On Mon, Apr 21, 2014 at 8:10 AM, Tom Ritter <[email protected]> wrote: > On 20 April 2014 17:11, Will Holcomb <[email protected]> wrote: > > So a voting site contacts the identity service and passes a list of user > > ids. It returns a list of ids such that there is an equivalent number of > > actual human voters. > > It seems like everything boils down to this step. > > 1. If the voting site lies about how many voters it's verified, it can get > extra identities than the 'one per human' goal. >
This could be mitigated largely by making the voting site open source. Then all you need to find is a deployer/host you can trust. 2. If the voting site tracks which identity it gives to which human, the > identity is trivially unmasked. > The voting site doesn't have access to the identities, only the identity service. > That's a lot of trust to place in the voting site. > Any sort of electronic voting will have to have some element of trust. You can't have a digital poll without *someone* collecting the votes. At least with a separation between identity verification and vote collecting you make it so people have to collude. I've been trying to figure out if there's a solution possible through doing away with the secrecy of the vote. The mechanism for allowing a person to avoid unsavory repercussions from their positions could be done by excluding identities from consideration. The user would create multiple identities, make one "real" and one publicly palatable, and then instruct the identity service to return the "real" one when a vote is taken. This would allow probing of the system because you could add a user id to the list and see if it kicks another out. That would be a fairly easy behavior to monitor for though if done large scale. -Will
_______________________________________________ p2p-hackers mailing list [email protected] http://lists.zooko.com/mailman/listinfo/p2p-hackers
