[Elections] Re: Who votes? how does voting work?

Peter Crowther Peter at ozzard.org
Thu Dec 29 23:51:56 CET 2005 

> From: [...] Daniel Vainsencher
> First, we don't represent the board, so we don't make their 
> impression, they do.

No; we are merely constructing an artifact, partially on their behalf.

> But I agree with what you say - we don't want to create 
> artificial delays in the progress on the security front, because it 
> determines when the system starts being a real tool for the community.
> 
> On the other hand, you don't at all address my reason for keeping 
> security out - it is complicated. And for a system to 
> succeed, nothing 
> is more important than that it be simple in the beginning. Simple so 
> implementation gets finished, simple so people get it enough 
> to see why its useful.

"Everything should be as simple as possible, but not simpler than that."
-- Einstein

For a system to succeed, in my experience, it has to be sufficiently
useful to its target audience that the members of that audience are each
willing to invest the effort required to make the system work.
Typically they are willing to invest that time because there is benefit
to themselves.

Let's try a different artifact.  Most 'mildly-secure' systems consist of
the following:

- Registration with username and password;

- A request for an email address;

- A challenge to that email address to check that someone there sent the
request;

- An admonition not to publish the password;

- A requirement to log in with username and password in order to make
use of the secured resource.

This is absolutely not hacker-proof - I could compromise it in many
different ways.  Yet, for voting, it probably wouldn't be worth my
while.  So let's consider that our target for a 'mildly-secure' system
for a moment and see how much of it we already have:

- SqP already asks for username/password/email;

- SqP does not validate the email address;

- SqP already requires secured access in order to make use of the
secured resource;

- SqP already has things on which one can register an opinion, namely
people and projects.

OK, so how about adding 'referenda' as a new kind of thing on which
opinions can be registered, giving people the option to validate their
email address, and calling that system our 'version 1' voting system?
Yes, I accept that we still have to construct our initial set of voters;
but I suspect that is going to be the case with any system, and I note
that it is conceptually independent of any existing ranking system on
SqP.

> Doing security right requires more time and 
> expertise than I can muster, so we need someone else to do/push that 
> one. Do you want to?

Within the time I have available, and with the understanding that I am
paranoid, have worked on security in the past, but cannot be considered
a security expert... I'm willing to do so.

> I will update the spec to allow the voters 
> to be specified as a simple string, with
> 'dvf danielv at tx.technion.ac.il 123456
> ls lex at lexspoon.org 654321
> ?? Peter at ozzard.org 346098' as the initial value.
> 
> Agreed?

Not yet - I'd like some clarification.  What are the values here?  The
first set appear to be initials, and may correspond to an account on SqP
(although my usename on SqP is not my initials).  The second is an email
address.  The third?

		- Peter

More information about the Elections mailing list