Re: DEP-16 Confidential votes
Le 14/04/2021 à 18:57, Timo Röhling a écrit :
> I certainly wouldn't mind if Stephane were willing to help us setup
> a nifty e-voting solution and advise us on the best way to proceed.
I would be glad to help :-)
> Correct me if I am wrong, but as far as I understood it, we cannot avoid
> that *someone* in the project has the opportunity to connect ballots
> with voters (because someone has to administrate the registrar), unless
> we involve a third party in the credential generation.
Indeed, in Belenios, the credential authority and the server have the
opportunity to connect *encrypted* ballots with voters, but there is no
known way to connect voters with their plaintext choices.
> [...] the current scheme using pseudonym hashes is
> almost good enough, it just lacks a way to prove that each pseudonym
> really matches with exactly one voter. [...]
This is difficult in general, but in Debian the voter list is public so
I guess something can be done with logins and/or PGP keys.
> With all that being said and having made my case, I am open for any
> reasonably secure solution (including Belenios) that we can agree on,
> and I will help implement it if I can.
And I am open to make changes in Belenios if needed.