* Jason Gunthorpe <[EMAIL PROTECTED]> [010331 13:56]: > Sounds like the PGP signature ID, date and key fingerprint tuple is what > you want, all hashed together probably.
What is a PGP signature ID? What date should be included? The date of signing, or the date of sending? (For those folks who limit gpg/pgp actions to a machine not on a network out of paranoia or intellegence, take your pick. :) The idea I like the most so far is the 'user-supplied random nonce' idea. I like this idea because using a collection of other data (I had thought a hash of the ballot itself with some random stuff within the ballot would be a good idea) is liable to failure because stupid email systems manage to molest email in the strangest fashion: "From " to ">From ", etc. Putting random data in the ballot runs the risk of changing the ballot too much. (Using the ascii armor format of gpg/pgp would likely be a Good Idea in this case, which would allow for better methods than the user-supplied random nonce. Is the ascii armor format required/suggested/possible?) The advantages of simply slapping a new piece on the side of our current system as opposed to implementing one of the methods in Schneier is that debvote already exists and seems to work. Perhaps when the voting-methods crew is done, implementing the system using a protocol from Schneier might be reasonable if the current debvote system couldn't be easily extended to whatever system voting-methods comes up with. -- Earthlink: The #1 provider of unsolicited bulk email to the Internet.
