[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [election-services] Further musings on the need for VVPAT...
Simon, That's exactly my thinking. Due diligence is required of course. And trust is an essential element. Here in the USA they make a big event out of tax day and processing returns. The post office have staff in the roadway outside the post office till midnight - collecting envelopes - issuing receipts and taking money right there in the street. We all know our local staff and its very much a hands-on event. No reason why you could not have a similar special dispatch around the postal votes too. And as you say its a community thing and that adds to the whole event. You vote at work - and then you drop the envelope off later that day to catch the deadline for the mail-in votes Freepost. I think the USPS error rate on this would be very low. DW ----- Original Message ----- From: "Simon Bain" <sibain@tendotzero.com> To: "David Webber (XML)" <david@drrw.info> Cc: <election-services@lists.oasis-open.org> Sent: Thursday, February 24, 2005 9:54 AM Subject: Re: [election-services] Further musings on the need for VVPAT... > Ahhh Perception is king, I am afraid. > > OK lets look at the "I really have no way too of knowing - just > because I got that email - that my vote was really > recorded that way electronically into the system". true, But nor do you if > you post it. > > Has the post lost it??? I have a camera at this moment somewhere in USPS > vans lost now for 5 weeks. Our post office here loses Millions of letters > a year. > > Has the little man or lady really verified it or have they just got bored > and thrown it away. > > At some point a person has to start believing in something, or at least a > combination of 2 things which is why I like the dual approach. However I > do not see that postal on its own is viable, (UK experience). But I do see > it as being a very good method of verification for e-Voting methods. Which > can be made secure and easy to use. > > Bring the 2 together and maybe perception will change. Just as it has with > online purchasing. > > Cheers > Simon > > > <quote who="David Webber \(XML\)"> > > Simon, > > > > OK - neato method - certainly an option to give > > people voting remotely. Personally I'd still > > feel edgy about typing in my email address...as > > I have no guarantee what the client software is > > really doing with it. > > > > However - I really have no way too of knowing - just > > because I got that email - that my vote was really > > recorded that way electronically into the system. > > That of course is the point of having the paper > > record in my hand and submitting it as verification. > > > > Cheers, DW > > > > > > ----- Original Message ----- > > From: "Simon Bain" <sibain@tendotzero.com> > > To: "David Webber (XML)" <david@drrw.info> > > Cc: <election-services@lists.oasis-open.org> > > Sent: Thursday, February 24, 2005 9:35 AM > > Subject: Re: [election-services] Further musings on the need for VVPAT... > > > > > >> David hi. > >> > >> On point 1 you are only partially correct. Yes some part of the process > >> must have details of where to send a confirmation. However not all of > >> the > >> process needs this. In fact it is far better if only one part does. > >> > >> User logs in by a PC passing their login credentials. > >> Server verifies them and sets up a session on a remote database which is > >> encrypted by a hash set at the time the process was started at login. > >> This > >> has with it a SessionId which is internal to the process. > >> > >> This SessionId is passed with seperate undisclosed and unknown (Created > >> at > >> this time) details to the voting server which registers the vote and > >> passes back the SessionId to the verification server. It matches the 2 > >> and > >> responds with a "great thanks very much" or an "O I have screwed up" > >> email. > >> > >> The Voting server has no idea who the user is and does not need to know. > >> The SessionId dies before the confirmation email is sent as does the > >> session on the database, which itself holds no identifying details. > >> > >> Yes somebody could hack in at this point. But to decrypt thi slot would > >> take one hell of a rack of servers, a while and details of at least 3 > >> seperate IP addressess and login details. > >> > >> Cheers > >> Simon > >> > >> > >> <quote who="David Webber \(XML\)"> > >> > More from the Vote Here discussions today. > >> > > >> > Here's what I compiled to support the need for paper > >> > in an all digital process involving DREs only! > >> > > >> > DW > >> > > >> > 1) You cannot have an anonymous trusted verifiable computer > >> > process. eBanking works because it is not anonymous. > >> > Every eProcess out there gets to know your email > >> > address or account ID to send a confirmation > >> > somewhere in the process. If it does not send a > >> > confirmation - then you have no verification - the > >> > DRE is thus reduced to an entertaining arcade > >> > gaming machine - for which you have no > >> > guarantees to actually what reality is. > >> > That theoretical stumbling block is key to > >> > understanding the need for a verifiable paper record > >> > in anonymous voting systems. > >> > > >> > 2) Voters need trust (and US Gov HAVA demands it). > >> > Paper is the most trusted mechanism everywhere. > >> > > >> > 3) The banks have a trusted process that handles > >> > billions of paper cheques annually. Their error rates > >> > are infintesimally small. These technologies are > >> > simple, proven and secure. We need to base a > >> > trusted voting process around such crosschecking > >> > and accounting methods. There will always be > >> > enticing exotic proprietary and uncertified and > >> > potentially compromisable technologies offered > >> > up - but a trusted process needs to be simple > >> > and obvious. > >> > > >> > 4) We need to develop open public specifications > >> > so that there is an open marketplace for solution > >> > providers. This is the lesson of railways, telephones, > >> > automobiles and electricity. The software industry is > >> > no different. > >> > > >> > > >> > > >> > To unsubscribe from this mailing list (and be removed from the roster > >> of > >> > the OASIS TC), go to > >> > > > http://www.oasis-open.org/apps/org/workgroup/election-services/members/leave_workgroup.php. > >> > > >> > >> > >> -- > >> Simon Bain > >> TENdotZERO > >> 0845 056 3377 > >> 44 1234 359090 > >> 44 (0) 7793 769 846 > >> > >> To unsubscribe from this mailing list (and be removed from the roster of > > the OASIS TC), go to > > http://www.oasis-open.org/apps/org/workgroup/election-services/members/leave_workgroup.php. > >> > >> > >> > > > > > > > -- > Simon Bain > TENdotZERO > 0845 056 3377 > 44 1234 359090 > 44 (0) 7793 769 846 > > To unsubscribe from this mailing list (and be removed from the roster of the OASIS TC), go to http://www.oasis-open.org/apps/org/workgroup/election-services/members/leave_workgroup.php. > > >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]