* Manoj Srivastava <[EMAIL PROTECTED]> [010403 21:58]: > It is simple enough. If the passowrd string is missing, then > the advertised default could be to put the gpg id as the password. > The user supplied string is not allowed to have a [EMAIL PROTECTED] char.. > > In this case, would we still need the hash?
I think the hash would be preferable since it includes the vote itself as well as the private information. I can't put my finger on why I like this, but I do. Also, any voters who forget to put in random data will (perhaps against their desire) have their name matched with their vote. The hash will prevent disclosure -- the voter must perform extra work in order to advertise his or her vote by supplying their secret and the server's secret. (Or their gpg/pgp signed vote, if we like taking people at their word, which I think we do.) -- Earthlink: The #1 provider of unsolicited bulk email to the Internet.
