. Even if someone broke it on the spot during the conference, we would not know, since the time since the publication is far too short for anyone write and publish a paper on the cryptanalysis. Hence, at least at the moment, we really can't have any confidence that the protocol is secure. Citeseer or Google Scholar are also useful indicators if a paper is notable. I.e. if a paper has 100+ references then it becomes a candidate for being notable. This paper has of course still 0 references. 62.203.0.154 (talk) 19:00, 27 August 2010 (UTC)

You're inventing your own definition of notability, and it does not match Wikipedia's definition. Please read WP:N and WP:RS. Having seen many past deletion discussions, articles with even just a few news references tend to survive. These are articles exclusively about tcpcrypt.

For someone who claims to know what's relevant at theoretical cryptography conferences, I'd expect you to know what "abstract protocols" are. They are protocols like dining cryptographers protocol, socialist millionaire protocol, homomorphic secret sharing, Yao's Millionaires' Problem, Otway-Rees protocol, Wide Mouth Frog protocol, I could go on and on, but the point is, their focus is theoretical cryptography, not applied cryptography. -- intgr [talk] 19:55, 27 August 2010 (UTC)

Integr, I still don't know what your personal definition of "abstract protocol is". Is it a protocol that has not (yet) been used in a "practical" application, or is it simply a protocol that was published without resleasing source code or is it the lack of defining a protocol down to every single bit that makes them abstract? Thus it is not possible to even say with which entries in your list I agree and with which ones I don't. I.e.,I don't know an application of the dining cryptographer's protocol but that doesn't mean there isn't. The millionair's problem is potentially helpful for online auctions unless you have a trusted authority. Homomorphic secret sharing is used in implementations of online-voting protocols and also to share high value keys (e.g. CA keys). The homomorphic property is used for redistributing the shares. I have no idea why you mention the Otway-Rees protocol. It was not published at an IACR conference. And in fact the subtle flaws in this protocol, the predecessors and the supposed fixes of this protocol are one good reason for the more formal treatment of cryptographic protocols, that is so popular are real crypto conferences.

From the stuff, that I've recently implemented or used for example HMAC, the TET encryption mode or the OAEP scheme for RSA were all published at CRYPTO. I find USENIX papers much less useful. They are frequently just a remix of previous ideas, but of course that might still be useful for some people. Still, I'd say, that your complaints about CRYPTO are clearly unjustified and your arguments are baseless. 62.203.0.154 (talk) 23:04, 27 August 2010 (UTC)

An abstract cryptography protocol is one specified in terms of math. A network protocol is one specified in terms of data structures. They're two completely different worlds. But seriously, this argument is a red herring. -- intgr [talk] 00:17, 28 August 2010 (UTC)

Huh? Usually both (i.e. data structures to describe plaintexts, ciphertexts, keys etc and math to describe the relations between them) are required. So your definition of abstract does not make sense. I would also appreciate if you had a brief look at the papers that you refer to. E.g. tcpcrypt and the Otway-Reese protocol use very similar notations. Implementation details such as byte order are usually not described in conference papers. That is subject a standardization process. Therefore, I don't think that trying to find some arbitrary distinction between abstract and applied protocols leads anywhere. It certainly does not determine, whether a paper is notable or not. To do so one has to observe the reactions of the crypto community. Maybe in a year this is possible. The paper may have one or two intersting ideas, but so have many other papers that have been published this year. Trying to predict, which papers turn out to be notable, would be a cristall ball argument and such arguments do not belong on wikipedia. 62.203.57.182 (talk) 08:44, 29 August 2010 (UTC)

(outdent)

Some thoughts from a third party:

1. Wikipedia's General Notability Guideline says a topic is 'notable' if it "has received significant coverage in reliable sources that are independent of the subject". I believe the coverage in LWN and Network World makes tcpcrypt notable (though I'm a little unhappy that the LWN article will be subscriber-only until Sept 8th).
2. Those articles, like tcpcrypt.org, are aimed at readers with considerable knowledge about networking and crypto. It will be difficult to write a good encyclopedia article for non-specialists without more good sources aimed at less expert readers.
3. The fact that tcpcrypt is still an internet draft and not yet officially part of any OS also makes it harder to write a good article.
4. It is quite OK to have a stub article here while we wait for the IETF, the Linux developers and other interested parties to decide what to do with tcpcrypt.
5. The significance of tcpcrypt is that it "put[s] well-understood components together in the right way to permit rapid and universal deployment of opportunistic encryption, and then provid[es] the right hooks to encourage innovation and deployment of much better and more appropriate application-level authentication" (quoting section 8 of the Usenix paper).
   My paraphrase: tcpcrypt is carefully engineered for immediate small-scale deployment and subsequent large-scale deployment, giving automagic encryption with little effort and providing much better authentication with modest changes to client and server software. (I guess that "rapid" here will turn out to mean "in less than five years".)
   So as well as describing tcpcrypt, our article should cover how well accepted/supported it is (assuming it is supported/accepted enough to get coverage in good sources).
6. I'm interested in this article because I think tcpcrypt will catch on and will improve the internet.

Cheers, CWC 12:45, 30 August 2010 (UTC)

As far as I'm concerned, tcpcrypt is definitely notable work, and I echo and agree with CWC's and intgr's sentiments. =JeffH (talk) 21:10, 3 September 2010 (UTC)

Just to help close the discussion, there's at least a couple of WP:RS, so it looks notable to me. Widefox; talk 12:18, 15 July 2013 (UTC)

Dead?

The site is down. Is this dead now? 80.192.109.91 (talk) 20:31, 23 August 2022 (UTC)