[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Membership] The People's Republic of ICANN?



On Thu, Feb 11, 1999 at 10:03:15AM -0800, Karl Auerbach wrote:
[...]> 
> I've not done enough legwork yet to research the technical means that we
> could use to do this -- my guess is, however, that we will need to have
> voter registrars who look at some form of government issued ID and put the
> name on a list.  Then we'd have to issue some sort of cryptographic
> certificate that is used to authenticate the vote.

A cert is not, in my opinion, required.  All that is necessary is
that the user supply an email address when they sign up.  Note that
proper use and protection of certificates could be a significant
complexity burden on the average user, given the current state of the
technology. 

For votes that are not secret ballots, a pre established email
address is all that is required, because the tally can be posted on a
public web site; and the user can verify that their vote is recorded
as they sent it.  You have to work out rules for the voting protocol
-- how long the votes are posted before they can no longer be
challenged, and so on -- but these are straightforward matters.  The
posting on the web site provides an independent channel for each
individual to verify that their vote was correctly received, and
provides a public record of the vote. 

Secret ballots are a little more complicated.  They require a trusted
third party (I'm using this term in the technical sense) to collect
and count the ballots.  (This TTP may be in ICANN itself -- an 
"election committee" or such -- or it may be an outside contractor.)  
Vote verification in that case can be done via passworded access to 
a web site, or some similar means.

In practice an email confirmation of a vote is probably sufficient, 
because, while it is trivial to do a simple email forgery, it is 
*much* more difficult to do a perfect (undetectable) email forgery, 
and doing the mass forgeries that would be necessary to hoodwink a 
significant percentage of voters would be a substantial chore.

The best scheme by far is to simply give up on secret ballots, and do
everything as public recorded votes.  Secret ballots certainly allow 
people to vote their private thoughts, which is valuable.  But I'm 
not sure they are actually necessary in the present context.

I speak from some experience in this matter -- in PAB we used the
email scheme I described above, and had public recorded votes for
everything.  As PAB chair, it was interesting and occasionally
surprising to see who voted for me and who voted against me --
sometimes peoples votes didn't seem to go with their public
statements.  In theory an elected official could retalliate against 
those who voted against, but in practice it just became one more 
political factor in assessing support..

In my opinion,the real problem is the first identification of the 
citizen, not the later authentication of the vote.

> Absent that degree of effort, which is fairly significant and expensive,
> we could simply rely on a fee and see whether the "electronic phantom"
> vote fear comes to pass or not.

A fee, random audits, and a fair method by which suspicious identities 
could be challenged, would, in my opinion, be sufficient.  The basic 
requirement is that the voter be a natural person; perfect 
enforcement is not a requirement.  

> (Given the expense of the former, I'd be tempted to try the latter form
> first.  My guess is that those who would create legions of phantom votes
> will find the issues boring and move on to something else.)
> 
> I've considered a vote audit committee, but that's yet another moving
> part, and another expense, and, for those of us who think of every tool as
> a potential means of not just fixing, but also stopping, the machine, 
> such a committee could be used to derail the election process.

A vote audit committee is not required in the case of public recorded
votes.  Secret ballots, as I indicated above, raise a number of
issues -- does one trust the ICANN board to count its own secret
ballots?

You may not need a vote audit committee, but you certainly need a 
membership committee, IMO.

-- 
Kent Crispin, PAB Chair				"Do good, and you'll be
kent@songbird.com				lonesome." -- Mark Twain