[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Accountability and the secret ballot


        People who have successfully voted may have noticed that the
 ack contained a secret token, which is meant to be unique to each
 voter. The idea is that a list of voters is published, as well as a
 tally sheet of votes, with a secret token instead of voter
 names. People can verify that the tally sheet contains as many votes
 as there are voters, and people can verify their own votes. (echelon
 can be sued to verify the uid's sent mail in to vote.debian.org as

	The tally like would look like:
V: 1234    md5sum (voter_uid + secret token)

	(Thanks to AJ for the md5sum suggestion). This means that the
 secretary can't manufacture tokens based on the vote cast, in order
 to have one line represent a bunch of voters with identical votes, in
 order to manufacture N -1 spurious votes to bias the election.

	Any way, the developers can always appoint an auditor to
 recreate the vote process starting from the original, signed messages
 (assuming I have not rearranged them -- so an older vote overrides a
 newer one, and the developer did not check).  We still should have
 the ballots sent to a second location not under control of the
 secretary so such reordering is not feasible (it is hard to design a
 protocol to protect the vote from a malicious secretary).

 Procrastination is the art of keeping up with yesterday. George
Manoj Srivastava   <srivasta@debian.org>  <http://www.debian.org/%7Esrivasta/>
1024R/C7261095 print CB D9 F4 12 68 07 E4 05  CC 2D 27 12 1D F5 E8 6E
1024D/BF24424C print 4966 F272 D093 B493 410B  924B 21BA DABB BF24 424C

To UNSUBSCRIBE, email to debian-vote-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to: