[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [election-services] Further musings on the need for VVPAT...
Simon, I think we are violently agreeing here. The whole point is not to over specify the process - only define the gates and wickets that have to be passed through and the XML associated with those. So long as those principles of the trusted process are met then we don't care really how it is done in practice on the ground - the key with an open process is that it should encourage resourceful use of local means while enabling the standards to work and a result obtained that can be shown to produce artifacts and methods that conform to the specifications. Thanks, DW ----- Original Message ----- From: "Simon Bain" <sibain@tendotzero.com> To: "David Webber (XML)" <david@drrw.info> Cc: <election-services@lists.oasis-open.org> Sent: Thursday, February 24, 2005 3:25 PM Subject: Re: [election-services] Further musings on the need for VVPAT... > Hi. > > What I am saying is > > "or figure out some other way of mailing ballots" > > That on that particular part and on other parts which are associated with > the actual doing, then this should be left up to the individual election > managers and should not be part of the process, as in my belief it could > denegrade from what is a very valuable addition. Allong with other > processes which themselves can be seperated out as messages from the > actual doing. > > The addition of these will greatly enhance EMLs take up, and not make it > look like a standard which is trying to rule the way people work. > > As for getting local communities involved I would second that. I know that > here (UK) and in the the main cities of Canada getting communities working > together can be an uphill challenge but once there, worth every last > minute of the grief. > > So the more we can get involvment into EML the better. > > All the best > Simon > > <quote who="David Webber \(XML\)"> > > Simon, > > > > I'm only too aware of that. However the USA has this > > habit of trying to make everyone else into their model. > > > > That said - of course each country is going to vary this - > > it could be as simple as a special window at the post office, > > or a box, and extending hours on that one day to permit > > extra deliveries - most of them do that for Christmas > > and other special holidays. > > > > If that's impossible - guess what - everyone has to > > either go to the polling station - or figure out some other > > way of mailing ballots. > > > > I was merely illustrating what might work - not what is > > perscribed as the only way to do it! > > > > The lesson I was trying to impart was - the more you > > can involve the local community in the process the more > > EML will succeed. > > > > The last thing people need is some heavily guarded EML > > truck with a satellite dish on top turning up in their > > neighborhood and being told they can step inside to vote.... > > > > Who is trusting who?!? > > > > DW > > > > ----- Original Message ----- > > From: "Simon Bain" <sibain@tendotzero.com> > > To: "David Webber (XML)" <david@drrw.info> > > Cc: <election-services@lists.oasis-open.org> > > Sent: Thursday, February 24, 2005 2:31 PM > > Subject: Re: [election-services] Further musings on the need for VVPAT... > > > > > >> David. > >> > >> Please remember the rest of the world as well. A "standard is only a > >> true > >> standard if it is open to all. EML should not just be for the ODPM's > >> office in the UK to run with and drop at will, nor should it be the sole > >> property of the US and it's ways. If a standard is to work it has to be > >> cross border just like XML (£ and $ aside :-) ) is and html. That > >> is > >> one of the reasons that they are both so widely taken up. > >> > >> You know the UK well. Can you imagine our post office staff waiting for > >> tax returns and collecting the money? They would riot, and I really > >> cannot > >> see myself handing a voting paper to some guy (or lady) on the corner of > >> a > >> Moscow street come polling day. > >> > >> I believe for EML really to take hold it has to stay nationally > >> independent, something that in my humble oppinion it has struggled to > >> do, > >> and it should concern itself with the message format and also the > >> message > >> process. This I believe includes the dual process e-Vote and paper > >> confirmation which I agree with. Processes should be looked into and > >> where > >> appropriate added. However the implementation of these should be left to > >> the election managers. I do not believe that EML has a place for > >> implementation of the standard. Guidelines to its' use yes. > >> Specification > >> no. This should be down to individual countries laws and where an > >> organisation uses EML down to their own rules and internal regulations. > >> > >> Cheers > >> Simon > >> <quote who="David Webber \(XML\)"> > >> > Simon, > >> > > >> > That's exactly my thinking. Due diligence is required > >> > of course. And trust is an essential element. > >> > > >> > Here in the USA they make a big event out of tax day > >> > and processing returns. The post office have staff in > >> > the roadway outside the post office till midnight - > >> > collecting envelopes - issuing receipts and taking > >> > money right there in the street. We all know our > >> > local staff and its very much a hands-on event. > >> > > >> > No reason why you could not have a similar special > >> > dispatch around the postal votes too. And as you > >> > say its a community thing and that adds to the whole > >> > event. You vote at work - and then you drop the > >> > envelope off later that day to catch the deadline for > >> > the mail-in votes Freepost. I think the USPS error > >> > rate on this would be very low. > >> > > >> > DW > >> > > >> > ----- Original Message ----- > >> > From: "Simon Bain" <sibain@tendotzero.com> > >> > To: "David Webber (XML)" <david@drrw.info> > >> > Cc: <election-services@lists.oasis-open.org> > >> > Sent: Thursday, February 24, 2005 9:54 AM > >> > Subject: Re: [election-services] Further musings on the need for > > VVPAT... > >> > > >> > > >> >> Ahhh Perception is king, I am afraid. > >> >> > >> >> OK lets look at the "I really have no way too of knowing - just > >> >> because I got that email - that my vote was really > >> >> recorded that way electronically into the system". true, But nor do > >> you > >> >> if > >> >> you post it. > >> >> > >> >> Has the post lost it??? I have a camera at this moment somewhere in > > USPS > >> >> vans lost now for 5 weeks. Our post office here loses Millions of > >> >> letters > >> >> a year. > >> >> > >> >> Has the little man or lady really verified it or have they just got > >> >> bored > >> >> and thrown it away. > >> >> > >> >> At some point a person has to start believing in something, or at > >> least > >> >> a > >> >> combination of 2 things which is why I like the dual approach. > >> However > > I > >> >> do not see that postal on its own is viable, (UK experience). But I > >> do > >> >> see > >> >> it as being a very good method of verification for e-Voting methods. > >> >> Which > >> >> can be made secure and easy to use. > >> >> > >> >> Bring the 2 together and maybe perception will change. Just as it has > >> >> with > >> >> online purchasing. > >> >> > >> >> Cheers > >> >> Simon > >> >> > >> >> > >> >> <quote who="David Webber \(XML\)"> > >> >> > Simon, > >> >> > > >> >> > OK - neato method - certainly an option to give > >> >> > people voting remotely. Personally I'd still > >> >> > feel edgy about typing in my email address...as > >> >> > I have no guarantee what the client software is > >> >> > really doing with it. > >> >> > > >> >> > However - I really have no way too of knowing - just > >> >> > because I got that email - that my vote was really > >> >> > recorded that way electronically into the system. > >> >> > That of course is the point of having the paper > >> >> > record in my hand and submitting it as verification. > >> >> > > >> >> > Cheers, DW > >> >> > > >> >> > > >> >> > ----- Original Message ----- > >> >> > From: "Simon Bain" <sibain@tendotzero.com> > >> >> > To: "David Webber (XML)" <david@drrw.info> > >> >> > Cc: <election-services@lists.oasis-open.org> > >> >> > Sent: Thursday, February 24, 2005 9:35 AM > >> >> > Subject: Re: [election-services] Further musings on the need for > >> > VVPAT... > >> >> > > >> >> > > >> >> >> David hi. > >> >> >> > >> >> >> On point 1 you are only partially correct. Yes some part of the > >> >> process > >> >> >> must have details of where to send a confirmation. However not all > > of > >> >> >> the > >> >> >> process needs this. In fact it is far better if only one part > >> does. > >> >> >> > >> >> >> User logs in by a PC passing their login credentials. > >> >> >> Server verifies them and sets up a session on a remote database > > which > >> > is > >> >> >> encrypted by a hash set at the time the process was started at > > login. > >> >> >> This > >> >> >> has with it a SessionId which is internal to the process. > >> >> >> > >> >> >> This SessionId is passed with seperate undisclosed and unknown > >> >> (Created > >> >> >> at > >> >> >> this time) details to the voting server which registers the vote > >> and > >> >> >> passes back the SessionId to the verification server. It matches > >> the > >> >> 2 > >> >> >> and > >> >> >> responds with a "great thanks very much" or an "O I have screwed > >> up" > >> >> >> email. > >> >> >> > >> >> >> The Voting server has no idea who the user is and does not need to > >> > know. > >> >> >> The SessionId dies before the confirmation email is sent as does > >> the > >> >> >> session on the database, which itself holds no identifying > >> details. > >> >> >> > >> >> >> Yes somebody could hack in at this point. But to decrypt thi slot > >> >> would > >> >> >> take one hell of a rack of servers, a while and details of at > >> least > > 3 > >> >> >> seperate IP addressess and login details. > >> >> >> > >> >> >> Cheers > >> >> >> Simon > >> >> >> > >> >> >> > >> >> >> <quote who="David Webber \(XML\)"> > >> >> >> > More from the Vote Here discussions today. > >> >> >> > > >> >> >> > Here's what I compiled to support the need for paper > >> >> >> > in an all digital process involving DREs only! > >> >> >> > > >> >> >> > DW > >> >> >> > > >> >> >> > 1) You cannot have an anonymous trusted verifiable computer > >> >> >> > process. eBanking works because it is not anonymous. > >> >> >> > Every eProcess out there gets to know your email > >> >> >> > address or account ID to send a confirmation > >> >> >> > somewhere in the process. If it does not send a > >> >> >> > confirmation - then you have no verification - the > >> >> >> > DRE is thus reduced to an entertaining arcade > >> >> >> > gaming machine - for which you have no > >> >> >> > guarantees to actually what reality is. > >> >> >> > That theoretical stumbling block is key to > >> >> >> > understanding the need for a verifiable paper record > >> >> >> > in anonymous voting systems. > >> >> >> > > >> >> >> > 2) Voters need trust (and US Gov HAVA demands it). > >> >> >> > Paper is the most trusted mechanism everywhere. > >> >> >> > > >> >> >> > 3) The banks have a trusted process that handles > >> >> >> > billions of paper cheques annually. Their error rates > >> >> >> > are infintesimally small. These technologies are > >> >> >> > simple, proven and secure. We need to base a > >> >> >> > trusted voting process around such crosschecking > >> >> >> > and accounting methods. There will always be > >> >> >> > enticing exotic proprietary and uncertified and > >> >> >> > potentially compromisable technologies offered > >> >> >> > up - but a trusted process needs to be simple > >> >> >> > and obvious. > >> >> >> > > >> >> >> > 4) We need to develop open public specifications > >> >> >> > so that there is an open marketplace for solution > >> >> >> > providers. This is the lesson of railways, telephones, > >> >> >> > automobiles and electricity. The software industry is > >> >> >> > no different. > >> >> >> > > >> >> >> > > >> >> >> > > >> >> >> > To unsubscribe from this mailing list (and be removed from the > >> >> roster > >> >> >> of > >> >> >> > the OASIS TC), go to > >> >> >> > > >> >> > > >> > > > http://www.oasis-open.org/apps/org/workgroup/election-services/members/leave_workgroup.php. > >> >> >> > > >> >> >> > >> >> >> > >> >> >> -- > >> >> >> Simon Bain > >> >> >> TENdotZERO > >> >> >> 0845 056 3377 > >> >> >> 44 1234 359090 > >> >> >> 44 (0) 7793 769 846 > >> >> >> > >> >> >> To unsubscribe from this mailing list (and be removed from the > > roster > >> > of > >> >> > the OASIS TC), go to > >> >> > > >> > > > http://www.oasis-open.org/apps/org/workgroup/election-services/members/leave_workgroup.php. > >> >> >> > >> >> >> > >> >> >> > >> >> > > >> >> > > >> >> > >> >> > >> >> -- > >> >> Simon Bain > >> >> TENdotZERO > >> >> 0845 056 3377 > >> >> 44 1234 359090 > >> >> 44 (0) 7793 769 846 > >> >> > >> >> To unsubscribe from this mailing list (and be removed from the roster > > of > >> > the OASIS TC), go to > >> > > > http://www.oasis-open.org/apps/org/workgroup/election-services/members/leave_workgroup.php. > >> >> > >> >> > >> >> > >> > > >> > > >> > >> > >> -- > >> Simon Bain > >> TENdotZERO > >> 0845 056 3377 > >> 44 1234 359090 > >> 44 (0) 7793 769 846 > >> > >> To unsubscribe from this mailing list (and be removed from the roster of > > the OASIS TC), go to > > http://www.oasis-open.org/apps/org/workgroup/election-services/members/leave_workgroup.php. > >> > >> > >> > > > > > > > -- > Simon Bain > TENdotZERO > 0845 056 3377 > 44 1234 359090 > 44 (0) 7793 769 846 > >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]