Re: Vote for the Debian Project Leader Election 2005

2005-04-11 Thread Manoj Srivastava 
On Mon, 11 Apr 2005 10:33:46 +0200, Andreas Barth <[EMAIL PROTECTED]> said: 

> * Bill Allombert ([EMAIL PROTECTED]) [050411 00:20]:
>> On Tue, Apr 05, 2005 at 07:44:08PM -0600, Wesley J. Landaker wrote:
>> > >  No, that would be stupid. This is why we have a guard against
>> > >  replay attacks.
>> > 
>> > But if the original vote that was signed and posted publicly was
>> > never sent in, then there wouldn't be any record of the vote--so
>> > if it was sent in at the last minute, devotee would be seeing it
>> > for the first time...
>> 
>> Packages upload have a simlar issue: if you sign a package and put
>> it on a public server, anyone can upload it to Debian for you,
>> whether you intended it or not (even if it is not in Debian
>> already).
>> 
>> The only protection we have is that katie will check if the version
>> is higher than the version in sid. (so "don't do that").

> And that you need an allowed distribution in the changes-file - if
> you use "unstable-private" or "not-for-katie", katie will also
> reject it.

Similarly, you can just remove the uuid from the ballot before
 you publish it -- devotee shall reject that ballot.

manoj
-- 
I went to a Grateful Dead Concert and they played for SEVEN hours.
Great song. Fred Reuss
Manoj Srivastava   <[EMAIL PROTECTED]>  
1024D/BF24424C print 4966 F272 D093 B493 410B  924B 21BA DABB BF24 424C


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Vote for the Debian Project Leader Election 2005

2005-04-11 Thread Andreas Barth 
* Bill Allombert ([EMAIL PROTECTED]) [050411 00:20]:
> On Tue, Apr 05, 2005 at 07:44:08PM -0600, Wesley J. Landaker wrote:
> > >   No, that would be stupid. This is why we have a guard against
> > >  replay attacks.
> > 
> > But if the original vote that was signed and posted publicly was never sent 
> > in, then there wouldn't be any record of the vote--so if it was sent in at 
> > the last minute, devotee would be seeing it for the first time... 
> 
> Packages upload have a simlar issue: if you sign a package and put it on
> a public server, anyone can upload it to Debian for you, whether you
> intended it or not (even if it is not in Debian already).
> 
> The only protection we have is that katie will check if the version is
> higher than the version in sid. (so "don't do that").

And that you need an allowed distribution in the changes-file - if you
use "unstable-private" or "not-for-katie", katie will also reject it.


Cheers,
Andi
-- 
   http://home.arcor.de/andreas-barth/
   PGP 1024/89FB5CE5  DC F1 85 6D A6 45 9C 0F  3B BE F1 D0 C5 D1 D9 0C


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Vote for the Debian Project Leader Election 2005

2005-04-10 Thread Bill Allombert 
On Tue, Apr 05, 2005 at 07:44:08PM -0600, Wesley J. Landaker wrote:
> > No, that would be stupid. This is why we have a guard against
> >  replay attacks.
> 
> But if the original vote that was signed and posted publicly was never sent 
> in, then there wouldn't be any record of the vote--so if it was sent in at 
> the last minute, devotee would be seeing it for the first time... 

Packages upload have a simlar issue: if you sign a package and put it on
a public server, anyone can upload it to Debian for you, whether you
intended it or not (even if it is not in Debian already).

The only protection we have is that katie will check if the version is
higher than the version in sid. (so "don't do that").

Cheers,
-- 
Bill. <[EMAIL PROTECTED]>

Imagine a large red swirl here.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Vote for the Debian Project Leader Election 2005

2005-04-08 Thread Manoj Srivastava 
On Thu, 7 Apr 2005 21:33:56 +0200, Osamu Aoki <[EMAIL PROTECTED]> said: 

> On Tue, Apr 05, 2005 at 09:12:02PM -0500, Manoj Srivastava wrote:
>> Sure. If people are gonna make signed votes public and not send
>> them in before changing their minds, that can be used to override
>> their decision. So don't do that.

> Sure :-)

> But will you in future ballot consider to add 1 line where voter can
> clearly indicate his vote priority ordering.  Something like
> following line to the ballot section:

No. Because that entails additional bookkeeping, and perhaps a
 change in the  work flow for dvt-tally, and make manual eyeballing of
 the voting much harder, for the dubious return of supporting the use
 case of people presenting a signed ballot in a public location, and
 then _not_ sending that ballot in, and sending in a different
 ordering. And there is no guarantee that people would know how to
 manage that in any case -- people have trouble with:

   In the brackets next to your preferred choice, place a
   1. Place a 2 in the brackets next to your next
   choice. Continue till you reach your last choice. Do not
   enter a number smaller than 1 or larger than 7.  You may
   skip numbers.  You may rank options equally (as long as all
   choices X you make fall in the range 1<= X <= 7).
 and send in ballots with " [ X ] Option  ". I have no stomach for
 dealing with ballots made even more complex.

There are some things that should not be done. This use case
 is one of them. If you have published a ballot, send it to devotee
 anyway. If you change your mind, you can do that too -- and let
 devotee know that as well.

manoj
-- 
"Why can't we ever attempt to solve a problem in this country without
having a 'War' on it?" -- Rich Thomson, talk.politics.misc
Manoj Srivastava   <[EMAIL PROTECTED]>  
1024D/BF24424C print 4966 F272 D093 B493 410B  924B 21BA DABB BF24 424C


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Vote for the Debian Project Leader Election 2005

2005-04-07 Thread Osamu Aoki 
On Tue, Apr 05, 2005 at 09:12:02PM -0500, Manoj Srivastava wrote:
>   Sure. If people are gonna make signed votes public and not
>  send them in before changing their minds, that can be used to
>  override their decision. So don't do that.

Sure :-)

But will you in future ballot consider to add 1 line where voter can
clearly indicate his vote priority ordering.  Something like following
line to the ballot section:

 [ 20050407.0 ] Vote priority index (ballot with larger number win)

Just a thought...


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Vote for the Debian Project Leader Election 2005

2005-04-05 Thread Manoj Srivastava 
On Tue, 5 Apr 2005 19:44:08 -0600, Wesley J Landaker <[EMAIL PROTECTED]> said: 

> On Tuesday 05 April 2005 19:29, Manoj Srivastava wrote:
>> On Tue, 5 Apr 2005 21:38:51 +0200, David Schmitt
>> [EMAIL PROTECTED]> said:
>> > On Tuesday 05 April 2005 19:29, Manoj Srivastava wrote:
>> >> On Mon, 4 Apr 2005 10:18:26 +0100, Matthew Garrett
>> >>
>> >> [EMAIL PROTECTED]> said:
>> >> > If I sign three votes over the course of a day and then send
>> >> > them in reverse order, will the votes that were signed earlier
>> >> > be accepted even if they were sent later?
>> >>
>> >> Sure. As far as devotee is concerned, the ordering when the
>> >> ballots were received is the only one that matters.  Since email
>> >> ordering is not guaranteed, you may wish to wait for devotee's
>> >> ack is you are firing off multiple ballots.
>> >
>> > So any signed vote made public can be used to override any later
>> > decision by the voter in question by replaying the publicised
>> > mail and signature.
>> 
>> No, that would be stupid. This is why we have a guard against
>> replay attacks.

> But if the original vote that was signed and posted publicly was
> never sent in, then there wouldn't be any record of the vote--so if
> it was sent in at the last minute, devotee would be seeing it for
> the first time...

Sure. If people are gonna make signed votes public and not
 send them in before changing their minds, that can be used to
 override their decision. So don't do that.

manoj
-- 
I have a TINY BOWL in my HEAD
Manoj Srivastava   <[EMAIL PROTECTED]>  
1024D/BF24424C print 4966 F272 D093 B493 410B  924B 21BA DABB BF24 424C


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Vote for the Debian Project Leader Election 2005

2005-04-05 Thread Wesley J. Landaker 
On Tuesday 05 April 2005 19:29, Manoj Srivastava wrote:
> On Tue, 5 Apr 2005 21:38:51 +0200, David Schmitt 
<[EMAIL PROTECTED]> said:
> > On Tuesday 05 April 2005 19:29, Manoj Srivastava wrote:
> >> On Mon, 4 Apr 2005 10:18:26 +0100, Matthew Garrett
> >>
> >> [EMAIL PROTECTED]> said:
> >> > If I sign three votes over the course of a day and then send them
> >> > in reverse order, will the votes that were signed earlier be
> >> > accepted even if they were sent later?
> >>
> >> Sure. As far as devotee is concerned, the ordering when the ballots
> >> were received is the only one that matters.  Since email ordering
> >> is not guaranteed, you may wish to wait for devotee's ack is you
> >> are firing off multiple ballots.
> >
> > So any signed vote made public can be used to override any later
> > decision by the voter in question by replaying the publicised mail
> > and signature.
>
>   No, that would be stupid. This is why we have a guard against
>  replay attacks.

But if the original vote that was signed and posted publicly was never sent 
in, then there wouldn't be any record of the vote--so if it was sent in at 
the last minute, devotee would be seeing it for the first time... 

-- 
Wesley J. Landaker <[EMAIL PROTECTED]>
OpenPGP FP: 4135 2A3B 4726 ACC5 9094  0097 F0A9 8A4C 4CD6 E3D2


pgpwsPQdJIxiz.pgp
Description: PGP signature

Re: Vote for the Debian Project Leader Election 2005

2005-04-05 Thread Manoj Srivastava 
On Tue, 5 Apr 2005 21:38:51 +0200, David Schmitt <[EMAIL PROTECTED]> said: 

> On Tuesday 05 April 2005 19:29, Manoj Srivastava wrote:
>> On Mon, 4 Apr 2005 10:18:26 +0100, Matthew Garrett
>> [EMAIL PROTECTED]> said:

>> > If I sign three votes over the course of a day and then send them
>> > in reverse order, will the votes that were signed earlier be
>> > accepted even if they were sent later?
>> 
>> Sure. As far as devotee is concerned, the ordering when the ballots
>> were received is the only one that matters.  Since email ordering
>> is not guaranteed, you may wish to wait for devotee's ack is you
>> are firing off multiple ballots.

> So any signed vote made public can be used to override any later
> decision by the voter in question by replaying the publicised mail
> and signature.

No, that would be stupid. This is why we have a guard against
 replay attacks.

manoj
-- 
"Rage, rage, against the dying of the light!" Dylan Thomas
Manoj Srivastava   <[EMAIL PROTECTED]>  
1024D/BF24424C print 4966 F272 D093 B493 410B  924B 21BA DABB BF24 424C


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Vote for the Debian Project Leader Election 2005

2005-04-05 Thread David Schmitt 
On Tuesday 05 April 2005 19:29, Manoj Srivastava wrote:
> On Mon, 4 Apr 2005 10:18:26 +0100, Matthew Garrett 
<[EMAIL PROTECTED]> said:

> > If I sign three votes over the course of a day and then send them in
> > reverse order, will the votes that were signed earlier be accepted
> > even if they were sent later?
>
>  Sure. As far as devotee is concerned, the ordering when the
>  ballots were received is the only one that matters.  Since email
>  ordering is not guaranteed, you may wish to wait for devotee's ack is
>  you are firing off multiple ballots.

So any signed vote made public can be used to override any later decision by 
the voter in question by replaying the publicised mail and signature.

Regards, David
-- 
- hallo... wie gehts heute?
- *hust* gut *rotz* *keuch*
- gott sei dank kommunizieren wir über ein septisches medium ;)
 -- Matthias Leeb, Uni f. angewandte Kunst, 2005-02-15

Re: Vote for the Debian Project Leader Election 2005

2005-04-05 Thread Manoj Srivastava 
On Mon, 4 Apr 2005 10:18:26 +0100, Matthew Garrett <[EMAIL PROTECTED]> said: 

> Manoj Srivastava <[EMAIL PROTECTED]> wrote:
>> On Fri, 25 Mar 2005 04:15:22 +, Matthew Garrett
>> <[EMAIL PROTECTED]> said:
>>> - I'm not sure if it insists that the order of signing is
>>>   consistent
>>> with the order of receipt.
>> 
>> Umm, I am not sure I understand what this means.

> If I sign three votes over the course of a day and then send them in
> reverse order, will the votes that were signed earlier be accepted
> even if they were sent later?

Sure. As far as devotee is concerned, the ordering when the
 ballots were received is the only one that matters.  Since email
 ordering is not guaranteed, you may wish to wait for devotee's ack is
 you are firing off multiple ballots.

manoj
-- 
Getting into trouble is easy. Winkel and F. Prosser
Manoj Srivastava   <[EMAIL PROTECTED]>  
1024D/BF24424C print 4966 F272 D093 B493 410B  924B 21BA DABB BF24 424C


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Vote for the Debian Project Leader Election 2005

2005-04-04 Thread Sven Luther 
On Mon, Apr 04, 2005 at 01:38:09AM -0500, Manoj Srivastava wrote:
> On Sun, 27 Mar 2005 09:12:36 +0200, Sven Luther <[EMAIL PROTECTED]> said: 
> 
> > Well, you have just to check the devotee code is doing what it is
> > supposed to do, and that this is the actual code running on the
> > actual ballots, you don't really need to look at the ballots. Since
> > the devotee code is supposed to be deterministic, and always produce
> > the same result for a determined set of votes independently of vote
> > order and timing. If not we would have a serious problem, which we
> > supposedly solved duing the vote method discussion back then.
> 
>   That is not true. If a person votes 5 times, and all of them
>  differently, the way the vote is counted is not independent of vote
>  order.

A true, but obviously it is independent on order of the last votes of any one
person :)

Friendly,

Sven Luther


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Vote for the Debian Project Leader Election 2005

2005-04-04 Thread Matthew Garrett 
Manoj Srivastava <[EMAIL PROTECTED]> wrote: 
> On Fri, 25 Mar 2005 04:15:22 +, Matthew Garrett <[EMAIL PROTECTED]> said: 
>> - I'm not sure if it insists that the order of signing is consistent
>> with the order of receipt.
> 
>   Umm, I am not sure I understand what this means.

If I sign three votes over the course of a day and then send them in
reverse order, will the votes that were signed earlier be accepted even
if they were sent later?

-- 
Matthew Garrett | [EMAIL PROTECTED]


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Vote for the Debian Project Leader Election 2005

2005-04-03 Thread Manoj Srivastava 
On Fri, 25 Mar 2005 04:15:22 +, Matthew Garrett <[EMAIL PROTECTED]> said: 

> Matthew Palmer <[EMAIL PROTECTED]> wrote:
>> I think that Wesley may be thinking more along the lines of a
>> simple replay attack -- if you *do* change your mind, your earlier
>> (publically posted) ballot can be fed back into the system again,
>> to reset your preferences to those you originally chose.

> I /believe/ that there's a replay cache to prevent a naive replay
> attack

Umm, it does have a replay cache. How does a sophisticated
 replay attack differ from a naive one?

> - I'm not sure if it insists that the order of signing is consistent
> with the order of receipt.

Umm, I am not sure I understand what this means.

manoj
-- 
Coward, n.: One who in a perilous emergency thinks with his
legs. Ambrose Bierce, "The Devil's Dictionary"
Manoj Srivastava   <[EMAIL PROTECTED]>  
1024D/BF24424C print 4966 F272 D093 B493 410B  924B 21BA DABB BF24 424C


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Vote for the Debian Project Leader Election 2005

2005-04-03 Thread Manoj Srivastava 
On Sun, 27 Mar 2005 09:12:36 +0200, Sven Luther <[EMAIL PROTECTED]> said: 

> Well, you have just to check the devotee code is doing what it is
> supposed to do, and that this is the actual code running on the
> actual ballots, you don't really need to look at the ballots. Since
> the devotee code is supposed to be deterministic, and always produce
> the same result for a determined set of votes independently of vote
> order and timing. If not we would have a serious problem, which we
> supposedly solved duing the vote method discussion back then.

That is not true. If a person votes 5 times, and all of them
 differently, the way the vote is counted is not independent of vote
 order.

manoj
-- 
If fifty million people say a foolish thing, it's still a foolish
thing. Bertrand Russell
Manoj Srivastava   <[EMAIL PROTECTED]>  
1024D/BF24424C print 4966 F272 D093 B493 410B  924B 21BA DABB BF24 424C


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Vote for the Debian Project Leader Election 2005

2005-03-28 Thread Graham Wilson 
On Mon, Mar 28, 2005 at 09:16:21AM -0800, John H. Robinson, IV wrote:
> Hamish Moffatt wrote:
> > On Fri, Mar 25, 2005 at 09:34:35AM +0100, Emmanuel le Chevoir wrote:
> > > Again, sorry for beeing such an idiot :/
> > 
> > Does that mean you improved your vote also? ;-)
> 
> I'm lost, what was wrong with his vote?

Whether or not there is something wrong with his vote depends on how you
feel about certain candidates. I believe Hamish comment refers to how
Emmanuel ranked some candidates over others.

-- 
gram


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Vote for the Debian Project Leader Election 2005

2005-03-28 Thread Steve Langasek 
On Mon, Mar 28, 2005 at 09:16:21AM -0800, John H. Robinson, IV wrote:
> Hamish Moffatt wrote:
> > On Fri, Mar 25, 2005 at 09:34:35AM +0100, Emmanuel le Chevoir wrote:
> > > Emmanuel le Chevoir a ?crit :
> > > >- - -=-=-=-=-=- Don't Delete Anything Between These Lines 
> > > >=-=-=-=-=-=-=-=-
> > > >46348448-74a5-40ae-a651-49704435ae8c
> > > >- - -=-=-=-=-=- Don't Delete Anything Between These Lines 
> > > >=-=-=-=-=-=-=-=-
> > > 
> > > I'm so sorry for that one, that was a really stupid mistake.
> > > The good thing is that is received quite a bunch of interesting replies, 
> > > along with a few (well deserved) criticisms.
> > > 
> > > Again, sorry for beeing such an idiot :/
> > 
> > Does that mean you improved your vote also? ;-)

> I'm lost, what was wrong with his vote?

I'd guess the fact that he voted Jonathan Walther above NOTA is the point of
interest there.

I wonder how much of the electorate votes based solely on platforms,
nowadays, rather than personal knowledge of the candidates?

-- 
Steve Langasek
postmodern programmer


signature.asc
Description: Digital signature

Re: Vote for the Debian Project Leader Election 2005

2005-03-28 Thread John H. Robinson, IV 
Hamish Moffatt wrote:
> On Fri, Mar 25, 2005 at 09:34:35AM +0100, Emmanuel le Chevoir wrote:
> > Emmanuel le Chevoir a écrit :
> > >- - -=-=-=-=-=- Don't Delete Anything Between These Lines =-=-=-=-=-=-=-=-
> > >46348448-74a5-40ae-a651-49704435ae8c
> > >- - -=-=-=-=-=- Don't Delete Anything Between These Lines =-=-=-=-=-=-=-=-
> > 
> > I'm so sorry for that one, that was a really stupid mistake.
> > The good thing is that is received quite a bunch of interesting replies, 
> > along with a few (well deserved) criticisms.
> > 
> > Again, sorry for beeing such an idiot :/
> 
> Does that mean you improved your vote also? ;-)

I'm lost, what was wrong with his vote?

-- 
John H. Robinson, IV  [EMAIL PROTECTED]
 http  
WARNING: I cannot be held responsible for the above, sbih.org ( )(:[
as apparently my cats have learned how to type.  spiders.html  


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Vote for the Debian Project Leader Election 2005

2005-03-26 Thread Sven Luther 
On Fri, Mar 25, 2005 at 03:52:42PM +1000, Anthony Towns wrote:
> Antti-Juhani Kaijanaho wrote:
> >On 20050325T002711+0100, Jeroen van Wolffelaar wrote:
> >>Eh, the buyer can demand proof, the same proof a voter has to verify his
> >>vote is tallied: ask the secret token.
> >Ouch.  Nasty.  Bad.
> >(This is one of the reasons why real elections have partisan observers
> >present in vote counting: you cannot give the voter proof of his vote
> >being counted, so you need another way to ensure public trust in the
> >process.)
> 
> Yup; but conversely, we can't really manage that in Debian -- we'd have 
> to have partisan observers monitoring the adminning of vote.debian.org's 
> mail handling for three weeks, while at the same time not letting them 
> see the non-anonymized votes.

Well, you have just to check the devotee code is doing what it is supposed to
do, and that this is the actual code running on the actual ballots, you don't
really need to look at the ballots. Since the devotee code is supposed to be
deterministic, and always produce the same result for a determined set of
votes independently of vote order and timing. If not we would have a serious
problem, which we supposedly solved duing the vote method discussion back then.

Friendly,

Sven Luther


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Vote for the Debian Project Leader Election 2005

2005-03-26 Thread Sven Luther 
On Fri, Mar 25, 2005 at 07:06:34AM +0100, David N. Welton wrote:
> MJ Ray <[EMAIL PROTECTED]> writes:
> 
> > [EMAIL PROTECTED] (David N. Welton) wrote:
> > > Just to be clear, nothing against Anthony Towns.  I think he'd do
> > > alright as DPL.
> > 
> > Sounds like you've asked a few people and are now hedging your bets!
> 
> Nope, my comments had nothing to do with him.  I'd like to make that
> very clear.

I believe it is evident of everyone who followed this list who was the
surprising one.

Friendly,

Sven Luther


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Vote for the Debian Project Leader Election 2005

2005-03-26 Thread Hamish Moffatt 
On Fri, Mar 25, 2005 at 09:34:35AM +0100, Emmanuel le Chevoir wrote:
> Emmanuel le Chevoir a écrit :
> >- - -=-=-=-=-=- Don't Delete Anything Between These Lines =-=-=-=-=-=-=-=-
> >46348448-74a5-40ae-a651-49704435ae8c
> >- - -=-=-=-=-=- Don't Delete Anything Between These Lines =-=-=-=-=-=-=-=-
> 
> I'm so sorry for that one, that was a really stupid mistake.
> The good thing is that is received quite a bunch of interesting replies, 
> along with a few (well deserved) criticisms.
> 
> Again, sorry for beeing such an idiot :/

Does that mean you improved your vote also? ;-)


Hamish
-- 
Hamish Moffatt VK3SB <[EMAIL PROTECTED]> <[EMAIL PROTECTED]>


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Vote for the Debian Project Leader Election 2005

2005-03-25 Thread Wouter Verhelst 
Op do, 24-03-2005 te 17:23 -0700, schreef Wesley J Landaker:
> On Thursday, 24 March 2005 16:52, Roger Leigh wrote:
> > [EMAIL PROTECTED] (David N. Welton) writes:
> > > Steve Kemp <[EMAIL PROTECTED]> writes:
> > >> On Thu, Mar 24, 2005 at 09:12:51PM +0100, David N. Welton wrote:
> > >> > I'm amazed at how little people seem to have done to inform
> > >> > themselves about all the candidates, myself.
> > >>
> > >>   Just because people vote in a way that you might not does not
> > >> mean they are uninformed.
> > >
> > > I'm not convinced.
> >
> > Happily, the OP still has a chance to change his mind ;-)
> 
> Unless someone else sends in his already signed ballot...

Even if someone else does. You can supersede your vote at any time until
the vote period is over.

-- 
 EARTH
 smog  |   bricks
 AIR  --  mud  -- FIRE
soda water |   tequila
 WATER
 -- with thanks to fortune


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Vote for the Debian Project Leader Election 2005

2005-03-25 Thread Marco d'Itri 
[EMAIL PROTECTED] wrote:

>> I'm amazed at how little people seem to have done to inform themselves
>> about all the candidates, myself.
>  Just because people vote in a way that you might not does not mean
> they are uninformed.
Indeed, it's a polite way to say that they are morons. 

-- 
ciao,
Marco


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Vote for the Debian Project Leader Election 2005

2005-03-25 Thread Emmanuel le Chevoir 
Emmanuel le Chevoir a écrit :
- - -=-=-=-=-=- Don't Delete Anything Between These Lines =-=-=-=-=-=-=-=-
46348448-74a5-40ae-a651-49704435ae8c
- - -=-=-=-=-=- Don't Delete Anything Between These Lines =-=-=-=-=-=-=-=-
I'm so sorry for that one, that was a really stupid mistake.
The good thing is that is received quite a bunch of interesting replies, 
along with a few (well deserved) criticisms.

Again, sorry for beeing such an idiot :/
--
Emmanuel le Chevoir
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Vote for the Debian Project Leader Election 2005

2005-03-24 Thread David N. Welton 
MJ Ray <[EMAIL PROTECTED]> writes:

> [EMAIL PROTECTED] (David N. Welton) wrote:
> > Just to be clear, nothing against Anthony Towns.  I think he'd do
> > alright as DPL.
> 
> Sounds like you've asked a few people and are now hedging your bets!

Nope, my comments had nothing to do with him.  I'd like to make that
very clear.

-- 
David N. Welton
 - http://www.dedasys.com/davidw/

Apache, Linux, Tcl Consulting
 - http://www.dedasys.com/


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Vote for the Debian Project Leader Election 2005

2005-03-24 Thread Anthony Towns 
Antti-Juhani Kaijanaho wrote:
On 20050325T002711+0100, Jeroen van Wolffelaar wrote:
Eh, the buyer can demand proof, the same proof a voter has to verify his
vote is tallied: ask the secret token.
Ouch.  Nasty.  Bad.
(This is one of the reasons why real elections have partisan observers
present in vote counting: you cannot give the voter proof of his vote
being counted, so you need another way to ensure public trust in the
process.)
Yup; but conversely, we can't really manage that in Debian -- we'd have 
to have partisan observers monitoring the adminning of vote.debian.org's 
mail handling for three weeks, while at the same time not letting them 
see the non-anonymized votes.

Sure, and that is a good argument for this kind of secrecy.
AFAICS, you can only choose one of "directly check the vote counters are 
doing the right thing with your vote" and "be unable to sell your vote". 
There're too many weird possibilities (especially when you add timing 
into it) for me to prove that though :)

For those playing along at home, the 1999 election was an example of the 
latter priority; the 2001 election was an (accidental) example of an 
entirely non-secret leadership ballot.

Cheers,
aj
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Vote for the Debian Project Leader Election 2005

2005-03-24 Thread Adeodato Simó 
* Wesley J Landaker [Thu, 24 Mar 2005 20:23:34 -0700]:
> On Thursday, 24 March 2005 20:15, Matthew Palmer wrote:

> > Since the voter gets a return e-mail, they'd likely know about it,
> > but if the attacker was clever and threw your ballot in right before
> > the deadline, you wouldn't have enough time to correct it, and would
> > need to bother Manoj to get it sorted out.

> Yeah, it seems this would be possible in the current system. One way to 
> work around this would be to reject vote e-mails that are identical to 
> ones seen before (say, save a md5sum of the signed portion of the 
> e-mail, *including* the GPG signature block).

  I've been told on IRC that devotee currently has such a replay-guard
  mechanism. Perhaps Manoj can confirm, and comment a bit about the
  implemented safeguards? (Or point to the relevant explanation pages,
  of course.)

-- 
Adeodato Simó
EM: asp16 [ykwim] alu.ua.es | PK: DA6AE621
 
Algebraic symbols are used when you do not know what you are talking about.
-- Philippe Schnoebelen


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Vote for the Debian Project Leader Election 2005

2005-03-24 Thread Matthew Garrett 
Matthew Palmer <[EMAIL PROTECTED]> wrote:

> I think that Wesley may be thinking more along the lines of a simple replay
> attack -- if you *do* change your mind, your earlier (publically posted)
> ballot can be fed back into the system again, to reset your preferences to
> those you originally chose.

I /believe/ that there's a replay cache to prevent a naive replay attack
- I'm not sure if it insists that the order of signing is consistent
with the order of receipt.

-- 
Matthew Garrett | [EMAIL PROTECTED]


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Vote for the Debian Project Leader Election 2005

2005-03-24 Thread Wesley J Landaker 
On Thursday, 24 March 2005 20:15, Matthew Palmer wrote:
> On Fri, Mar 25, 2005 at 02:57:43AM +, Matthew Garrett wrote:
> > Wesley J Landaker <[EMAIL PROTECTED]> wrote:
> > > On Thursday, 24 March 2005 16:52, Roger Leigh wrote:
> > >> Happily, the OP still has a chance to change his mind ;-)
> > >
> > > Unless someone else sends in his already signed ballot...
> >
> > You can send in multiple ballots. Only the last one will count. As
> > a result, you're free to change your mind up until the deadline.
>
> I think that Wesley may be thinking more along the lines of a simple
> replay attack -- if you *do* change your mind, your earlier
> (publically posted) ballot can be fed back into the system again, to
> reset your preferences to those you originally chose.

Actually, I was thinking of replay, but was thinking in terms of the 
system only accepting one vote, but since it accepts it more than ones, 
this is also an attack... of course, it's irrelevent if you never 
change your mind. (=

> Since the voter gets a return e-mail, they'd likely know about it,
> but if the attacker was clever and threw your ballot in right before
> the deadline, you wouldn't have enough time to correct it, and would
> need to bother Manoj to get it sorted out.

Yeah, it seems this would be possible in the current system. One way to 
work around this would be to reject vote e-mails that are identical to 
ones seen before (say, save a md5sum of the signed portion of the 
e-mail, *including* the GPG signature block).

-- 
Wesley J. Landaker <[EMAIL PROTECTED]>
OpenPGP FP: 4135 2A3B 4726 ACC5 9094  0097 F0A9 8A4C 4CD6 E3D2



pgptzLOfiXbhV.pgp
Description: PGP signature

Re: Vote for the Debian Project Leader Election 2005

2005-03-24 Thread Wesley J Landaker 
On Thursday, 24 March 2005 19:57, Matthew Garrett wrote:
> Wesley J Landaker <[EMAIL PROTECTED]> wrote:
> > On Thursday, 24 March 2005 16:52, Roger Leigh wrote:
> >> Happily, the OP still has a chance to change his mind ;-)
> >
> > Unless someone else sends in his already signed ballot...
>
> You can send in multiple ballots. Only the last one will count. As a
> result, you're free to change your mind up until the deadline.
> Possibly this should be more widely publicised?

Ah, well, that's good to know! Now I have time to change my mind as 
well... ;)

-- 
Wesley J. Landaker <[EMAIL PROTECTED]>
OpenPGP FP: 4135 2A3B 4726 ACC5 9094  0097 F0A9 8A4C 4CD6 E3D2



pgpLNvEq8Lyse.pgp
Description: PGP signature

Re: Vote for the Debian Project Leader Election 2005

2005-03-24 Thread Matthew Palmer 
On Fri, Mar 25, 2005 at 02:57:43AM +, Matthew Garrett wrote:
> Wesley J Landaker <[EMAIL PROTECTED]> wrote:
> > On Thursday, 24 March 2005 16:52, Roger Leigh wrote:
> >> Happily, the OP still has a chance to change his mind ;-)
> > 
> > Unless someone else sends in his already signed ballot...
> 
> You can send in multiple ballots. Only the last one will count. As a
> result, you're free to change your mind up until the deadline.

I think that Wesley may be thinking more along the lines of a simple replay
attack -- if you *do* change your mind, your earlier (publically posted)
ballot can be fed back into the system again, to reset your preferences to
those you originally chose.

Since the voter gets a return e-mail, they'd likely know about it, but if
the attacker was clever and threw your ballot in right before the deadline,
you wouldn't have enough time to correct it, and would need to bother Manoj
to get it sorted out.

- Matt


signature.asc
Description: Digital signature

Re: Vote for the Debian Project Leader Election 2005

2005-03-24 Thread Matthew Garrett 
Wesley J Landaker <[EMAIL PROTECTED]> wrote:
> On Thursday, 24 March 2005 16:52, Roger Leigh wrote:
>> Happily, the OP still has a chance to change his mind ;-)
> 
> Unless someone else sends in his already signed ballot...

You can send in multiple ballots. Only the last one will count. As a
result, you're free to change your mind up until the deadline. Possibly
this should be more widely publicised?

-- 
Matthew Garrett | [EMAIL PROTECTED]


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Vote for the Debian Project Leader Election 2005

2005-03-24 Thread Wesley J Landaker 
On Thursday, 24 March 2005 16:52, Roger Leigh wrote:
> [EMAIL PROTECTED] (David N. Welton) writes:
> > Steve Kemp <[EMAIL PROTECTED]> writes:
> >> On Thu, Mar 24, 2005 at 09:12:51PM +0100, David N. Welton wrote:
> >> > I'm amazed at how little people seem to have done to inform
> >> > themselves about all the candidates, myself.
> >>
> >>   Just because people vote in a way that you might not does not
> >> mean they are uninformed.
> >
> > I'm not convinced.
>
> Happily, the OP still has a chance to change his mind ;-)

Unless someone else sends in his already signed ballot...

-- 
Wesley J. Landaker <[EMAIL PROTECTED]>
OpenPGP FP: 4135 2A3B 4726 ACC5 9094  0097 F0A9 8A4C 4CD6 E3D2



pgp6QwC2UOa7a.pgp
Description: PGP signature

Re: Vote for the Debian Project Leader Election 2005

2005-03-24 Thread Roger Leigh 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

[EMAIL PROTECTED] (David N. Welton) writes:

> Steve Kemp <[EMAIL PROTECTED]> writes:
>
>> On Thu, Mar 24, 2005 at 09:12:51PM +0100, David N. Welton wrote:
>> 
>> > I'm amazed at how little people seem to have done to inform themselves
>> > about all the candidates, myself.
>
>>   Just because people vote in a way that you might not does not mean
>>  they are uninformed.
>
> I'm not convinced.

Happily, the OP still has a chance to change his mind ;-)


- -- 
Roger Leigh
Printing on GNU/Linux?  http://gimp-print.sourceforge.net/
Debian GNU/Linuxhttp://www.debian.org/
GPG Public Key: 0x25BFB848.  Please sign and encrypt your mail.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.0 (GNU/Linux)
Comment: Processed by Mailcrypt 3.5.8 

iD8DBQFCQ1KiVcFcaSW/uEgRAgO3AKDbUXAKx/VJoHEMtpqm6jPUmZESEwCgpc6v
4gTEQsOTnyKrMFXw/0IUxuw=
=5+aN
-END PGP SIGNATURE-


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Vote for the Debian Project Leader Election 2005

2005-03-24 Thread Antti-Juhani Kaijanaho 
On 20050325T002711+0100, Jeroen van Wolffelaar wrote:
> Eh, the buyer can demand proof, the same proof a voter has to verify his
> vote is tallied: ask the secret token.  Assuming md5 is a strong hash,
> this way a voter can prove his/her ballot if (s)he wishes to publicly
> (or privately) show to have voted in a given way.

Ouch.  Nasty.  Bad.

(This is one of the reasons why real elections have partisan observers
present in vote counting: you cannot give the voter proof of his vote
being counted, so you need another way to ensure public trust in the
process.)

> As far as I know, the real reason is to enable it for people to vote
> without worrying to hurt a person (DPL-candidate), for example that one
> ranks a friend quite low because one doesn't think he'd make a good DPL.
> Voting for people is necessarily a more personal affair than voting for
> something more abstract like a GR about the constitution.

Sure, and that is a good argument for this kind of secrecy.
However, the reason I gave is the reason secret ballots are a
requirement in democratic government.  (I include in vote buying the
nastier practices of blackmail and duress.)
-- 
Antti-Juhani Kaijanaho, Debian developer 

http://kaijanaho.info/antti-juhani/blog/en/debian


signature.asc
Description: Digital signature

Re: Vote for the Debian Project Leader Election 2005

2005-03-24 Thread MJ Ray 
[EMAIL PROTECTED] (David N. Welton) wrote:
> Just to be clear, nothing against Anthony Towns.  I think he'd do
> alright as DPL.

Sounds like you've asked a few people and are now hedging your bets!


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Vote for the Debian Project Leader Election 2005

2005-03-24 Thread Jeroen van Wolffelaar 
On Fri, Mar 25, 2005 at 01:13:49AM +0200, Antti-Juhani Kaijanaho wrote:
> The point of a secret vote is to make sure vote buying is ineffective,
> since under secret ballots the buyer is unable to verify that the
> voter actually cast the ballot he or she claimed to have cast; and
> that point is preserved even if some of us publish our (real or fake,
> you can't tell) choices.

Eh, the buyer can demand proof, the same proof a voter has to verify his
vote is tallied: ask the secret token.  Assuming md5 is a strong hash,
this way a voter can prove his/her ballot if (s)he wishes to publicly
(or privately) show to have voted in a given way.

As far as I know, the real reason is to enable it for people to vote
without worrying to hurt a person (DPL-candidate), for example that one
ranks a friend quite low because one doesn't think he'd make a good DPL.
Voting for people is necessarily a more personal affair than voting for
something more abstract like a GR about the constitution.

--Jeroen

-- 
Jeroen van Wolffelaar
[EMAIL PROTECTED] (also for Jabber & MSN; ICQ: 33944357)
http://Jeroen.A-Eskwadraat.nl

Re: Vote for the Debian Project Leader Election 2005

2005-03-24 Thread Antti-Juhani Kaijanaho 
On 20050324T135006-0600, John Goerzen wrote:
> Well...
> 
> So much for:
> 1) secret ballots

Secret ballots mean that the actual ballots are never published by the
secretary.  It does not mean that voters are not allowed to make their
choice public (or to claim they voted in a particular way, despite
having voted differently).  The point of a secret vote is to make sure
vote buying is ineffective, since under secret ballots the buyer is
unable to verify that the voter actually cast the ballot he or she
claimed to have cast; and that point is preserved even if some of us
publish our (real or fake, you can't tell) choices.

-- 
Antti-Juhani Kaijanaho, Debian developer 

http://kaijanaho.info/antti-juhani/blog/en/debian


signature.asc
Description: Digital signature

Re: Vote for the Debian Project Leader Election 2005

2005-03-24 Thread David N. Welton 

Just to be clear, nothing against Anthony Towns.  I think he'd do
alright as DPL.

-- 
David N. Welton
 - http://www.dedasys.com/davidw/

Apache, Linux, Tcl Consulting
 - http://www.dedasys.com/


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Vote for the Debian Project Leader Election 2005

2005-03-24 Thread David N. Welton 
Steve Kemp <[EMAIL PROTECTED]> writes:

> On Thu, Mar 24, 2005 at 09:12:51PM +0100, David N. Welton wrote:
> 
> > I'm amazed at how little people seem to have done to inform themselves
> > about all the candidates, myself.

>   Just because people vote in a way that you might not does not mean
>  they are uninformed.

I'm not convinced.

-- 
David N. Welton
 - http://www.dedasys.com/davidw/

Apache, Linux, Tcl Consulting
 - http://www.dedasys.com/


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Vote for the Debian Project Leader Election 2005

2005-03-24 Thread Steve Kemp 
On Thu, Mar 24, 2005 at 09:12:51PM +0100, David N. Welton wrote:

> I'm amazed at how little people seem to have done to inform themselves
> about all the candidates, myself.

  Just because people vote in a way that you might not does not mean
 they are uninformed.

  It just means we are all looking for different things from our
 new overlord...

Steve
--


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Vote for the Debian Project Leader Election 2005

2005-03-24 Thread David N. Welton 

I'm amazed at how little people seem to have done to inform themselves
about all the candidates, myself.

-- 
David N. Welton
 - http://www.dedasys.com/davidw/

Apache, Linux, Tcl Consulting
 - http://www.dedasys.com/


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Vote for the Debian Project Leader Election 2005

2005-03-24 Thread Martin Schulze 
John Goerzen wrote:
> Well...
> 
> So much for:
> 1) secret ballots
> 2) reading directions

Reading is a lost art nowadays.
-- Michael Weber

I'm also quite appalled by the vote.   *sigh*

Regards,

Joey

-- 
No question is too silly to ask, but, of course, some are too silly
to answer.   -- Perl book


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Vote for the Debian Project Leader Election 2005

2005-03-24 Thread Luk Claes 
Hi
John Goerzen wrote:
Well...
So much for:
1) secret ballots
2) reading directions
You should mail it signed, but not encrypted to 
[EMAIL PROTECTED] You might have the same problem [0] as some 
others [1] [2] [3]. You'll be listed [4] as a unique voter [5] if your 
vote arrives.

Cheers
Luk
[0] http://lists.debian.org/debian-vote/2005/03/msg00835.html
[1] http://lists.debian.org/debian-vote/2005/03/msg00822.html
[2] http://lists.debian.org/debian-vote/2005/03/msg00844.html
[3] http://lists.debian.org/debian-vote/2005/03/msg00850.html
[4] http://master.debian.org/~srivasta/leader2005.html
[5] http://master.debian.org/~srivasta/leader2005_voters.txt
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Vote for the Debian Project Leader Election 2005

2005-03-24 Thread John Goerzen 
Well...

So much for:
1) secret ballots
2) reading directions

On Thu, Mar 24, 2005 at 08:44:29PM +0100, Emmanuel le Chevoir wrote:
> - - -=-=-=-=-=- Don't Delete Anything Between These Lines =-=-=-=-=-=-=-=-
> 46348448-74a5-40ae-a651-49704435ae8c
> [ 3 ] Choice 1: Jonathan Walther 
> [ 6 ] Choice 2: Matthew Garrett 
> [ 2 ] Choice 3: Branden Robinson 
> [ 1 ] Choice 4: Anthony Towns 
> [ 5 ] Choice 5: Angus Lees 
> [ 4 ] Choice 6: Andreas Schuldei
> [   ] Choice 7: None Of The Above
> - - -=-=-=-=-=- Don't Delete Anything Between These Lines =-=-=-=-=-=-=-=-
> 
> -- 
> Emmanuel le Chevoir



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Vote for the Debian Project Leader Election 2005

2005-03-24 Thread Emmanuel le Chevoir 
- - -=-=-=-=-=- Don't Delete Anything Between These Lines =-=-=-=-=-=-=-=-
46348448-74a5-40ae-a651-49704435ae8c
[ 3 ] Choice 1: Jonathan Walther 
[ 6 ] Choice 2: Matthew Garrett 
[ 2 ] Choice 3: Branden Robinson 
[ 1 ] Choice 4: Anthony Towns 
[ 5 ] Choice 5: Angus Lees 
[ 4 ] Choice 6: Andreas Schuldei
[   ] Choice 7: None Of The Above
- - -=-=-=-=-=- Don't Delete Anything Between These Lines =-=-=-=-=-=-=-=-

-- 
Emmanuel le Chevoir


signature.asc
Description: Digital signature