Re: [atlarge-discuss] Risks and digital certificates (was Re: [atlarge-discuss] Election Preparation)

[Jeff Williams <jwkckid1@ix.netcom.com>]

Judyth and all fellow members,

  The secrecy of a ballot or of a vote has been a democratic principal for
many decades at least.  Hence there can be no democratic vote without such.
The reasons for secrecy of a ballot or of a vote have been well known
for almost as many years as a democracy has been a form of government.

  Even in Canada this is well recognized and has been for many many
years.

  Hence continuing to argue or discuss this point is both a waste of
time and effort and a not worthy of honest consideration...

espresso@e-scape.net wrote:

> Hello again,
>
> My responses are interspersed below. I had written
> >><snip>
> >>To put it simply, the organizers are those willing to take
> >>some degree of personal risk but one doesn't need to take
> >>maximum risks to be a real part of a social movement.
> >>
>
> and Sotiris responded
> >What kind of a "maximum" risk is there in associating with the
> >membership and purpose of this organization?!  The DNS is already
> >international Judyth...  And as for where it hasn't gotten too yet...
> >the US is doing a fine job of ensuring it will someday.
> >
> >But ooohhhh... yes, many potential "members" of this list may lie
> >awake
> >worrying about the black helicopters that will come to take them away
> >for writing Denise Michel that they didn't like her At-Large
> >deception(s)!  And because of that we should let just everyone and his
> >mother's uncle (even if it's an ape) become members with a right to
> >vote
> >and affect our political association?!!?!?!?  Hmm, yes, I see your
> >point
> >now!  Couldn't be more clear, as clear as an unmuddied lake to be
> >sure...
>
> Frankly, I'm not convinced that sneering at me invalidates
> my point.
>
> You and I evidently envision two different kinds of
> organizations.
>
> You don't think all Internet users have the right to be part
> of your "Internet users' constituency", and don't much care
> about people in countries where membership in *any* kind of
> foreign organization can bring social and political problems.
>
> I don't see how one can form a constituency of Internet users
> worthy of the name if one doesn't permit the participation of
> people in less developed or more repressive countries -- the
> very ones whose poverty and/or lack of freedom the "Information
> Society" is being relied upon to alleviate.
>
> >>Anonymity among political equals is a no-no in true
> >>democracy, Judyth.
> >
> >That rather depends on what you mean. In my opinion --
> >and I'm certainly not alone in this -- you cannot have
> >a true political democracy without a secret ballot.
> >Oddly enough, in places where everyone casts their
> >ballot while watched by prying eyes, voters tend to
> >get beaten up or even killed when they vote for the
> >"wrong" person.
> >
> >Nobody is pushing for eyes on the ballots here, Judyth.
>
> Let me clarify this for you. There have been some real
> concerns expressed - by others besides myself - about
> the exposure of members' names and e-mail addresses
> to public view. It has been implied, if not stated
> outright, that voting and/or nominations should be
> done publicly rather than privately. I am not saying
> that you personally have demanded a non-secret ballot,
> but I have had concerns about any balloting process
> where any one individual could see who voted which way
> ... which is the case within the Polling Booth, and
> which would be the case if the same person who received
> e-mail ballots with personally identifying information
> were to count and tabulate the votes.
>
> >>Voters' lists, on the other hand, are usually not secret.
> >>[...] More personal
> >>privacy and security, at the cost of no longer knowing
> >>which of your neighbours won't bother to vote or how
> >>many votes should be turned in at your polling station.
> >>It's a trade-off most people here find acceptable, though
> >>I'm not entirely convinced it's the only way to go.
> >
> >Here is something in which I actually agree with you.  It's not the
> >way to go, and the trade-off is unacceptable.  For those who think
> >it is, it bespeaks of the lowest state(s) of apathy and neglect,
> >both of which reflect negatively in practice.  Lose, lose.
>
> Agreed. Democracy depends on a well-informed and concerned
> citizenry; instead, we've grown accustomed to the erosion
> of both public information and citizen participation.
>
> >>[...]>>All that was needed was to
> >>be of legal voting age, a citizen, and a legal resident
> >>of the riding.
> >>
> >"All"?  That's quite a bit more than our organization's requirements,
> >wouldn't you say?
>
> Yes, indeed, and I think that needs to be remedied ASAP by
> means of a proper Constitution and bylaws, a better system
> of member registration, etc. But those things will not
> happen until a new Panel has been elected, which means that
> unless you want to start a different group from scratch
> with self-selected "directors" to prepare that framework,
> you will have to accept a less-than-ideal process to
> allow the current membership to elect its own Interim Panel
> to do the job.
>
> >>Sotiris, I've never disagreed with you and you can see in
> >>this list's own archives that I don't think it's real
> >>proof of anything much. In fact, I believe I supported
> >>your idea of a WG to study better means of confirming
> >>identity, though I did suggest that some provision should
> >>be made for *public* use of a pseudonym (say, on the list
> >>or forum) by people who might live in countries where
> >>belonging to a foreign organization is illegal or where
> >>having one's true identity exposed on the Web is likely
> >>to cause unpleasant repercussions.
> >>
> >As I said, the US is working on solving that problem long term by
> >bringing democratic thoughts and ideals to the few remaining
> >repressive
> >societies on the planet.  Until then, we cannot be worried about the
> >exception and forego the institution of a rule.  Exceptions are not
> >antecedent, they are consequent considerations and it's better to
> >cross
> >each bridge when we come to it.
>
> Not everyone shares your confidence that bombardment and
> installation of puppet regimes is the best way to bring
> democracy to undemocratic nations. (I can't think of a
> single country where that worked in the past.)
>
> Meanwhile, you and I disagree about whether it's okay to
> just ignore the majority of the world's population until
> it adopts the Pax Americana. That's why I'm leaving you
> and those who agree with you to organize whatever they
> think best.
>
> >>Okay, Sotiris, I've just spent 1-1/2 continuous hours at that
> >>site...
> >>
> >Wow!   Do you read as slow as you walk, Judyth?
>
> Nope, I read rather more quickly than most, and with
> excellent comprehension. It's just unfortunate that the
> site did not signal early in the process that it was
> set up to deal with only specific browsers, and that
> I was using a less-than-ideal dial-up connection rather
> then highspeed broadband.
>
> >>which ended with "Lost track of sequence...please
> >>start again". It's a nice, clean design with easy-to-use forms,
> >>and (most unusual!) all the list-boxes work properly with a
> >>Mac. However, after going through the whole multi-page process
> >>without much difficulty, I was stymied at the end because I
> >>was using neither MSIE nor Netscape when I started ... or
> >>perhaps it just doesn't like iCab. However, switching to
> >>Netscape (4.6) didn't get me a certificate either, which
> >>leads me to wonder whether other people mightn't have similar
> >>problems, especially working with dial-up rather than
> >>highspeed broadband access.
> >>
> >I'm surprised to hear this.  Millions of people have gone before you
> >and
> >succeeded in the (as you describe it) thoroughly engaging task!  Are
> >you
> >sure you didn't get a cert? I suggest you go back into your account
> >there and look up the status of any requested certs and see what
> >happens.  The certificate is downloaded from the site, it's not sent
> >to
> >you via email.
>
> Being quite a good reader (which is, after all, a prerequisite
> for my profession), I can assure you I did not expect the
> certificate to be e-mailed and correctly read the error
> messages I received, including the one I got (after doing
> everything over again with Netscape) that said the process
> had failed and I would have to start over again. I haven't
> yet had a chance to do this.
>
> >>Secondly, though I agree that the Thawte certificate might
> >>be better than nothing at all (assuming it works better for
> >>everyone else than it did for me), absolutely nothing in
> >>the process would have prevented me from obtaining a
> >>certificate using somebody else's identity. As far as I
> >>can tell, I could use anyone's name and social insurance
> >>(or passport, etc.) number with one of my own e-mail addresses
> >>and receive a certificate -- in fact, it seems I'd have to if
> >>I wanted to provide a certificate for messages emanating
> >>from another e-mail account.
> >>
> >Which is why I said it "would be a pretty good place to start",
> >because
> >we could then be in a position to avail ourselves of the Web of Trust
> >which Thawte has built up over the years, and thereby get identities
> >verified much better than we are now (to put it mildly)..  Surely, the
> >little bt of extra effort (and no, or very minimal, expense) should be
> >worth the acquisition of a personal digital certificate?
>
> My point was that the free certificates you were advocating
> as a means of authenticating identity don't actually do it:
> in practice, it's only slightly more laborious than obtaining
> another e-mail address and registering for a second IAL
> membership. It's up to the group to decide whether it is
> appropriate to demand that all members obtain these
> certificates anyway: I just warned that the certificates
> only guarantee that the person using one is the same one
> who registered for it ... or somebody who has access to
> their e-mail account and passwords.
>
> >>Their other form of identification certificate, which requires
> >>verification of identity by a notary, would be rather more
> >>confidence-inspiring but in practice, walking into a notary's
> >>office with legitimate-looking documents doesn't mean the
> >>person presenting those documents is the right person, either.
> >>That's why we hear so much these days about including
> >>fingerprints, retinal scans, etc. where identification is
> >>crucial!
> >>
> >So because it's possible there may be fraud, even if we were to go
> >with
> >the Web of Trust, you'd rather leave it wide open for fraud to take
> >place at a whim...?   You can't be serious.  Surely.  That is no
> >argument, my dear woman.
>
> If you could stop assuming I'm an idiot for the moment,
> you will see that I've not recommended leaving anything wide
> open to fruad -- just signalled a flaw in the assumption
> that this particular type of certificate is any kind of
> guarantee. The "Web of Trust" process may indeed provide
> a better mechanism - always assuming the people already
> trusted within the Web are trustworthy. So, for that
> matter, would asking each prospective member to download
> the registration form, have it notarized, and then return
> the notarized original by mail. That nothing provides a
> 100% fraud-proof ID does not invalidate the need for any
> organization to take reasonable precautions.
>
> >snip>
> >>I'm not disputing your (or anyone's) rights to want more
> >>certainty in the process. The problem, Sotiris, is what one can
> >>do about it now.
> >>
> >We do what we can, and nobody has presented anything better (if best
> >efforts are what we REALLY want), that the Thawte Web of Trust.
> <snip>
>
> Does that not assume that there will be an already-trusted
> person who can easily authenticate the identity of each
> member? I'm not sure that would be the case for everyone,
> and I haven't seen any indication from the other members on
> the list that they agree this must be implemented before
> the elections already scheduled.
>
> >>The problem I see is that, by your own logic, anyone registered
> >>as a member of this group is automatically suspect unless they
> >>are using a digital certificate, which means almost nobody is
> >>eligible to say whether or not the Thawte certificate should
> >>be required for people to cast their ballots in this election,
> >>and no result from any election conducted by this group could
> >>possibly be legitimate. Where does that leave you?
> >>
> >Waiting for the rest to sign up, I suppose.  I don't see why anyone
> >who
> >professes to be concerned with Internet governance issues would have a
> >problem with making a small effort, one which will only help you to
> >learn more about the Internet and to meet a few more people who are
> >involved in something globally digital like the Web of Trust?  What
> >could be more relevant, I wonder?  OTOH, if you had a valid digital
> >certificate from another certified issuer, you wouldn't have to go to
> >Thawte... Stephen Waters didn't.  But, Thawte and its Web of Trust are
> >free, and they're better than anything anone else has proposed to date.
>
> I also had a look at GlobalSign's site, which seems to provide
> a *little* more security for its certificates but unfortunately
> doesn't issue them for residents of all countries. There may
> be yet other companies offering various types of certificates,
> though the others I saw only do companies, not individuals.
>
> No doubt the group will come to its own conclusions about what
> suits it best.
>
> >><snip>
> >>Sotiris, as I said, I'm withdrawing from this project so it's
> >>not me you need to convince.
> >>
> >I'm sure somebody will cop up to replace you Judyth, it's a big
> >Internet, so long.
> >
> >Be Well,
> >
> >Sotiris Sotiropoulos
>
> You, too, and best wishes to all,
>
> Judyth
>
> ##########################################################
> Judyth Mermelstein     "cogito ergo lego ergo cogito..."
> Montreal, QC           <espresso@e-scape.net>
> ##########################################################
> "A word to the wise is sufficient. For others, use more."
> "Un mot suffit aux sages; pour les autres, il en faut plus."
> ##########################################################
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: atlarge-discuss-unsubscribe@lists.fitug.de
> For additional commands, e-mail: atlarge-discuss-help@lists.fitug.de

Regards,
--
Jeffrey A. Williams
Spokesman for INEGroup LLA. - (Over 129k members/stakeholders strong!)
================================================================
CEO/DIR. Internet Network Eng. SR. Eng. Network data security
Information Network Eng. Group. INEG. INC.
E-Mail jwkckid1@ix.netcom.com
Contact Number: 214-244-4827 or 214-244-3801




---------------------------------------------------------------------
To unsubscribe, e-mail: atlarge-discuss-unsubscribe@lists.fitug.de
For additional commands, e-mail: atlarge-discuss-help@lists.fitug.de