Re: Yes to Publicity! Not to Anonimity! Was: Re: GNOME Foundation Annual Elections - proposal



On Tue, Sep 16, 2003 at 07:04:23PM -0600, Andreas J. Guelzow wrote:
> On Tue, 2003-09-16 at 18:18, George wrote:
> > On Tue, Sep 16, 2003 at 05:28:59PM -0600, Andreas J. Guelzow wrote:
> > > > Best course of action would be for the voting software to re-send the ballot
> > > > with a new unique key (same counter).  But that's getting quite anal.
> > > 
> > > So if I want to find out whether my subordinate indeed voted for me, I
> > > send a request from the employee's account for a new key. That yields
> > > the employee's serial number (first 3 digits) that suffice to look up
> > > the vote.
> > 
> > So if the key is re-made on requests (which is what I suggested) then you
> > don't.  
> 
> Read you own previous reply. You said `same counter'. So I can look up
> the vote. THe first 3 digits were supposedly unique.

Read what happens when the voter tries to vote with the old (now invalid)
key.  The fraud will be detected as the employee will know someone requested
the 'key', so the vote can be completely redone since the voters vote will
not even get into the results.

This is the same rationale behind sending someone a new random password when
they request that they lost their password.  Then the original
user/voter/whoever knows that someone did something like that.

But again, the point is moot.  If your emplyer or someone else can get into
your email, they can get your original key without having to send for another
one.  Address real problems.  Don't get stuck on things that are not just to
make a longer argument.

> If you assign a different counter, then it can't be verified whether in
> fact only as many valid keys as members were issued. 

Actually it can be.  Just count the keys.  The counter just helps in quick
visual check.

> > You request it and get a new key.  The employee will try to vote with
> > the old key (which you don't know) and will be refused.
> > 
> > If you can get into your emplyees email then you can get the key in the first
> > place.  Obviously though if you want to be independent from your employer you
> > vote from home using a personal account (or use encryption).
> 
> We will be able to use encryption? That wasn't mentioned before and it
> would bve nice to see how you are going to set up that each member will
> receive an individually encrypted message. (Of course if you do that,
> you may not even need any keys.)

It's extra anal but I can't see why it can't be done.  I think using a
personal account is just as good and easier.  I can't see why encryption
can't be used.  You'd just send your gpg or whatever key to the voting
software admin or whatnot.

> > So I as a voter can take the precaution (using a personal email account to
> > vote).
> > 
> > Can you come up with an example which is not easily refuted? 
> 
> Simply you stating that you refuted an issue, does not make it so. You
> seem to be changing both the purpose of the change and the proposed
> method on the fly without even acknowledging your changes.

No, I have not changed the method at all.  I should have then just said "use
a personal account" instead of saying "encryption".  The result is the same
and the method is unchanged.

As for requesting new keys, that's a separate issue.  The method didn't
include any provision for this and thus there is no changing things.

Also simply saying that the issue is not refuted even if you have not given a
strong logical argument for why it is still valid does not make it refuted
BTW.

> >  As in a REAL
> > problem?  So far the examples are either incredibly vague (e.g. "secrecy
> > makes fraud possible"), not different in old/new scheme and thus irrelevant,
> > or obvious and easily preventable by the voter that does care about anonymity
> > (e.g. above).
> 
> You suggested encryption above. Can you explain this in a working setup?

Huh?  This point is moot.  Encryption is NOT needed.  Use a personal account.
Can you come up with some REAL problem then?

(Note: if you don't know how encryption works, then obviously you must use
a personal account)

> Can you clarify whether the replacement key will have the same counter
> digits (as you said in the previous message) or a new counter as you
> imply in this one? 
> 
> And perhaps you can come up with an scheme we can stick with at least
> for discussing it.

I'm sticking with it.  You are suggesting changes.  OK.  To stick with the
old voting scheme without any additions, then no, you can't get a replacement
key.  Find a problem there.  It may not be nice to the voters, but it's 

Obviously you are not willing to discuss the scheme but are trying to
nitpick.  You have not suggested one problem that can't be solved or that is
a problem.  That is my argument.

George

-- 
George <jirka 5z com>
   You have the right not to be killed,
   Murder is a crime!  Unless it was done by a policeman or an aristocrat.
                       -- The Clash



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]