DNSO Archives: [registrars]

ICANN/DNSO DNSO Mailling lists archives

[registrars]

<<< Chronological Index >>> <<< Thread Index >>>

Re: [registrars] RE: ballot games

To: Registrars List <Registrars@dnso.org>
Subject: Re: [registrars] RE: ballot games
From: Patrick Mevzek <dnso-reg@gandi.net>
Date: Wed, 19 Feb 2003 14:43:39 +0100
In-Reply-To: <Pine.LNX.4.33.0302181346350.664-100000@flash.ar.com>
Organization: Gandi
References: <NFBBLJNJELIAEBHKGJNMEEKPFJAA.michael@palage.com> <Pine.LNX.4.33.0302181346350.664-100000@flash.ar.com>
Sender: owner-registrars@dnso.org
User-Agent: Mutt/1.3.28i


If I may intervene, on a pure technical ground (without entering the
political debate here):

On Tue, Feb 18, 2003 at 02:11:17PM -0800, Rick Wesson took time to write:
> vested we are in the nomination of these canadates. Since both you and I
> have access to the vote results during the vote we can see who is voting
> for whom and who has changed their vote.

[..]

> If you are actively campaigning for one canadate while you have access to
> privileged information, your actions can create the appearance of a game.

There are ways to develop systems in which such cases can not appear.
If you want some background on that (which itself comes from
B. Schneier) with some code, please have a look at:
http://www.samag.com/documents/s=1131/sam05040003/

In short, it is possible (but not easy, nor foolproof in all
cases/instances) to build a secure Internet voting system in which:
1.Only authorized voters can vote. 
2.No one can vote more than once. 
3.No one can determine for whom anyone else voted. 
4.No one can duplicate anyone else's vote. 
5.No one can change anyone else's vote without being discovered. 
6.Every voter can verify that his vote has been taken into account in
the final tabulation. 

(with point 3 being the cruxial one here)

If the consistuency so wish one day, I would be more than pleased to
develop (under a GPL license) such a system tailored to our needs.
This offers has no time limit ;-)
And if you ask about my own hidden agenda on that, it is pure simple:
as a geek, I'm more interested in coding than in anything else ;-)
And this topic (online secure internet voting) seems very hot these
days.

I may even be able to host _part_ of its operation on my own computers
(which are not those of my current employers). But the system should
of course be built so that it does not depend on only one provider,
for reliability and security of voting.


On another note, about voting rights and such, I believe this is a
typical case in which a ``web of trust'' could be operated, basically
aroung PGP keys for each member, which could be cross signed during
physical meetings. The keys being valid only for one year, of course.
The voting system could then be programmed to allow vote to people
having a key signed by at least x (x>3 for example) other
consistuency's members.
Thus no fax needed, no burden on someone to process those fax, and no
possibility for game on that part.


Of course none of these technical solutions are enough by themselves 
to resolve problems that are not purely technical. So, perhaps, (new)
by-laws should deal more precisely about voting.

Hope that helps at little.

Patrick Mevzek
Gandi.

References:
- [registrars] RE: ballot games
  - From: "Michael D. Palage" <michael@palage.com>
- [registrars] RE: ballot games
  - From: Rick Wesson <wessorh@ar.com>
- [registrars] RE: ballot games
  - From: Rick Wesson <wessorh@ar.com>

<<< Chronological Index >>> <<< Thread Index >>>