Re: internet voting -- ICANN, SmartInitiatives, etc.
Ed, why do you insist on advertising your patent-pending voting solution on the IETF mailing list? It does not involve any IETF protocol work, does it? --Paul Hoffman, Director --Internet Mail Consortium
Re: internet voting -- ICANN, SmartInitiatives, etc.
Paul Hoffman / IMC wrote: > Ed, why do you insist on advertising your patent-pending voting > solution on the IETF mailing list? It does not involve any IETF > protocol work, does it? ;-) SMTP, HTML, TLS, PGP, and others, including TCP/IP. Pls do not be so bent out of shape by the word "patent". I think we have a fair proposal for it, which we call FREE patent, and is much the same as FREE software. However, I respect your disagreement. Hope we can meet some day. Cheers, Ed Gerck
Re: internet voting -- ICANN, SmartInitiatives, etc.
[EMAIL PROTECTED] (Ed Gerck) wrote on 12.01.01 in <[EMAIL PROTECTED]>: > [long, but worth every megabyte] > > >From: "Stephen Sprunk" <[EMAIL PROTECTED]> > > > >Throwing encryption at voting is not enough to solve algorithmic > >problems. Digital signatures violate ballot secrecy and provide no > >protection against most forms of fraud. > > No. Digital signatures such as X.509/PKIX do violate voter privacy, but > never ballot secrecy. > > In all fairness to you, maybe there is a confusion with the word "privacy". > In this case, maybe you write "secrecy" above but you mean "privacy". BIG > DIFFERENCE, though. Indeed. The way you have it defined, both are one half of what must be achieved (impossible to identify voters, and impossible to identify votes), with both halves completely meaningless in isolation (which is why a traditional paper vote does achieve the combination, but neither half in isolation). Whereas the way most people define this, the two terms are two names for the same thing, which is the whole (it must be impossible to determine who voted what). The correlation is the problem, not the isolated facts. There is more obfuscation like that in your "16 requirements". Not what I'd consider a recommendation. > Safevote's open attack test described at www.safevote.com/tech.htm showed > that the following attacks were 100% forestalled during the entire test for > 24 hours a day in 5 days: (1) Denial-of-Service; (2) Large Packet Ping; (3) > Buffer Overrun; (4) TCP SYN Flood; (5) IP Spoofing; (6) TCP Sequence Number; > (7) IP Fragmentation; (8) Network Penetration; and other network-based > attacks. Grand. It withstood network level attacks. That's about the most meaningless test possible - all it proves is the quality of the TCP stack, it tells absolutely bloody nothing about the voting system itself. Which in itself tells us something, and it's not a compliment. MfG Kai
Re: internet voting -- ICANN, SmartInitiatives, etc.
Kai Henningsen wrote: > [EMAIL PROTECTED] (Ed Gerck) wrote on 12.01.01 in <[EMAIL PROTECTED]>: > > > No. Digital signatures such as X.509/PKIX do violate voter privacy, but > > never ballot secrecy. > > > > In all fairness to you, maybe there is a confusion with the word "privacy". > > In this case, maybe you write "secrecy" above but you mean "privacy". BIG > > DIFFERENCE, though. > > Indeed. The way you have it defined, both are one half of what must be > achieved (impossible to identify voters, and impossible to identify > votes), with both halves completely meaningless in isolation (which is why > a traditional paper vote does achieve the combination, but neither half in > isolation). Whereas the way most people define this, the two terms are two > names for the same thing, which is the whole (it must be impossible to > determine who voted what). The correlation is the problem, not the > isolated facts. > > There is more obfuscation like that in your "16 requirements". Not what > I'd consider a recommendation. Unless we define and isolate the concepts used, it is nearly impossible to meaningfully deal with them. This is basic scientific method. Thus, making a clear distinction between "secrecy" and "privacy", as well as between "identification" and "authentication" and "non-repudiation" is at the heart of the matter here. Doing otherwise is obfuscation -- "to make obscure." > > Safevote's open attack test described at www.safevote.com/tech.htm showed > > that the following attacks were 100% forestalled during the entire test for > > 24 hours a day in 5 days: (1) Denial-of-Service; (2) Large Packet Ping; (3) > > Buffer Overrun; (4) TCP SYN Flood; (5) IP Spoofing; (6) TCP Sequence Number; > > (7) IP Fragmentation; (8) Network Penetration; and other network-based > > attacks. > > Grand. It withstood network level attacks. That's about the most > meaningless test possible - all it proves is the quality of the TCP stack, > it tells absolutely bloody nothing about the voting system itself. Forestalling Denial-of-Service attacks was unheard of and called "impossible" in Internet voting until we showed how it could be done in one specific network configuration useful for elections in precincts. There are other configurations where it can be done as well, as we shall show in the future. This was one Holy Grail in Internet elections, and we got it. The same applies to other 7 attack types mentioned -- so this was no easy feat for 5 days, 24 hours/day attacks, with full disclosure and a help line. Conclusion of the test: "Internet" does not mean "insecurity". Just because it uses the Internet it does not mean it MUST be insecure. Contrary to lore, Internet communications can be made arbitrarily safe and reliable (Shannon) if you take into account all the systems connected to it. The first step is to recognize that any communication channel has a boundary, which is quite arbitrary. By properly recognizing the sub-communication channels inside a boundary and by properly placing such boundaries, the point I make is that it is possible to have the communication system (roughly): registration --> voter --> ballot box -- > tally --> report as error-free, anonymous and secret as anyone else may wish (Shannon). Here, the systems connected to an Internet-base channel are not ignored. They are taken into account and with adequate error-correction channel(s) (Shannon). Again, this is a lot easier in the praxis for precinct-based Internet voting. Which is all we are talking about at this time. Home/office-based Internet voting is IMO too political to be meaningfully discussed at this time. Even though we do have the technological answer for remote voting as well, we would lose too much time in discussing it now. Rather, we prefer to focus on precinct-based solutions, at a fraction of the price of DREs (electronic voting) and with better assurances. Cheers, Ed Gerck
IVTA, Re: internet voting -- ICANN, SmartInitiatives, etc.
Paul: In the interest of dialogue, I wish to remind you that this thread started yesterday when someone asked what was the IETF doing on voting protocols. Going further back, almost one year ago when the IVTA was to be founded to -- quess what -- discuss Internet protocols (as the Internet Voting Technology Alliance), I sent the following email to this list: / List: Announcement ivta.org Internet voting is a case where privacy must be protected, so that arguments to justify losing voter privacy in the good name of security are simply not possible. Which firmly posits security as a protection of privacy -- not as an enemy of privacy -- in the problem-solving assumptions to be considered. In this context, an international team of experts and companies are calling for open discussions on Internet voting technology. A public founding assembly will take place February 28 in Washington D.C. at 9 a.m. Details at http://www.ivta.org / In the discussion that followed, it was clear that the collective mind of the IETF did not want to develop Internet protocols and that the IVTA was a good move to take such subject elsewhere, to an application-specific forum. Of course, this was all before Florida, when "chad" was likely to be seen as a misspelling for something else. So, there is a forum already for discussing Internet voting protocols -- it is the IVTA. The tech list charter is archived at http://www.ivta.org/tech/charter.txt and the archives are at http://www.mail-archive.com/tech@ivta.org/ Needless to say, the IVTA was founded based on some ideas from the IETF, including open peer review as a mechanism of choice for defining Internet protocols and the idea of favoring consensus building ove rmajority decisions. Cheers, Ed Gerck Ed Gerck wrote: > Paul Hoffman / IMC wrote: > > > Ed, why do you insist on advertising your patent-pending voting > > solution on the IETF mailing list? It does not involve any IETF > > protocol work, does it? > > ;-) SMTP, HTML, TLS, PGP, and others, including TCP/IP. > > Pls do not be so bent out of shape by the word "patent". I think we > have a fair proposal for it, which we call FREE patent, and is much the > same as FREE software. > > However, I respect your disagreement. Hope we can meet some day. > > Cheers, > > Ed Gerck > > -
RE: IVTA, Re: internet voting -- ICANN, SmartInitiatives, etc.]
[Pls correct my former msg with the additions of "voting" after "Internet" as given below. Sorry for double posting.] Paul: In the interest of dialogue, I wish to remind you that this thread started yesterday when someone asked what was the IETF doing on voting protocols. Going further back, almost one year ago when the IVTA was to be founded to -- quess what -- discuss Internet voting protocols (as the Internet Voting Technology Alliance), I sent the following email to this list: / List: Announcement ivta.org Internet voting is a case where privacy must be protected, so that arguments to justify losing voter privacy in the good name of security are simply not possible. Which firmly posits security as a protection of privacy -- not as an enemy of privacy -- in the problem-solving assumptions to be considered. In this context, an international team of experts and companies are calling for open discussions on Internet voting technology. A public founding assembly will take place February 28 in Washington D.C. at 9 a.m. Details at http://www.ivta.org / In the discussion that followed, it was clear that the collective mind of the IETF did not want to develop Internet voting protocols and that the IVTA was a good move to take such subject elsewhere, to an application-specific forum. Of course, this was all before Florida, when "chad" was likely to be seen as a misspelling for something else. So, there is a forum already for discussing Internet voting protocols -- it is the IVTA. The tech list charter is archived at http://www.ivta.org/tech/charter.txt and the archives are at http://www.mail-archive.com/tech@ivta.org/ Needless to say, the IVTA was founded based on some ideas from the IETF, including open peer review as a mechanism of choice for defining Internet protocols and the idea of favoring consensus building ove rmajority decisions. Cheers, Ed Gerck Ed Gerck wrote: > Paul Hoffman / IMC wrote: > > > Ed, why do you insist on advertising your patent-pending voting > > solution on the IETF mailing list? It does not involve any IETF > > protocol work, does it? > > ;-) SMTP, HTML, TLS, PGP, and others, including TCP/IP. > > Pls do not be so bent out of shape by the word "patent". I think we > have a fair proposal for it, which we call FREE patent, and is much the > same as FREE software. > > However, I respect your disagreement. Hope we can meet some day. > > Cheers, > > Ed Gerck > > -
