Re: Secret votes HOWTO

[Anton Zinoviev <anton@lml.bas.bg>]

On  1.IV.2001 at 00:27 Anthony Towns wrote:
> On Sat, Mar 31, 2001 at 04:21:30PM +0200, Roland Mas wrote:
> > > > Name: Anton Zinoviev
> > > > Email: zinoviev@debian.org
> > > > Id: zinoviev
> > > > Ballot: 231
> > > > VoteNumber: 159  <-- this is new information.
> > If we want to go that way, I suggest that the vote number be
> > randomised, so as not to allow people to guess who voted for whom from
> > the vote number (which seems to be related to the date/time the vote
> > was received in the proposed scheme).
> 
> Of course, if you were really paranoid, you'd wonder if the secretary
> might be carefully choosing the numbers so that people who vote the same
> way end up with the same number, and thus the secretary gets a free vote
> to do with as he will; in which case it should be the voter who gets to
> choose the random number, and it would want to be longer than just a few
> digits to avoid collisions.

After the list of votes there is a list of the voted developers.  You
can check that:

	1. The numbers of the voted developers and the number of votes
are equal.
	2. The list of voted developers is list of real developers.

And:

	3. Someone (not the secretary) sends a message to every voted
developer with the following contents: "You have been voted.  Please
check that your vote at http://......debian.org/..... is correct."
	4. If I see that my vote is not correct, I can say: "Please,
make my GPG-signed vote public and you will see that the table of votes
is wrong."

I don't care exactly what protection against future malpraktice of the
secretary Debian will choose, but it is needed.  It is protection for
the secretary too.  What would happend if Raul hadn't made the votes
public and I said to him: "You have tampered the votes! That result is
imposible!".  That throws shade over the reputation Debian has.

Anton Zinoviev, zinoviev@debian.org