"Steven M. Bellovin" wrote:
In message [EMAIL PROTECTED], Ed Gerck writes:
Handling bugs is the major problem IMO (looks like we also agree here)
after DDoS, privacy, security, integrity, etc are handled (which are
not a small task, either). But this might not be so hard after all.
the bggest problems with security ssytems are generally 90% to do with
design errors at level 10 (human, not policitcal, economic,
application, transport etc)
it would be interestign to run a _real_ experiment in 3 types of
voting (comuter based, networked computer based and traiditional) and
In message [EMAIL PROTECTED], Jon Crowcroft writes:
the bggest problems with security ssytems are generally 90% to do with
design errors at level 10 (human, not policitcal, economic,
application, transport etc)
Mostly right, though one shouldn't rule out the possibility of layer
10-inspired
Jon Crowcroft wrote:
the bggest problems with security ssytems are generally 90% to do with
design errors at level 10 (human, not policitcal, economic,
application, transport etc)
Explorers of any kind oftentimes are led to believe in monsters at the
"end of the sea", but not all of them
"Steven M. Bellovin" wrote:
In message [EMAIL PROTECTED], Jon Crowcroft writes:
the bggest problems with security ssytems are generally 90% to do with
design errors at level 10 (human, not policitcal, economic,
application, transport etc)
Mostly right, though one shouldn't rule out
In message [EMAIL PROTECTED], Ed Gerck writes:
Bugs, however, can be either fixed or avoided.
This is the fundamental point where we differ -- the former is
difficult and itself bug-prone, and the latter is impossible in a
system of any realistic size.
--Steve Bellovin,
"Steven M. Bellovin" wrote:
In message [EMAIL PROTECTED], Ed Gerck writes:
Bugs, however, can be either fixed or avoided.
This is the fundamental point where we differ -- the former is
difficult and itself bug-prone, and the latter is impossible in a
system of any realistic size.
What is it about the IETF list that draws people who demonstrate
disinterest in the common meanings of our jargon (e.g. "bug," "denial
of service," "digital," and "analog") but nevertheless try to sell us
technology** using those words?
For example, if Mr. Gerck understood "bug" or "database" as
Vernon Schryver wrote:
For example, if Mr. Gerck understood "bug" or "database" as most of us
do, he wouldn't talk about a "database paradigm" as a panacea against
bugs. He would know that the phrase "database paradigm" is quite
evocative, but not in a good way. If he meant familiar
From: Ed Gerck [EMAIL PROTECTED]
For example, if Mr. Gerck understood "bug" or "database" as most of us
do, he wouldn't talk about a "database paradigm" as a panacea against
bugs. He would know that the phrase "database paradigm" is quite
evocative, but not in a good way. If he meant
In message [EMAIL PROTECTED], Ed Gerck writes:
Handling bugs is the major problem IMO (looks like we also agree here)
after DDoS, privacy, security, integrity, etc are handled (which are
not a small task, either). But this might not be so hard after all. Yes,
an election is a
"Steven M. Bellovin" wrote:
In message [EMAIL PROTECTED], Ed Gerck writes:
Handling bugs is the major problem IMO (looks like we also agree here)
after DDoS, privacy, security, integrity, etc are handled (which are
not a small task, either). But this might not be so hard after all.
Ed, why do you insist on advertising your patent-pending voting
solution on the IETF mailing list? It does not involve any IETF
protocol work, does it?
--Paul Hoffman, Director
--Internet Mail Consortium
Paul Hoffman / IMC wrote:
Ed, why do you insist on advertising your patent-pending voting
solution on the IETF mailing list? It does not involve any IETF
protocol work, does it?
;-) SMTP, HTML, TLS, PGP, and others, including TCP/IP.
Pls do not be so bent out of shape by the word
[EMAIL PROTECTED] (Ed Gerck) wrote on 12.01.01 in [EMAIL PROTECTED]:
[long, but worth every megabyte]
From: "Stephen Sprunk" [EMAIL PROTECTED]
Throwing encryption at voting is not enough to solve algorithmic
problems. Digital signatures violate ballot secrecy and provide no
protection
Kai Henningsen wrote:
[EMAIL PROTECTED] (Ed Gerck) wrote on 12.01.01 in [EMAIL PROTECTED]:
No. Digital signatures such as X.509/PKIX do violate voter privacy, but
never ballot secrecy.
In all fairness to you, maybe there is a confusion with the word "privacy".
In this case, maybe
Paul:
In the interest of dialogue, I wish to remind you that this thread started yesterday
when someone asked what was the IETF doing on voting protocols. Going further
back, almost one year ago when the IVTA was to be founded to -- quess what --
discuss Internet protocols (as the Internet
Was the ICANN election by Instant Runoff Voting or Condorcet?
The terms are defined at: http://www.fairvote.org/irv/
and: http://www.vision25.demon.co.uk/pol/votefaq.txt
It is great it was by were choice ballots. As there seems to
be a renewed commercial interest in election equipment, would
PROTECTED]
Subject: internet voting -- ICANN, SmartInitiatives, etc.
X-Loop: [EMAIL PROTECTED]
Was the ICANN election by Instant Runoff Voting or Condorcet?
The terms are defined at: http://www.fairvote.org/irv/
and: http://www.vision25.demon.co.uk/pol/votefaq.txt
It is great it was by were choi
Thus spake "James P. Salsman" [EMAIL PROTECTED]
Here is an interesting effort to use certificate authentication
("digital signature") technology to put California's signature
gathering process online:
http://www.smartinitiatives.org
I think that is a good first step; far better than
[long, but worth every megabyte]
From: "Stephen Sprunk" [EMAIL PROTECTED]
Throwing encryption at voting is not enough to solve algorithmic
problems. Digital signatures violate ballot secrecy and provide no
protection against most forms of fraud.
No. Digital signatures such as X.509/PKIX do
21 matches
Mail list logo