Re: Voting Security

Vittorio Bertola <vittorio.bertola@open-xchange.com> Tue, 17 September 2019 10:44 UTC

Return-Path: <vittorio.bertola@open-xchange.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1615612080A for <ietf@ietfa.amsl.com>; Tue, 17 Sep 2019 03:44:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.299
X-Spam-Level:
X-Spam-Status: No, score=-4.299 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=open-xchange.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gVEeA-GZfISp for <ietf@ietfa.amsl.com>; Tue, 17 Sep 2019 03:44:50 -0700 (PDT)
Received: from mx4.open-xchange.com (alcatraz.open-xchange.com [87.191.39.187]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 36191120815 for <ietf@ietf.org>; Tue, 17 Sep 2019 03:44:50 -0700 (PDT)
Received: from open-xchange.com (imap.open-xchange.com [10.20.30.10]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx4.open-xchange.com (Postfix) with ESMTPS id F0AB76A257; Tue, 17 Sep 2019 12:44:46 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=open-xchange.com; s=201705; t=1568717087; bh=3X2QlW0yPUJ9m3n/iUCXs8aPp36tKoGf9HsGBC96q3Q=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:From; b=BVfBDeQHutw+T8mAso+HvcwwNi1zoFzlatQpKTjITVzqBOLPpLq2I6BIEcNzAJJDF mRpqku6tUYDwkj8k7MoKCrb84V4pdRQswq31ukgLbN813WhyAYnq+3dxPySNgwv+Dg +N1GzCJAcbz2ipZH1n2YN6voSstBJFz2WyHWSIbc6qqz9IiMuZ7azmY9EsfdrGSj+/ h+bou+jrVaj898vPPXzomJi+kSs8AqzDqVk+RijoebOlCK2Ro+o+3S76Yetd7Oa7dS y5SrYcMOM/w7v2WVEW48G6/C+kyLoCkM/fUYbRlagdeJ6ySGj2TVx4ZiIQs/dKvgRn opmH403LhZWkQ==
Received: from appsuite-gw1.open-xchange.com (appsuite-gw1.open-xchange.com [10.20.28.81]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by open-xchange.com (Postfix) with ESMTPSA id E4CF23C0045; Tue, 17 Sep 2019 12:44:46 +0200 (CEST)
Date: Tue, 17 Sep 2019 12:44:46 +0200
From: Vittorio Bertola <vittorio.bertola@open-xchange.com>
Reply-To: Vittorio Bertola <vittorio.bertola@open-xchange.com>
To: shogunx@sleekfreak.ath.cx
Cc: IETF Discussion Mailing List <ietf@ietf.org>
Message-ID: <1732869726.25964.1568717086845@appsuite-gw1.open-xchange.com>
In-Reply-To: <alpine.DEB.2.21.1909170109190.32554@sleekfreak.ath.cx>
References: <CAChr6Sz3j0iLGsB2bGvfitPzCkiTCJYHfmUF5S-8zPYMt1r+3A@mail.gmail.com> <6.2.5.6.2.20190911094010.0c933fa8@elandnews.com> <20190911194723.GC18811@localhost> <6.2.5.6.2.20190911131143.11401cb8@elandnews.com> <CAMm+Lwi2CDBCDUhMG7Z487G-BYVp4rRJ=YG73Z=M=TkZ=jaAbQ@mail.gmail.com> <alpine.DEB.2.21.1909121135080.32554@sleekfreak.ath.cx> <CABcZeBMp7dzvTGnPTk=q79pf5KYiMd0eepEXiyFw=imPNkSfBg@mail.gmail.com> <B7BC79DD-617E-4FFA-A414-76C5C0287C00@hopcount.ca> <alpine.DEB.2.21.1909140303190.32554@sleekfreak.ath.cx> <CABtrr-UQXtjUmEMHxr_eV=jJ-h8YtwtEY60aLe9u_Bb+zAiJdg@mail.gmail.com> <4908F69C-29E8-438C-BCCF-E399EA229C66@gmail.com> <CABtrr-WV4u7Up2Oj1ABj151ZwvVnBHukmy6e9EF2zbgAQwGLeQ@mail.gmail.com> <f07cc4b7-052a-35ee-bdcc-0cc217e484cf@network-heretics.com> <alpine.DEB.2.21.1909152029060.32554@sleekfreak.ath.cx> <CAMm+Lwj9R6z0SuJygU8Pwcis-kDdM2vy=SOTW1ta7b7=4X4wzg@mail.gmail.com> <alpine.DEB.2.21.1909170109190.32554@sleekfreak.ath.cx>
Subject: Re: Voting Security
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
X-Priority: 3
Importance: Normal
X-Mailer: Open-Xchange Mailer v7.10.2-Rev12
X-Originating-Client: open-xchange-appsuite
Autocrypt: addr=vittorio.bertola@open-xchange.com; prefer-encrypt=mutual; keydata= mQENBFhFR+UBCACfoywFKBRfzasiiR9/6dwY36eLePXcdScumDMR8qoXvRS55QYDjp5bs+yMq41qWV9 xp/cqryY9jnvHbeF3TsE5yEazpD1dleRbkpElUBpPwXqkrSP8uXO9KkS9KoX6gdml6M4L+F82WpqYC1 uTzOE6HPmhmQ4cGSgoia2jolxAhRpzoYN99/BwpvoZeTSLP5K6yPlMPYkMev/uZlAkMMhelli9IN6yA yxcC0AeHSnOAcNKUr13yXyMlTyi1cdMJ4sk88zIbefxwg3PAtYjkz3wgvP96cNVwAgSt4+j/ZuVaENP pgVuM512m051j9SlspWDHtzrci5pBKKFsibnTelrABEBAAG0NUJlcnRvbGEsIFZpdHRvcmlvIDx2aXR 0b3Jpby5iZXJ0b2xhQG9wZW4teGNoYW5nZS5jb20+iQFABBMBAgAqBAsJCAcGFQoJCAsCBRYCAwEAAp 4BAhsDBYkSzAMABQMAAAAABYJYRUflAAoJEIU2cHmzj8qNaG0H/ROY+suCP86hoN+9RIV66Ej8b3sb8 UgwFJOJMupZfeb9yTIJwE4VQT5lTt146CcJJ5jvxD6FZn1Htw9y4/45pPAF7xLE066jg3OqRvzeWRZ3 IDUfJJIiM5YGk1xWxDqppSwhnKcMOuI72iioWxX0nGQrWxpnWJsjt08IEEwuYucDkul1PHsrLJbTd58 fiMKLVwag+IE1SPHOwkPF6arZQZIfB5ThtOZV+36Jn8Hok9XfeXWBVyPkiWCQYVX39QsIbr0JNR9kQy 4g2ZFexOcTe8Jo12jPRL7V8OqStdDes3cje9lWFLnX05nrfLuE0l0JKWEg8akN+McFXc+oV68h7nu5A Q0EWEVH5QEIAIDKanNBe1uRfk8AjLirflZO291VNkOAeUu+dIhecGnZeQW6htlDinlYOnXhtsY1mK9W PUu+xshDq7lXn2G0LxldYwyJYZaJtDgIKqVqwxfA34Lj27oqPuXwcvGhdCgt0SW/YcalRdAi0/AzUCu 5GSaj2kaGUSnBYYUP4szGJXjaK2psP5toQSCtx2pfSXQ6MaqPK9Zzy+D5xc6VWQRp/iRImodAcPf8fg JJvRyJ8Jla3lKWyvBBzJDg6MOf6Fts78bJSt23X0uPp93g7GgbYkuRMnFI4RGoTVkxjD/HBEJ0CNg22 hoHJondhmKnZVrHEluFuSnW0wBEIYomcPSPB+cAEQEAAYkBMQQYAQIAGwUCWEVH5QIbDAQLCQgHBhUK CQgLAgUJEswDAAAKCRCFNnB5s4/KjdO8B/wNpvWtOpLdotR/Xh4fu08Fd63nnNfbIGIETWsVi0Sbr8i E5duuGaaWIcMmUvgKe/BM0Fpj9X01Zjm90uoPrlVVuQWrf+vFlbalUYVZr51gl5UyUFHk+iAZCAA0WB rsmACKvuV1P7GuiX3UV9b59T9taYJxN3dNFuftrEuvsqHimFtlekUjUwoCekTJdncFusBhwz2OrKhHr WWrEsXkfh0+pURWYAlKlTxvXuI7gAfHEQM+6OnrWvXYtlhd0M1sBPnCjbyG63Qws7Rek9bEWKtH6dA6 dmT2FQT+g1S9Mdf0WkPTQNX0x24dm8IoHuD3KYwX7Svx43Xa17aZnXqUjtj1
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/j6KVXvDTHCY60r6j1zsw1CN_8Ec>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Sep 2019 10:44:52 -0000


> Il 17 settembre 2019 07:15 shogunx@sleekfreak.ath.cx ha scritto:
> 
>  
> On Tue, 17 Sep 2019, Phillip Hallam-Baker wrote:
> 
> > Electronic elections are a great idea. Just not for public office.
> 
> I will give you that, but in the use cases you referenced, there is no 
> need for a specialty apparatus to perform the job... a general purpose 
> networked computer/phone/etc. can provide the client side service 
> required.

There are a number of intermediate situations in which the advantage to democracy of faster, cheaper and easier voting, enabling people to vote more often and in higher numbers, may be deemed to outweigh the risks of manipulation - for example, non-binding consultations by a local public authority, or a limited number of absentee votes from abroad, or online voting in a reasonably cooperative context (e.g. an association with hundred of thousands of members). In these cases however you still require a dedicated tool, and you'd still better apply all possible mitigations against manipulation by those running the system, which in general are non-technical but require support in the platform.

At the same time, electronic/online voting for general elections is now a non-starter almost everywhere, at least in Europe - many countries worked on it, introduced it, and then discontinued it because of the risks.

-- 
 
Vittorio Bertola | Head of Policy & Innovation, Open-Xchange
vittorio.bertola@open-xchange.com 
Office @ Via Treviso 12, 10144 Torino, Italy