[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [atlarge-discuss] Security of elections Re: [atlarge-discuss] WHAT MOST MEMBERS WANT

espresso@e-scape.net wrote:
> > 

...

> I can't speak to that issue (not having ever looked at the current
> membership list) but there are several kinds of security issues
> involved, whether the voting is on a Web site or by e-mail.
> 
> 1. Membership status
> 
> >From what has been said by Vittorio and others, we are indeed at
> a disadvantage when it comes to ensuring that no individual
> registers under multiple identities. We simply don't have the
> means and manpower to verify each registration, and the database
> in fact does not seem to provide enough information for us to
> do it if we had.
> 

There is a tension here between our ideals - which for me, as I have stated 
previously, include borderless Internet democracy - and our practicalities, 
which include the fact that we are a budgetless organization in a world in 
which security comes with a price.  The more security we demand, the more it 
costs.  The higher our membership dues, the fewer people can afford to 
belong.

> 2. Confirmation of information supplied
> 

...

You have identified the concerns, and there is no perfect solution, no matter 
how much we are willing to pay.  No organization could prevent me from 
registering with all of my three valid e-mail addresses.  At this stage of 
our existence, it is adequate to rely on good will: I don't *want* to vote 
three times.  Over the longer term, I think one solution to prevention of 
multiple voting is to incorporate into the voting process itself some 
mechanism which would prevent it from being automated.  Force the human 
element to emerge each time.  I am not speaking simply of those schemes which 
allow someone who wants access to his account, but has forgotten his 
password, to substitute an item of personal information (mother's maiden name 
for example) instead.  I have had to use that sort of entry means myself at 
times, and it works.  Something along that line could be elaborated on.

...

> 
> One of the deepest ironies within ICANNATLARGE.ORG is that
> probably nobody outside it thinks it's worth sabotaging but
> some of its members may be here for exactly that purpose and
> have the technical ability to do it.
> 

I concur.

...

Demanding perfection at this stage is to force us out of existence.  "The 
best is the enemy of the good."  The means of security should grow 
organically as the organization grows.


---------------------------------------------------------------------
To unsubscribe, e-mail: atlarge-discuss-unsubscribe@lists.fitug.de
For additional commands, e-mail: atlarge-discuss-help@lists.fitug.de