[chapter-delegates] DNS, hosting and the spirit of the Internet

Irwan Effendi hero_tsai at mainsyscon.net
Sat Mar 19 00:06:00 PST 2005 

Dear James,

E-voting IS EASY
However, it is people's mind that makes it difficult
In the old days of Greece, when people cast their vote, they do it by
standing up from their seats, thus showing their identity and their choice.
Nowadays, votes are made in secrecy, due to various reasons, which in my
personal opinion, is actually unjustified.

Imagine the following:

A world wide voting system, which can display the list of all voters along
with their unique identification number. Each and every voter can access the
list to verify that their vote is registered just the way they cast it.
Each region has its own server, and the net result is passed on to the
central server. Voter from a region can even request to see the list from
other regions.
Official result announcement is delayed one week from the closing day of
vote to give time to voter to verify their vote.
Whenever a voter found that his/her vote has been tampered with, the vote
can be re-cast and the incidence noted. If cases of incidence is sufficient
in number to alter the regional result, official result is postponed. All
unaffected region is considered final, affected region re-cast their vote
after the vulnerability has been identified and patched.


Now, if we can implement that kind of system, there would be no problem with
trust and security, would it?

But to implement that system, we need to know, "Will member take full
responsibility of their own choice?". If that is not the case, we will not
be able to hold votes in an open manner, and in that case, you are correct,
E-Voting IS difficult.

As far as identification and verification, I have submitted many ideas, and
thus will wait for others to throw in their coins.
To prevent massive sign up prior to any election, simply establish a delay
between sign up and activation, that's easy.

>
> There are at least two issues to consider.  First, before a global member
> ID can be used as a "voting identifier", when it is issued we need to
> confirm that it is being issued to a real person.  This can not be
> accomplished in email because people can have more than one email
> address.  It is possible this could be done by Chapters, but to be fair
> to all Chapters and to all members we need a way to validate that the
> process is working.  I have do not have a suggestion for how to do that.

To validate that the process is working:

In the case that an individual join a chapter through ISOC.ORG
Chapter is required to obtain the copy of the member's local identification
(driver's id, passport or such), along with the recent photograph, and send
it to HQ.
If this has not been received in say... four weeks, then HQ can verify the
problem by sending e-mail, both to chapter and the member in question. If
it's chapter's fault, then chapter officer got yelled at (maybe you can even
make a trust rating system)

In the case that an individual join ISOC through chapter recruitment,
Chapter is required to submit the identification when registering the member
at ISOC.ORG

If there is no staff available for doing the filing of the received
Identifications, HIRE one. I believe USD 18 K a year is sufficient for that
kind of position. Use that 150 K being set aside. It seems that this
membership identification is being deemed more important by chapters
compared to the issue of project funding.


>
> Second, we need to consider how to accept the votes and ensure that those
> voting are doing so of their own free will.  Accepting the votes can be
> supported in various ways.  However, how do we ensure that whoever is
> submitting the vote is really the person who has the ID being used?
>

If HQ find that it can't even trust chapters to do their part, or that it
can't trust that a combination of login and password is sufficient to prove
actual participation, that really puzzles me. The decision to established a
payment system is done based on a web-survey, is it not ? How much more
trustworthy is a web survey that can be voted 100 times by the same person,
compared to the usual voting system using login and password? How much more
if compared to the trustworthyness of a chapter?

Please, do not think of this as a burden of unjustified need. ISOC is about
developing the internet and allow everyone to use the internet to improve
Quality of Life. The development of voting through internet actually
encompassed all three pillars of ISOC, due to the fact that we have to
establish a standard for doing this, we have to educate people how this
thing work, and we have to establish a policy to handle discrepancies.

Can you imagine, how good of an impact it will brings to government systems
in the whole world, if we can manage to pull this one? I am talking about
replacing corrupt systems with transparent one,  removing corrupt government
officials, raising global awareness about people's duties and rights...
Okay, I babbled too much, but I believe you got the idea...

Regards,
Irwan Effendi

More information about the Chapter-delegates mailing list