https://bugzilla.wikimedia.org/show_bug.cgi?id=68129
--- Comment #2 from James Alexander <[email protected]> --- (In reply to Brad Jorsch from comment #1) > (In reply to James Alexander from comment #0) > > (and private key displayed or saved, personally I think it should be saved > > to server) > > As far as saving it to the server: the point of the encryption (AFAIK) is to > prevent people from looking at the poll results until the poll is closed. If > we have the key sitting right there next to the encrypted poll results, why > bother encrypting it at all instead of relying on system and db access > restrictions to keep people out? I'm open to debate and PB is on the bug as well I think. I completely agree that it should not remain on the server. Traditionally it had been placed in the hands of a trusted third party (for board elections outside counsel for example or for arbcom elections LCA) and so the person actually creating the poll (who is more likely to be the person checking votes etc) is not necessarily someone who should have access to the key. The idea was that saving it as a file on the server (perhaps as an SQL file with the insert command for later or just as a txt file) would allow us to pull it off the server, delete it from the server and give it to the trusted person. Apologies in advance: I'm actually responding from vacation and from the seat of a plane about to take off so I may not be able to respond for a little while. I will be back working remotely Thursday and in the office late Monday afternoon. -- You are receiving this mail because: You are the assignee for the bug. You are on the CC list for the bug. _______________________________________________ Wikibugs-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
