RE: [ga-ext] On-Line Voting
Note the following;
Internet-based voter registration poses significant risk to the integrity of
the voting process, and should not be implemented until an adequate
authentication infrastructure is available and adopted. While information
already in the domain of election officials may be updated remotely, given
appropriate authentication protocols, initial registration conducted online
cannot establish the identity of the registrant without the transmission of
unique biometric (fingerprint or retinal scan) data and an existing database
with which to verify the data. Online registration without the appropriate
security infrastructure would be at high risk for automated fraud (i.e., the
potential undetected registration of large num-bers of fraudulent voters).
The voter registration process is already one of the weakestlinks in our
electoral process. The introduction of Internet-based registration without
first addressing the considerable flaws in our current system would only
serve to greatly exacerbate the risks to which we are already exposed.
The other document also agrees, as do I, that the primary flaw is the lack
of an authentication mechanism. I've been on-record for stating this since
the IFWP list days. Guys, we deal with this problem everyday, on these
lists. It's the ol' "on the Internet, no one knows that you're a dog" thing.
It gets worse, no one knows that you're the dog you claim to be. Fix this
one and the other problems are soluble.
That said, I disagree that bio-metrics are a requirement. In fact, given
sufficient ruthlessness, bio-metrics are easily thwarted. There are many
ways to authenticate, to many different definitions of authentication. This
implies that there are varying levels of security. Guess what ... there are
(a point that both reports miss or gloss over). MHSC has been working on
many of them for years. MHSC's problem was that, heretofore, the market
wasn't interested in having such security. At least, not to the level where
it was ready to actually *pay* for it (I want my mail for free! [to the tune
of "I want my MTV!"]).
When I offered SecureWebMail, to the IFWP list, I was inundated with mail
refusing to provide even basic online authentication data (yeah, like MHSC
was going to unfairly profit and get rich from 249 subscribers. Oy ... give
.. me .. a .. break!). WXW was one of the more adamant ones. But, he wasn't
alone. There are also folks, like Sotiris, that think cookies are some form
of evil mojo, especially encrypted ones.
I understand that Ed Gerck and Einar Stefferud are working on something
along this line. I note that neither are listed on either of these reports.
Ed is a major player in trusted-systems theory, although they did get Ron
[Rivest, the "R" in RSA] and a few other cypher-punks to contribute.
We have the technology and we have the companies that know how to design an
authentication infrastructure (MHSC, for one). What we don't have is, the
will to provide the capital resources to build it. NO ONE is going to build
such a beast for free, period. It's too much concentrated work and trust
relationships also mean stability and that ONLY comes from having
substantial predictable resources ($$$money$$$). Volunteers have none of the
above. One might ask Verisign, I'm sure that they'd charge appropriately, as
well (why do you think that they've been buying up ALL their competitors?).
Why do you think I said this http://www.dnso.net/mhsc-tld.htm#_Toc465014036
? That, my friends, is the core of an authentication infrastructure that
would allow internet voting, for internet issues. But, we seem to have a
little problem getting down to that level of detail. We are trying to
register new TLDs without first knowing what a root registry should do. Is
that bass-ackwards or what?
ROELAND M.J. MEYER
Morgan Hill Software Company, Inc.
TEL: +001 925 373 3954
FAX: +001 925 373 9781
> -----Original Message-----
> From: Danny Younger [mailto:firstname.lastname@example.org]
> Sent: Thursday, May 17, 2001 4:00 PM
> To: email@example.com
> Cc: firstname.lastname@example.org; email@example.com
> Subject: [ga-ext] On-Line Voting
> I have noticed that the At-Large Study Committee has posted
> studies such as
> "Security Considerations for Remote Electronic Voting over
> the Internet," by
> Avi Rubin http://avirubin.com/e-voting.security.html
> That particular paper also refers to another recent study
> (March 2001), the
> "National Workshop on Internet Voting"
> Both of these studies imply that on-line elections are not
> feasible at this time. I am worried that if the ALSC does not itself
> commission a study on how to actually make such elections
> feasible, the
> currently cited arguments might prevail in the absence of
> I would appreciate it if those of you with experience in hacking or in
> encryption technologies (digital certificates or otherwise)
> could comment
> upon these studies and determine whether the technology does
> in fact exist
> that would allow for worldwide on-line elections.
> As I believe that ICANN does escrow worldwide registrant
> data, it should (in
> my uninformed opinion) be possible to send an encrypted time-sensitive
> one-time-use email to every registrant worldwide as an
> election ballot. Is
> this within the realm of possibility? Any informed thoughts would be
> This message was passed to you via the firstname.lastname@example.org list.
> Send mail to email@example.com to unsubscribe
> ("unsubscribe ga-ext" in the body of the message).
> Archives at http://www.dnso.org/archives.html
This message was passed to you via the firstname.lastname@example.org list.
Send mail to email@example.com to unsubscribe
("unsubscribe ga-ext" in the body of the message).
Archives at http://www.dnso.org/archives.html