OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

election-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Link to EU requirements for voting


I think this is the document referenced on Monday's call.

I will assume so.

An excellent set of fundamental requirements.

Item # 59 certainly is very appropo for the US right now.

Item # 66 also key.

I think items #94 and #95 need to be updated in lieu of the
trusted logic process - to ensure integrity - basically - this needs
to say more about how this processing is conducted.

Item #96 is problematically worded - I think it needs to reference
central counting facilities.  Local voting media and storage should
be closed once the poll closes.  Secure transfer of counting media,
or digital counts via networks, probably needs to be called out.

Item #100 needs to be expanded to detail exactly what types
of audit mechanisms are needed as a minimum.  Cross-checking
of 3 count sources and 100% counting is obviously what the
trusted logic calls for to ensure accuracy and integrity.

Item #107 could be construed as requiring what Item #100
finesses here.

Item #102 - Yes - I love it!

Things missing:

1) Explicit reference to the importance of using
    write-once media for vote logging - either paper or digital.

2) Need for voters to be able to physically verify their vote
    directly - not in-directly - via paper ballot or equivalent
    physical representation of an actual ballot - not an
    electronic ephemeral representation, and to cast that
    physical representation by hand.

3) Need to separate the layers of the process - so the same
    component provider is not doing all vote creating, printing,
    and counting the total votes (no single source provider).

4) Need to use two party process and trusted logic
    principle so that the voter can verify that the digital voting
    choice recorded by their interaction with the first party process
    matches the physical voting choice they selected and
    confirmed to them by the second, separate, party to the process.
    A physical representation of the vote should result from this process
    that the voter can directly verify.

5) Need to compare 100% of all counts - electronic and physical ballot
    counts and electoral record counts to ensure they tally.  (Partial
    will not reveal the required level of support of detection of errors).

6) Explicit call-out of the need to avoid sequential processing information
    compromising vote privacy and anonymonity.

Did I miss anything here?


Gives more resolution on specific items, all of which is more goodness in
support of the first document.

The only issue is item #169 - this may compromise the earlier requirement to
prevent re-construction of a voting event.

Critically Items #180 and #181 can be used to insist on items 3), 4) and 5)

Overall the level of detail is superb - particularly the threat matrix.

Next - I will move to create something that embodies the fusion of these EU
documents, with the
trusted logic process and the EML 4.0 formats - so that we can see how these
are all met together.

That's going to take me a day or so here!

Thanks, DW

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]