Re: Vote for the Debian Project Leader Election 2005
* Bill Allombert ([EMAIL PROTECTED]) [050411 00:20]: On Tue, Apr 05, 2005 at 07:44:08PM -0600, Wesley J. Landaker wrote: No, that would be stupid. This is why we have a guard against replay attacks. But if the original vote that was signed and posted publicly was never sent in, then there wouldn't be any record of the vote--so if it was sent in at the last minute, devotee would be seeing it for the first time... Packages upload have a simlar issue: if you sign a package and put it on a public server, anyone can upload it to Debian for you, whether you intended it or not (even if it is not in Debian already). The only protection we have is that katie will check if the version is higher than the version in sid. (so don't do that). And that you need an allowed distribution in the changes-file - if you use unstable-private or not-for-katie, katie will also reject it. Cheers, Andi -- http://home.arcor.de/andreas-barth/ PGP 1024/89FB5CE5 DC F1 85 6D A6 45 9C 0F 3B BE F1 D0 C5 D1 D9 0C -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Vote for the Debian Project Leader Election 2005
On Tue, Apr 05, 2005 at 07:44:08PM -0600, Wesley J. Landaker wrote: No, that would be stupid. This is why we have a guard against replay attacks. But if the original vote that was signed and posted publicly was never sent in, then there wouldn't be any record of the vote--so if it was sent in at the last minute, devotee would be seeing it for the first time... Packages upload have a simlar issue: if you sign a package and put it on a public server, anyone can upload it to Debian for you, whether you intended it or not (even if it is not in Debian already). The only protection we have is that katie will check if the version is higher than the version in sid. (so don't do that). Cheers, -- Bill. [EMAIL PROTECTED] Imagine a large red swirl here. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Vote for the Debian Project Leader Election 2005
On Thu, 7 Apr 2005 21:33:56 +0200, Osamu Aoki [EMAIL PROTECTED] said: On Tue, Apr 05, 2005 at 09:12:02PM -0500, Manoj Srivastava wrote: Sure. If people are gonna make signed votes public and not send them in before changing their minds, that can be used to override their decision. So don't do that. Sure :-) But will you in future ballot consider to add 1 line where voter can clearly indicate his vote priority ordering. Something like following line to the ballot section: No. Because that entails additional bookkeeping, and perhaps a change in the work flow for dvt-tally, and make manual eyeballing of the voting much harder, for the dubious return of supporting the use case of people presenting a signed ballot in a public location, and then _not_ sending that ballot in, and sending in a different ordering. And there is no guarantee that people would know how to manage that in any case -- people have trouble with: In the brackets next to your preferred choice, place a 1. Place a 2 in the brackets next to your next choice. Continue till you reach your last choice. Do not enter a number smaller than 1 or larger than 7. You may skip numbers. You may rank options equally (as long as all choices X you make fall in the range 1= X = 7). and send in ballots with [ X ] Option . I have no stomach for dealing with ballots made even more complex. There are some things that should not be done. This use case is one of them. If you have published a ballot, send it to devotee anyway. If you change your mind, you can do that too -- and let devotee know that as well. manoj -- Why can't we ever attempt to solve a problem in this country without having a 'War' on it? -- Rich Thomson, talk.politics.misc Manoj Srivastava [EMAIL PROTECTED] http://www.debian.org/%7Esrivasta/ 1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Vote for the Debian Project Leader Election 2005
On Mon, 4 Apr 2005 10:18:26 +0100, Matthew Garrett [EMAIL PROTECTED] said: Manoj Srivastava [EMAIL PROTECTED] wrote: On Fri, 25 Mar 2005 04:15:22 +, Matthew Garrett [EMAIL PROTECTED] said: - I'm not sure if it insists that the order of signing is consistent with the order of receipt. Umm, I am not sure I understand what this means. If I sign three votes over the course of a day and then send them in reverse order, will the votes that were signed earlier be accepted even if they were sent later? Sure. As far as devotee is concerned, the ordering when the ballots were received is the only one that matters. Since email ordering is not guaranteed, you may wish to wait for devotee's ack is you are firing off multiple ballots. manoj -- Getting into trouble is easy. Winkel and F. Prosser Manoj Srivastava [EMAIL PROTECTED] http://www.debian.org/%7Esrivasta/ 1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Vote for the Debian Project Leader Election 2005
On Tuesday 05 April 2005 19:29, Manoj Srivastava wrote: On Mon, 4 Apr 2005 10:18:26 +0100, Matthew Garrett [EMAIL PROTECTED] said: If I sign three votes over the course of a day and then send them in reverse order, will the votes that were signed earlier be accepted even if they were sent later? Sure. As far as devotee is concerned, the ordering when the ballots were received is the only one that matters. Since email ordering is not guaranteed, you may wish to wait for devotee's ack is you are firing off multiple ballots. So any signed vote made public can be used to override any later decision by the voter in question by replaying the publicised mail and signature. Regards, David -- - hallo... wie gehts heute? - *hust* gut *rotz* *keuch* - gott sei dank kommunizieren wir über ein septisches medium ;) -- Matthias Leeb, Uni f. angewandte Kunst, 2005-02-15
Re: Vote for the Debian Project Leader Election 2005
On Tue, 5 Apr 2005 21:38:51 +0200, David Schmitt [EMAIL PROTECTED] said: On Tuesday 05 April 2005 19:29, Manoj Srivastava wrote: On Mon, 4 Apr 2005 10:18:26 +0100, Matthew Garrett [EMAIL PROTECTED] said: If I sign three votes over the course of a day and then send them in reverse order, will the votes that were signed earlier be accepted even if they were sent later? Sure. As far as devotee is concerned, the ordering when the ballots were received is the only one that matters. Since email ordering is not guaranteed, you may wish to wait for devotee's ack is you are firing off multiple ballots. So any signed vote made public can be used to override any later decision by the voter in question by replaying the publicised mail and signature. No, that would be stupid. This is why we have a guard against replay attacks. manoj -- Rage, rage, against the dying of the light! Dylan Thomas Manoj Srivastava [EMAIL PROTECTED] http://www.debian.org/%7Esrivasta/ 1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Vote for the Debian Project Leader Election 2005
On Tuesday 05 April 2005 19:29, Manoj Srivastava wrote: On Tue, 5 Apr 2005 21:38:51 +0200, David Schmitt [EMAIL PROTECTED] said: On Tuesday 05 April 2005 19:29, Manoj Srivastava wrote: On Mon, 4 Apr 2005 10:18:26 +0100, Matthew Garrett [EMAIL PROTECTED] said: If I sign three votes over the course of a day and then send them in reverse order, will the votes that were signed earlier be accepted even if they were sent later? Sure. As far as devotee is concerned, the ordering when the ballots were received is the only one that matters. Since email ordering is not guaranteed, you may wish to wait for devotee's ack is you are firing off multiple ballots. So any signed vote made public can be used to override any later decision by the voter in question by replaying the publicised mail and signature. No, that would be stupid. This is why we have a guard against replay attacks. But if the original vote that was signed and posted publicly was never sent in, then there wouldn't be any record of the vote--so if it was sent in at the last minute, devotee would be seeing it for the first time... -- Wesley J. Landaker [EMAIL PROTECTED] OpenPGP FP: 4135 2A3B 4726 ACC5 9094 0097 F0A9 8A4C 4CD6 E3D2 pgpwsPQdJIxiz.pgp Description: PGP signature
Re: Vote for the Debian Project Leader Election 2005
On Tue, 5 Apr 2005 19:44:08 -0600, Wesley J Landaker [EMAIL PROTECTED] said: On Tuesday 05 April 2005 19:29, Manoj Srivastava wrote: On Tue, 5 Apr 2005 21:38:51 +0200, David Schmitt [EMAIL PROTECTED] said: On Tuesday 05 April 2005 19:29, Manoj Srivastava wrote: On Mon, 4 Apr 2005 10:18:26 +0100, Matthew Garrett [EMAIL PROTECTED] said: If I sign three votes over the course of a day and then send them in reverse order, will the votes that were signed earlier be accepted even if they were sent later? Sure. As far as devotee is concerned, the ordering when the ballots were received is the only one that matters. Since email ordering is not guaranteed, you may wish to wait for devotee's ack is you are firing off multiple ballots. So any signed vote made public can be used to override any later decision by the voter in question by replaying the publicised mail and signature. No, that would be stupid. This is why we have a guard against replay attacks. But if the original vote that was signed and posted publicly was never sent in, then there wouldn't be any record of the vote--so if it was sent in at the last minute, devotee would be seeing it for the first time... Sure. If people are gonna make signed votes public and not send them in before changing their minds, that can be used to override their decision. So don't do that. manoj -- I have a TINY BOWL in my HEAD Manoj Srivastava [EMAIL PROTECTED] http://www.debian.org/%7Esrivasta/ 1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Vote for the Debian Project Leader Election 2005
On Sun, 27 Mar 2005 09:12:36 +0200, Sven Luther [EMAIL PROTECTED] said: Well, you have just to check the devotee code is doing what it is supposed to do, and that this is the actual code running on the actual ballots, you don't really need to look at the ballots. Since the devotee code is supposed to be deterministic, and always produce the same result for a determined set of votes independently of vote order and timing. If not we would have a serious problem, which we supposedly solved duing the vote method discussion back then. That is not true. If a person votes 5 times, and all of them differently, the way the vote is counted is not independent of vote order. manoj -- If fifty million people say a foolish thing, it's still a foolish thing. Bertrand Russell Manoj Srivastava [EMAIL PROTECTED] http://www.debian.org/%7Esrivasta/ 1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Vote for the Debian Project Leader Election 2005
On Fri, 25 Mar 2005 04:15:22 +, Matthew Garrett [EMAIL PROTECTED] said: Matthew Palmer [EMAIL PROTECTED] wrote: I think that Wesley may be thinking more along the lines of a simple replay attack -- if you *do* change your mind, your earlier (publically posted) ballot can be fed back into the system again, to reset your preferences to those you originally chose. I /believe/ that there's a replay cache to prevent a naive replay attack Umm, it does have a replay cache. How does a sophisticated replay attack differ from a naive one? - I'm not sure if it insists that the order of signing is consistent with the order of receipt. Umm, I am not sure I understand what this means. manoj -- Coward, n.: One who in a perilous emergency thinks with his legs. Ambrose Bierce, The Devil's Dictionary Manoj Srivastava [EMAIL PROTECTED] http://www.debian.org/%7Esrivasta/ 1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Vote for the Debian Project Leader Election 2005
On Mon, Apr 04, 2005 at 01:38:09AM -0500, Manoj Srivastava wrote: On Sun, 27 Mar 2005 09:12:36 +0200, Sven Luther [EMAIL PROTECTED] said: Well, you have just to check the devotee code is doing what it is supposed to do, and that this is the actual code running on the actual ballots, you don't really need to look at the ballots. Since the devotee code is supposed to be deterministic, and always produce the same result for a determined set of votes independently of vote order and timing. If not we would have a serious problem, which we supposedly solved duing the vote method discussion back then. That is not true. If a person votes 5 times, and all of them differently, the way the vote is counted is not independent of vote order. A true, but obviously it is independent on order of the last votes of any one person :) Friendly, Sven Luther -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Vote for the Debian Project Leader Election 2005
Hamish Moffatt wrote: On Fri, Mar 25, 2005 at 09:34:35AM +0100, Emmanuel le Chevoir wrote: Emmanuel le Chevoir a écrit : - - -=-=-=-=-=- Don't Delete Anything Between These Lines =-=-=-=-=-=-=-=- 46348448-74a5-40ae-a651-49704435ae8c - - -=-=-=-=-=- Don't Delete Anything Between These Lines =-=-=-=-=-=-=-=- I'm so sorry for that one, that was a really stupid mistake. The good thing is that is received quite a bunch of interesting replies, along with a few (well deserved) criticisms. Again, sorry for beeing such an idiot :/ Does that mean you improved your vote also? ;-) I'm lost, what was wrong with his vote? -- John H. Robinson, IV [EMAIL PROTECTED] http WARNING: I cannot be held responsible for the above, sbih.org ( )(:[ as apparently my cats have learned how to type. spiders.html -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Vote for the Debian Project Leader Election 2005
On Mon, Mar 28, 2005 at 09:16:21AM -0800, John H. Robinson, IV wrote: Hamish Moffatt wrote: On Fri, Mar 25, 2005 at 09:34:35AM +0100, Emmanuel le Chevoir wrote: Emmanuel le Chevoir a ?crit : - - -=-=-=-=-=- Don't Delete Anything Between These Lines =-=-=-=-=-=-=-=- 46348448-74a5-40ae-a651-49704435ae8c - - -=-=-=-=-=- Don't Delete Anything Between These Lines =-=-=-=-=-=-=-=- I'm so sorry for that one, that was a really stupid mistake. The good thing is that is received quite a bunch of interesting replies, along with a few (well deserved) criticisms. Again, sorry for beeing such an idiot :/ Does that mean you improved your vote also? ;-) I'm lost, what was wrong with his vote? I'd guess the fact that he voted Jonathan Walther above NOTA is the point of interest there. I wonder how much of the electorate votes based solely on platforms, nowadays, rather than personal knowledge of the candidates? -- Steve Langasek postmodern programmer signature.asc Description: Digital signature
Re: Vote for the Debian Project Leader Election 2005
On Mon, Mar 28, 2005 at 09:16:21AM -0800, John H. Robinson, IV wrote: Hamish Moffatt wrote: On Fri, Mar 25, 2005 at 09:34:35AM +0100, Emmanuel le Chevoir wrote: Again, sorry for beeing such an idiot :/ Does that mean you improved your vote also? ;-) I'm lost, what was wrong with his vote? Whether or not there is something wrong with his vote depends on how you feel about certain candidates. I believe Hamish comment refers to how Emmanuel ranked some candidates over others. -- gram -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Vote for the Debian Project Leader Election 2005
On Fri, Mar 25, 2005 at 09:34:35AM +0100, Emmanuel le Chevoir wrote: Emmanuel le Chevoir a écrit : - - -=-=-=-=-=- Don't Delete Anything Between These Lines =-=-=-=-=-=-=-=- 46348448-74a5-40ae-a651-49704435ae8c - - -=-=-=-=-=- Don't Delete Anything Between These Lines =-=-=-=-=-=-=-=- I'm so sorry for that one, that was a really stupid mistake. The good thing is that is received quite a bunch of interesting replies, along with a few (well deserved) criticisms. Again, sorry for beeing such an idiot :/ Does that mean you improved your vote also? ;-) Hamish -- Hamish Moffatt VK3SB [EMAIL PROTECTED] [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Vote for the Debian Project Leader Election 2005
On Fri, Mar 25, 2005 at 07:06:34AM +0100, David N. Welton wrote: MJ Ray [EMAIL PROTECTED] writes: [EMAIL PROTECTED] (David N. Welton) wrote: Just to be clear, nothing against Anthony Towns. I think he'd do alright as DPL. Sounds like you've asked a few people and are now hedging your bets! Nope, my comments had nothing to do with him. I'd like to make that very clear. I believe it is evident of everyone who followed this list who was the surprising one. Friendly, Sven Luther -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Vote for the Debian Project Leader Election 2005
On Fri, Mar 25, 2005 at 03:52:42PM +1000, Anthony Towns wrote: Antti-Juhani Kaijanaho wrote: On 20050325T002711+0100, Jeroen van Wolffelaar wrote: Eh, the buyer can demand proof, the same proof a voter has to verify his vote is tallied: ask the secret token. Ouch. Nasty. Bad. (This is one of the reasons why real elections have partisan observers present in vote counting: you cannot give the voter proof of his vote being counted, so you need another way to ensure public trust in the process.) Yup; but conversely, we can't really manage that in Debian -- we'd have to have partisan observers monitoring the adminning of vote.debian.org's mail handling for three weeks, while at the same time not letting them see the non-anonymized votes. Well, you have just to check the devotee code is doing what it is supposed to do, and that this is the actual code running on the actual ballots, you don't really need to look at the ballots. Since the devotee code is supposed to be deterministic, and always produce the same result for a determined set of votes independently of vote order and timing. If not we would have a serious problem, which we supposedly solved duing the vote method discussion back then. Friendly, Sven Luther -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Vote for the Debian Project Leader Election 2005
Emmanuel le Chevoir a écrit : - - -=-=-=-=-=- Don't Delete Anything Between These Lines =-=-=-=-=-=-=-=- 46348448-74a5-40ae-a651-49704435ae8c - - -=-=-=-=-=- Don't Delete Anything Between These Lines =-=-=-=-=-=-=-=- I'm so sorry for that one, that was a really stupid mistake. The good thing is that is received quite a bunch of interesting replies, along with a few (well deserved) criticisms. Again, sorry for beeing such an idiot :/ -- Emmanuel le Chevoir -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Vote for the Debian Project Leader Election 2005
[EMAIL PROTECTED] wrote: I'm amazed at how little people seem to have done to inform themselves about all the candidates, myself. Just because people vote in a way that you might not does not mean they are uninformed. Indeed, it's a polite way to say that they are morons. g -- ciao, Marco -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Vote for the Debian Project Leader Election 2005
Op do, 24-03-2005 te 17:23 -0700, schreef Wesley J Landaker: On Thursday, 24 March 2005 16:52, Roger Leigh wrote: [EMAIL PROTECTED] (David N. Welton) writes: Steve Kemp [EMAIL PROTECTED] writes: On Thu, Mar 24, 2005 at 09:12:51PM +0100, David N. Welton wrote: I'm amazed at how little people seem to have done to inform themselves about all the candidates, myself. Just because people vote in a way that you might not does not mean they are uninformed. I'm not convinced. Happily, the OP still has a chance to change his mind ;-) Unless someone else sends in his already signed ballot... Even if someone else does. You can supersede your vote at any time until the vote period is over. -- EARTH smog | bricks AIR -- mud -- FIRE soda water | tequila WATER -- with thanks to fortune -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Vote for the Debian Project Leader Election 2005
Well... So much for: 1) secret ballots 2) reading directions On Thu, Mar 24, 2005 at 08:44:29PM +0100, Emmanuel le Chevoir wrote: - - -=-=-=-=-=- Don't Delete Anything Between These Lines =-=-=-=-=-=-=-=- 46348448-74a5-40ae-a651-49704435ae8c [ 3 ] Choice 1: Jonathan Walther [ 6 ] Choice 2: Matthew Garrett [ 2 ] Choice 3: Branden Robinson [ 1 ] Choice 4: Anthony Towns [ 5 ] Choice 5: Angus Lees [ 4 ] Choice 6: Andreas Schuldei [ ] Choice 7: None Of The Above - - -=-=-=-=-=- Don't Delete Anything Between These Lines =-=-=-=-=-=-=-=- -- Emmanuel le Chevoir -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Vote for the Debian Project Leader Election 2005
Hi John Goerzen wrote: Well... So much for: 1) secret ballots 2) reading directions You should mail it signed, but not encrypted to [EMAIL PROTECTED] You might have the same problem [0] as some others [1] [2] [3]. You'll be listed [4] as a unique voter [5] if your vote arrives. Cheers Luk [0] http://lists.debian.org/debian-vote/2005/03/msg00835.html [1] http://lists.debian.org/debian-vote/2005/03/msg00822.html [2] http://lists.debian.org/debian-vote/2005/03/msg00844.html [3] http://lists.debian.org/debian-vote/2005/03/msg00850.html [4] http://master.debian.org/~srivasta/leader2005.html [5] http://master.debian.org/~srivasta/leader2005_voters.txt -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Vote for the Debian Project Leader Election 2005
John Goerzen wrote: Well... So much for: 1) secret ballots 2) reading directions Reading is a lost art nowadays. -- Michael Weber I'm also quite appalled by the vote. *sigh* Regards, Joey -- No question is too silly to ask, but, of course, some are too silly to answer. -- Perl book -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Vote for the Debian Project Leader Election 2005
I'm amazed at how little people seem to have done to inform themselves about all the candidates, myself. -- David N. Welton - http://www.dedasys.com/davidw/ Apache, Linux, Tcl Consulting - http://www.dedasys.com/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Vote for the Debian Project Leader Election 2005
On Thu, Mar 24, 2005 at 09:12:51PM +0100, David N. Welton wrote: I'm amazed at how little people seem to have done to inform themselves about all the candidates, myself. Just because people vote in a way that you might not does not mean they are uninformed. It just means we are all looking for different things from our new overlord... Steve -- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Vote for the Debian Project Leader Election 2005
Steve Kemp [EMAIL PROTECTED] writes: On Thu, Mar 24, 2005 at 09:12:51PM +0100, David N. Welton wrote: I'm amazed at how little people seem to have done to inform themselves about all the candidates, myself. Just because people vote in a way that you might not does not mean they are uninformed. I'm not convinced. -- David N. Welton - http://www.dedasys.com/davidw/ Apache, Linux, Tcl Consulting - http://www.dedasys.com/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Vote for the Debian Project Leader Election 2005
On 20050324T135006-0600, John Goerzen wrote: Well... So much for: 1) secret ballots Secret ballots mean that the actual ballots are never published by the secretary. It does not mean that voters are not allowed to make their choice public (or to claim they voted in a particular way, despite having voted differently). The point of a secret vote is to make sure vote buying is ineffective, since under secret ballots the buyer is unable to verify that the voter actually cast the ballot he or she claimed to have cast; and that point is preserved even if some of us publish our (real or fake, you can't tell) choices. -- Antti-Juhani Kaijanaho, Debian developer http://kaijanaho.info/antti-juhani/blog/en/debian signature.asc Description: Digital signature
Re: Vote for the Debian Project Leader Election 2005
On Fri, Mar 25, 2005 at 01:13:49AM +0200, Antti-Juhani Kaijanaho wrote: The point of a secret vote is to make sure vote buying is ineffective, since under secret ballots the buyer is unable to verify that the voter actually cast the ballot he or she claimed to have cast; and that point is preserved even if some of us publish our (real or fake, you can't tell) choices. Eh, the buyer can demand proof, the same proof a voter has to verify his vote is tallied: ask the secret token. Assuming md5 is a strong hash, this way a voter can prove his/her ballot if (s)he wishes to publicly (or privately) show to have voted in a given way. As far as I know, the real reason is to enable it for people to vote without worrying to hurt a person (DPL-candidate), for example that one ranks a friend quite low because one doesn't think he'd make a good DPL. Voting for people is necessarily a more personal affair than voting for something more abstract like a GR about the constitution. --Jeroen -- Jeroen van Wolffelaar [EMAIL PROTECTED] (also for Jabber MSN; ICQ: 33944357) http://Jeroen.A-Eskwadraat.nl
Re: Vote for the Debian Project Leader Election 2005
[EMAIL PROTECTED] (David N. Welton) wrote: Just to be clear, nothing against Anthony Towns. I think he'd do alright as DPL. Sounds like you've asked a few people and are now hedging your bets! -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Vote for the Debian Project Leader Election 2005
On 20050325T002711+0100, Jeroen van Wolffelaar wrote: Eh, the buyer can demand proof, the same proof a voter has to verify his vote is tallied: ask the secret token. Assuming md5 is a strong hash, this way a voter can prove his/her ballot if (s)he wishes to publicly (or privately) show to have voted in a given way. Ouch. Nasty. Bad. (This is one of the reasons why real elections have partisan observers present in vote counting: you cannot give the voter proof of his vote being counted, so you need another way to ensure public trust in the process.) As far as I know, the real reason is to enable it for people to vote without worrying to hurt a person (DPL-candidate), for example that one ranks a friend quite low because one doesn't think he'd make a good DPL. Voting for people is necessarily a more personal affair than voting for something more abstract like a GR about the constitution. Sure, and that is a good argument for this kind of secrecy. However, the reason I gave is the reason secret ballots are a requirement in democratic government. (I include in vote buying the nastier practices of blackmail and duress.) -- Antti-Juhani Kaijanaho, Debian developer http://kaijanaho.info/antti-juhani/blog/en/debian signature.asc Description: Digital signature
Re: Vote for the Debian Project Leader Election 2005
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [EMAIL PROTECTED] (David N. Welton) writes: Steve Kemp [EMAIL PROTECTED] writes: On Thu, Mar 24, 2005 at 09:12:51PM +0100, David N. Welton wrote: I'm amazed at how little people seem to have done to inform themselves about all the candidates, myself. Just because people vote in a way that you might not does not mean they are uninformed. I'm not convinced. Happily, the OP still has a chance to change his mind ;-) - -- Roger Leigh Printing on GNU/Linux? http://gimp-print.sourceforge.net/ Debian GNU/Linuxhttp://www.debian.org/ GPG Public Key: 0x25BFB848. Please sign and encrypt your mail. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.0 (GNU/Linux) Comment: Processed by Mailcrypt 3.5.8 http://mailcrypt.sourceforge.net/ iD8DBQFCQ1KiVcFcaSW/uEgRAgO3AKDbUXAKx/VJoHEMtpqm6jPUmZESEwCgpc6v 4gTEQsOTnyKrMFXw/0IUxuw= =5+aN -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Vote for the Debian Project Leader Election 2005
On Thursday, 24 March 2005 16:52, Roger Leigh wrote: [EMAIL PROTECTED] (David N. Welton) writes: Steve Kemp [EMAIL PROTECTED] writes: On Thu, Mar 24, 2005 at 09:12:51PM +0100, David N. Welton wrote: I'm amazed at how little people seem to have done to inform themselves about all the candidates, myself. Just because people vote in a way that you might not does not mean they are uninformed. I'm not convinced. Happily, the OP still has a chance to change his mind ;-) Unless someone else sends in his already signed ballot... -- Wesley J. Landaker [EMAIL PROTECTED] OpenPGP FP: 4135 2A3B 4726 ACC5 9094 0097 F0A9 8A4C 4CD6 E3D2 pgp6QwC2UOa7a.pgp Description: PGP signature
Re: Vote for the Debian Project Leader Election 2005
Wesley J Landaker [EMAIL PROTECTED] wrote: On Thursday, 24 March 2005 16:52, Roger Leigh wrote: Happily, the OP still has a chance to change his mind ;-) Unless someone else sends in his already signed ballot... You can send in multiple ballots. Only the last one will count. As a result, you're free to change your mind up until the deadline. Possibly this should be more widely publicised? -- Matthew Garrett | [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Vote for the Debian Project Leader Election 2005
On Fri, Mar 25, 2005 at 02:57:43AM +, Matthew Garrett wrote: Wesley J Landaker [EMAIL PROTECTED] wrote: On Thursday, 24 March 2005 16:52, Roger Leigh wrote: Happily, the OP still has a chance to change his mind ;-) Unless someone else sends in his already signed ballot... You can send in multiple ballots. Only the last one will count. As a result, you're free to change your mind up until the deadline. I think that Wesley may be thinking more along the lines of a simple replay attack -- if you *do* change your mind, your earlier (publically posted) ballot can be fed back into the system again, to reset your preferences to those you originally chose. Since the voter gets a return e-mail, they'd likely know about it, but if the attacker was clever and threw your ballot in right before the deadline, you wouldn't have enough time to correct it, and would need to bother Manoj to get it sorted out. - Matt signature.asc Description: Digital signature
Re: Vote for the Debian Project Leader Election 2005
On Thursday, 24 March 2005 19:57, Matthew Garrett wrote: Wesley J Landaker [EMAIL PROTECTED] wrote: On Thursday, 24 March 2005 16:52, Roger Leigh wrote: Happily, the OP still has a chance to change his mind ;-) Unless someone else sends in his already signed ballot... You can send in multiple ballots. Only the last one will count. As a result, you're free to change your mind up until the deadline. Possibly this should be more widely publicised? Ah, well, that's good to know! Now I have time to change my mind as well... ;) -- Wesley J. Landaker [EMAIL PROTECTED] OpenPGP FP: 4135 2A3B 4726 ACC5 9094 0097 F0A9 8A4C 4CD6 E3D2 pgpLNvEq8Lyse.pgp Description: PGP signature
Re: Vote for the Debian Project Leader Election 2005
On Thursday, 24 March 2005 20:15, Matthew Palmer wrote: On Fri, Mar 25, 2005 at 02:57:43AM +, Matthew Garrett wrote: Wesley J Landaker [EMAIL PROTECTED] wrote: On Thursday, 24 March 2005 16:52, Roger Leigh wrote: Happily, the OP still has a chance to change his mind ;-) Unless someone else sends in his already signed ballot... You can send in multiple ballots. Only the last one will count. As a result, you're free to change your mind up until the deadline. I think that Wesley may be thinking more along the lines of a simple replay attack -- if you *do* change your mind, your earlier (publically posted) ballot can be fed back into the system again, to reset your preferences to those you originally chose. Actually, I was thinking of replay, but was thinking in terms of the system only accepting one vote, but since it accepts it more than ones, this is also an attack... of course, it's irrelevent if you never change your mind. (= Since the voter gets a return e-mail, they'd likely know about it, but if the attacker was clever and threw your ballot in right before the deadline, you wouldn't have enough time to correct it, and would need to bother Manoj to get it sorted out. Yeah, it seems this would be possible in the current system. One way to work around this would be to reject vote e-mails that are identical to ones seen before (say, save a md5sum of the signed portion of the e-mail, *including* the GPG signature block). -- Wesley J. Landaker [EMAIL PROTECTED] OpenPGP FP: 4135 2A3B 4726 ACC5 9094 0097 F0A9 8A4C 4CD6 E3D2 pgptzLOfiXbhV.pgp Description: PGP signature
Re: Vote for the Debian Project Leader Election 2005
Matthew Palmer [EMAIL PROTECTED] wrote: I think that Wesley may be thinking more along the lines of a simple replay attack -- if you *do* change your mind, your earlier (publically posted) ballot can be fed back into the system again, to reset your preferences to those you originally chose. I /believe/ that there's a replay cache to prevent a naive replay attack - I'm not sure if it insists that the order of signing is consistent with the order of receipt. -- Matthew Garrett | [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Vote for the Debian Project Leader Election 2005
* Wesley J Landaker [Thu, 24 Mar 2005 20:23:34 -0700]: On Thursday, 24 March 2005 20:15, Matthew Palmer wrote: Since the voter gets a return e-mail, they'd likely know about it, but if the attacker was clever and threw your ballot in right before the deadline, you wouldn't have enough time to correct it, and would need to bother Manoj to get it sorted out. Yeah, it seems this would be possible in the current system. One way to work around this would be to reject vote e-mails that are identical to ones seen before (say, save a md5sum of the signed portion of the e-mail, *including* the GPG signature block). I've been told on IRC that devotee currently has such a replay-guard mechanism. Perhaps Manoj can confirm, and comment a bit about the implemented safeguards? (Or point to the relevant explanation pages, of course.) -- Adeodato Simó EM: asp16 [ykwim] alu.ua.es | PK: DA6AE621 Algebraic symbols are used when you do not know what you are talking about. -- Philippe Schnoebelen -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Vote for the Debian Project Leader Election 2005
Antti-Juhani Kaijanaho wrote: On 20050325T002711+0100, Jeroen van Wolffelaar wrote: Eh, the buyer can demand proof, the same proof a voter has to verify his vote is tallied: ask the secret token. Ouch. Nasty. Bad. (This is one of the reasons why real elections have partisan observers present in vote counting: you cannot give the voter proof of his vote being counted, so you need another way to ensure public trust in the process.) Yup; but conversely, we can't really manage that in Debian -- we'd have to have partisan observers monitoring the adminning of vote.debian.org's mail handling for three weeks, while at the same time not letting them see the non-anonymized votes. Sure, and that is a good argument for this kind of secrecy. AFAICS, you can only choose one of directly check the vote counters are doing the right thing with your vote and be unable to sell your vote. There're too many weird possibilities (especially when you add timing into it) for me to prove that though :) For those playing along at home, the 1999 election was an example of the latter priority; the 2001 election was an (accidental) example of an entirely non-secret leadership ballot. Cheers, aj -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Vote for the Debian Project Leader Election 2005
MJ Ray [EMAIL PROTECTED] writes: [EMAIL PROTECTED] (David N. Welton) wrote: Just to be clear, nothing against Anthony Towns. I think he'd do alright as DPL. Sounds like you've asked a few people and are now hedging your bets! Nope, my comments had nothing to do with him. I'd like to make that very clear. -- David N. Welton - http://www.dedasys.com/davidw/ Apache, Linux, Tcl Consulting - http://www.dedasys.com/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]