Re: VeriSign tapped to secure Internet voting
> Schu stressed that several layers of security will prevent hackers from > accessing the system. VeriSign will house the security servers in its own > hosting centers. The company will ask military personnel to use their > Common Access Cards--the latest form of ID for the military--to access > the system and cast a vote. Civilians will use digital signatures. So how will these civilians get a certified public key, and how will the private key be protected? Is there a special policy for the issuance of these kind of certificates? --Anton - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Re: VeriSign tapped to secure Internet voting
On Wednesday 01 October 2003 19:53, Ian Grigg wrote: > "Roy M. Silvernail" wrote: > > On Wednesday 01 October 2003 17:33, R. A. Hettinga forwarded: > > > VeriSign tapped to secure Internet voting > > > > > > "The solution we are building will enable absentee voters to exercise > > > their right to vote," said George Schu, a vice president at VeriSign. > > > "The sanctity of the vote can't be compromised nor can the integrity of > > > the system be compromised--it's security at all levels." > > > > One would wish that were a design constraint. Sadly, I'm afraid it's > > just a bullet point from the brochure. > > It's actually quite cunning. The reason that this > is going to work is because the voters are service > men & women, and if they attack the system, they'll > get their backsides tanned. Good observation. I missed that one. > Basically, it should > be relatively easy to put together a secure voting > application under the limitations, control structures > and security infrastructure found within the US military. > > It would be a mistake to apply the solution to wider > circumstances, and indeed another mistake to assume > that Verisign had anything to do with any purported > "success" in "solving" the voting problem. Definitely, but I can see Verisign doing both. The rabbit hole gets ever deeper. - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Re: VeriSign tapped to secure Internet voting
"Roy M. Silvernail" wrote: > > On Wednesday 01 October 2003 17:33, R. A. Hettinga forwarded: > > > VeriSign tapped to secure Internet voting > > > "The solution we are building will enable absentee voters to exercise > > their right to vote," said George Schu, a vice president at VeriSign. "The > > sanctity of the vote can't be compromised nor can the integrity of the > > system be compromised--it's security at all levels." > > One would wish that were a design constraint. Sadly, I'm afraid it's just a > bullet point from the brochure. It's actually quite cunning. The reason that this is going to work is because the voters are service men & women, and if they attack the system, they'll get their backsides tanned. Basically, it should be relatively easy to put together a secure voting application under the limitations, control structures and security infrastructure found within the US military. It would be a mistake to apply the solution to wider circumstances, and indeed another mistake to assume that Verisign had anything to do with any purported "success" in "solving" the voting problem. iang - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Re: VeriSign tapped to secure Internet voting
On Wednesday 01 October 2003 17:33, R. A. Hettinga forwarded: > VeriSign tapped to secure Internet voting > "The solution we are building will enable absentee voters to exercise > their right to vote," said George Schu, a vice president at VeriSign. "The > sanctity of the vote can't be compromised nor can the integrity of the > system be compromised--it's security at all levels." One would wish that were a design constraint. Sadly, I'm afraid it's just a bullet point from the brochure. - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
VeriSign tapped to secure Internet voting
<http://msnbc-cnet.com.com/2102-1029_3-5083772.html?tag=3Dni_print> VeriSign tapped to secure Internet voting=20 By Robert Lemos=20 Staff Writer, CNET News.com=20 http://news.com.com/2100-1029-5083772.html=20 VeriSign announced Monday that it will provide key components of a system d= esigned to let Americans abroad cast absentee votes over the Internet.=20 The contract was granted by consulting firm Accenture, which is working wit= h the U.S. Department of Defense on a voting system known as the Secure Ele= ctronic Registration and Voting Experiment . When completed, the system wil= l allow absentee military personnel and overseas Americans from eight parti= cipating states to cast their votes in the 2004 general election.=20 "The solution we are building will enable absentee voters to exercise their= right to vote," said George Schu, a vice president at VeriSign. "The sanct= ity of the vote can't be compromised nor can the integrity of the system be= compromised--it's security at all levels."=20 VeriSign has been selected to host the servers and information needed to au= thenticate voters and ensure that they cast only one vote. Internet and el= ectronic voting systems are notoriously hard to secure. In July, researcher= s at Johns Hopkins University raised extensive security issues with a leadi= ng electronic voting system manufactured by Diebold Election Systems.=20 Schu stressed that several layers of security will prevent hackers from acc= essing the system. VeriSign will house the security servers in its own host= ing centers. The company will ask military personnel to use their Common Ac= cess Cards--the latest form of ID for the military--to access the system an= d cast a vote. Civilians will use digital signatures.=20 Overseas U.S. citizens from Arkansas, Florida, Hawaii, Minnesota, North Car= olina, South Carolina, Utah and Washington will be able to use the system t= o cast votes.=20 Related News=20 Voting machine fails inspection=9A=9A July 24, 2003=20 http://news.com.com/2100-1009-5054088.html=20 Tech glitches don't mar Florida vote=9A=9A November 6, 2002=20 http://news.com.com/2100-1023-964609.html=20 Tech makes its mark at the ballot box=9A=9A November 6, 2002=20 http://news.com.com/2009-1023-964723.html=20 U.K. puts online voting to the test=9A=9A April 26, 2002=20 http://news.com.com/2110-1023-893093.html=20 Toward digital democracy=9A=9A November 6, 2001=20 http://news.com.com/2009-1023-275348.html=20 Get this story's "Big Picture"=20 http://news.com.com/2104-1029-5083772.html=20 --=20 - R. A. Hettinga The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]