Re: [ALSC-Forum] [fwd] Electronic election studies

[Hans Klein]

Those studies are at:

http://www.atlargestudy.org/studies_list.shtml  




At 10:04 AM 5/18/01 +0200, Thomas Roessler wrote:
>
>For the record, I'm forwarding my comments on the electronic 
>election studies which have apparently been posted to the ALSC web 
>site to this list.
>
>----- Forwarded message -----
>
>From: Thomas Roessler <roessler@does-not-exist.org>
>To: Danny Younger <webmaster@babybows.com>
>Cc: ga-ext@dnso.org, andy@ccc.de, karl@cavebear.com
>Date: Fri, 18 May 2001 10:02:45 +0200
>Subject: Re: [ga-ext] On-Line Voting
>Mail-Followup-To: Danny Younger <webmaster@babybows.com>, ga-ext@dnso.org,
>	andy@ccc.de, karl@cavebear.com
>
>[Electronic election studies on the ALSC web site.]
>
>On 2001-05-17 19:00:21 -0400, Danny Younger wrote:
>
>>Both of these studies imply that on-line elections are not 
>>technologically feasible at this time.  I am worried that if the 
>>ALSC does not itself commission a study on how to actually make 
>>such elections feasible, the currently cited arguments might 
>>prevail in the absence of countervailing studies.
>
>I wouldn't expect that you get countervailing studies of real weight 
>when the same set of questions is asked.
>
>However, the question you should really ask yourself when looking at 
>his paper is this: From where is he starting?  From where are we 
>starting?
>
>Rubin's topic is to investigate the suitability of Internet voting 
>as a replacement for a system which is perceived as highly secure 
>and stable, and thought to be well understood.  (Or, maybe, which 
>used to be regarded that way before the Great Reocunt. ;) 
>
>That is, he asks whether electronic elections should be performed 
>INSTEAD of traditional elections.  He does NOT suggest that no 
>elections at all should be held because they are insecure!
>
>The ICANN situation is vastly different: To begin with, a dismissal 
>of electronic elections would mean that there are no elections at 
>all.  Thus, the question the ALSC should ask is not: Can electronic 
>elections be made so perfect that they can replace traditional 
>elections? - But: Can electronic elections be performed well enough 
>so we can kind of accept their results?  Not: Is it better than the 
>system we already have? - But: Is it good enough so we can do it at 
>all?
>
>Obviously, this question could easily lead to different conclusions, 
>based on the very same facts as, say, Rubin's paper.
>
>>As I believe that ICANN does escrow worldwide registrant data, it 
>>should (in my uninformed opinion) be possible to send an encrypted 
>>time-sensitive one-time-use email to every registrant worldwide as 
>>an election ballot.  Is this within the realm of possibility?
>
>There isn't any strong e-mail encryption technology which has been 
>deployed down to the last registrant.
>
>Also, there is still not much cryptographic authentication of 
>registrants or contacts being done - I know of one ccTLD which 
>accepts requests via telefax or letter only, and considers 
>signatures (as in: pen on paper) on these faxes or letters as 
>sufficient authentication. (Bad enough, they only have a sample of 
>the admin contact's signature, but let the tech contact do critical 
>changes to the domain.  Ups.) Of course, this ccTLD doesn't have any 
>cryptographic keys from registrants.
>
>Finally, the registrant data isn't collected securely, so all 
>concerns about secure voter registration would persist.
>
>(Hell, there is less verification done on gtld domain name holders 
>than on ICANN voters last year.)
>
>Your proposal would lead nowhere.
>
>-- 
>Thomas Roessler                        http://log.does-not-exist.org/
>
>----- End forwarded message -----
>
>-- 
>Thomas Roessler                        http://log.does-not-exist.org/
>