Le 14/04/2021 à 18:57, Timo Röhling a écrit : > I certainly wouldn't mind if Stephane were willing to help us setup > a nifty e-voting solution and advise us on the best way to proceed.
I would be glad to help :-) > Correct me if I am wrong, but as far as I understood it, we cannot avoid > that *someone* in the project has the opportunity to connect ballots > with voters (because someone has to administrate the registrar), unless > we involve a third party in the credential generation. Indeed, in Belenios, the credential authority and the server have the opportunity to connect *encrypted* ballots with voters, but there is no known way to connect voters with their plaintext choices. > [...] the current scheme using pseudonym hashes is > almost good enough, it just lacks a way to prove that each pseudonym > really matches with exactly one voter. [...] This is difficult in general, but in Debian the voter list is public so I guess something can be done with logins and/or PGP keys. > With all that being said and having made my case, I am open for any > reasonably secure solution (including Belenios) that we can agree on, > and I will help implement it if I can. And I am open to make changes in Belenios if needed. Cheers, -- Stéphane
