Re: Secret votes HOWTO
Seth Arnold <firstname.lastname@example.org> writes:
> * lantz moore <email@example.com> [010403 14:16]:
> > i was just pointing out that if someone does use someone else's name/email
> > as their password, temporary confusion will ensue.
> If you can figure out how to get an email address + user-supplied random
> data (even if not very random :) + server-supplied random data
> (important to be random) out of a single md5/sha1 hash, then hats off to
> you. :)
that is true, however, i don't believe that is relevant to the particular
proposal that was being discussed:
peter karlsson <firstname.lastname@example.org> writes:
> Standard procedure to do secret votes in other communities where secret
> electronic votes have been wished has been for each voter to supply
> their own secret password (any alphanumeric string), which was then
> published along with the vote. Those wishing to be non-anonymous
> usually supplied their name and address as password.
the "secret key" is not necessarily a hashed value but is "any
alphanumeric string." this is a key point wrt my earlier comments. i
apologize if i wasn't clear enough.