Re: [ga-ext] On-Line Voting

[Thomas Roessler <roessler@does-not-exist.org>]

[Electronic election studies on the ALSC web site.]

On 2001-05-17 19:00:21 -0400, Danny Younger wrote:

>Both of these studies imply that on-line elections are not 
>technologically feasible at this time.  I am worried that if the 
>ALSC does not itself commission a study on how to actually make 
>such elections feasible, the currently cited arguments might 
>prevail in the absence of countervailing studies.

I wouldn't expect that you get countervailing studies of real weight 
when the same set of questions is asked.

However, the question you should really ask yourself when looking at 
his paper is this: From where is he starting?  From where are we 
starting?

Rubin's topic is to investigate the suitability of Internet voting 
as a replacement for a system which is perceived as highly secure 
and stable, and thought to be well understood.  (Or, maybe, which 
used to be regarded that way before the Great Reocunt. ;) 

That is, he asks whether electronic elections should be performed 
INSTEAD of traditional elections.  He does NOT suggest that no 
elections at all should be held because they are insecure!

The ICANN situation is vastly different: To begin with, a dismissal 
of electronic elections would mean that there are no elections at 
all.  Thus, the question the ALSC should ask is not: Can electronic 
elections be made so perfect that they can replace traditional 
elections? - But: Can electronic elections be performed well enough 
so we can kind of accept their results?  Not: Is it better than the 
system we already have? - But: Is it good enough so we can do it at 
all?

Obviously, this question could easily lead to different conclusions, 
based on the very same facts as, say, Rubin's paper.

>As I believe that ICANN does escrow worldwide registrant data, it 
>should (in my uninformed opinion) be possible to send an encrypted 
>time-sensitive one-time-use email to every registrant worldwide as 
>an election ballot.  Is this within the realm of possibility?

There isn't any strong e-mail encryption technology which has been 
deployed down to the last registrant.

Also, there is still not much cryptographic authentication of 
registrants or contacts being done - I know of one ccTLD which 
accepts requests via telefax or letter only, and considers 
signatures (as in: pen on paper) on these faxes or letters as 
sufficient authentication. (Bad enough, they only have a sample of 
the admin contact's signature, but let the tech contact do critical 
changes to the domain.  Ups.) Of course, this ccTLD doesn't have any 
cryptographic keys from registrants.

Finally, the registrant data isn't collected securely, so all 
concerns about secure voter registration would persist.

(Hell, there is less verification done on gtld domain name holders 
than on ICANN voters last year.)

Your proposal would lead nowhere.

-- 
Thomas Roessler                        http://log.does-not-exist.org/
--
This message was passed to you via the ga-ext@dnso.org list.
Send mail to majordomo@dnso.org to unsubscribe
("unsubscribe ga-ext" in the body of the message).
Archives at http://www.dnso.org/archives.html