[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: RE: Things to do - Requirement Document. Security.
Hi,
> Good comments. Here are my observations.
>
> 1. We would add audit as another section. While we are
>on this subject,
>what other sections do you see for the req document ?
Another section where? To the document or to security? I personally
think it has to be addressed with security.
> 2. The partial encryption is to *selectively* expose
>information. For
>example for statistics purpose, one might have to look at the county
>information, but not the actual voting. So there could be two encryptions -
>one for county and one for actual vote. Again, the point is, we should not
>make it *impossible* to do partial encryption. For all we know, we might do
>full encryption.
Some confusion I think.... we need to distinguish between
communications/transport level encryption and data/information level
encryption. I was talking about transport level but you clearly
aren't ;-)
But I agree, keep the options open.
regards,
Jason
--
The FREE e-democracy project
----------------------------------------
http://www.free-project.org
----------------------------------------
secure, private and reliable Free Software
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC