[Foundation] Electronic voting and identity verification

bauer at michaelbauer.com bauer at michaelbauer.com
Mon Oct 14 16:44:42 CDT 2002


The Board is going to be pretty neutral on this decision.  We are 
probably going to approve something that provides a minimal level of 
confidence in identification.  Convenience is going to be pretty important 
in our decision-making as well.   

But really, this is up to those of you putting this together.  Peter, 
really, I think you need to provide the guidance here because whatever you 
recommend is probably going to happen.  From my perspective, I think 
PGP/GPG keys are overkill and kind of a pain to use.  Simple username and 
login would suffice as far as I'm concerned.  


On Fri, 11 Oct 2002, Thomas Muldowney wrote:

> I thought this was the plan of action as well.  I even modified and
> installed pks on jabber.org to house our keys.  When I said that I was
> complete with that there was some grumbling in jdev about it.  So I
> don't know what the official plan is now.  Secretary?  Board?  Care to
> lay out a course?
> 
> --temas
> 
> 
> On Fri, Oct 11, 2002 at 04:03:52PM -0500, Casey Crabb wrote:
> > With the recent passing of an ammendment to allow for electronic voting 
> > such that the secretary can verify one's identity, I propose that we use 
> > PGP/GPG keys and signatures for verification. It solves the problem of 
> > identity and has stood the test of time. We have protocol support for 
> > point-to-point encryption, so jabber is able to speak in signed and 
> > encrypted messages so long as the clients support that part of the protocol.
> > 
> > For this to work, each jsf member would need to provide a public key to 
> > the secretary, who will put it in a keyserver that the jsf runs. This 
> > keyserver should have public access to request keys, but not to submit them.
> > 
> > Then a jabber/email-bot could be created that speaks point-to-point 
> > encryption over both jabber and email. This bot would have a key of its 
> > own that can be used to encrypt message to it. This bot could then be 
> > responsible for running votes. The bot should keep full logs of messages 
> > and emails so that votes can be independantly tallied.
> > 
> > I think these are the goals that need to be accomplished:
> > 1) Write down why we think we need gpg/pgp keys for jsf members
> > 2) send that out for discussion
> > 3) Collect keys from jsf members and put them in our keyserver
> > 4) develop replacement for memberbot that understands gpg encrypted 
> > jabber messages AND can deal with a mail spool so people can email in 
> > votes as well..
> > 5) test system with a dummy vote
> > 
> > There are probably others, and those may be out of order, but I think 
> > those are necessary.
> > 
> > I hope to have stared #1, and #2 with this email.
> > 
> > Thoughts/flames?
> > 
> > --
> > Casey
> > 
> > _______________________________________________
> > Members mailing list
> > Members at jabber.org
> > http://mailman.jabber.org/listinfo/members
> 

-- 
--------------------------------------------------------------------------
Michael Bauer     bauer at michaelbauer.com       http://www.michaelbauer.com




More information about the Members mailing list