| From: | MJ Ray <mjr(at)phonecoop(dot)coop> |
|---|---|
| To: | spi-general(at)lists(dot)spi-inc(dot)org |
| Subject: | Making the ballots secret |
| Date: | 2007-08-07 17:01:54 |
| Message-ID: | 46b8a582.JYW1ZIrSzramsIxy%mjr@phonecoop.coop |
| Views: | Raw Message | Whole Thread | Download mbox |
| Thread: | |
| Lists: | spi-general |
While trying to find the definition of the multi-winner SPI method for
Antti-Juhani Kaijanaho, I spotted this little gem in Article Five of
http://www.spi-inc.org/corporate/by-laws which relates to comments I
made elsewhere:
"Ballots concerning election or removal of officers shall be secret
ballots."
At present, ballots are (correctly IMO) described as confidential, not
secret, on the voting pages like
https://members.spi-inc.org/vote/election.php?ref=6
One way they are not secret is that votes seem to be stored on that
server indefinitely. Any webmaster of members.spi-inc could see all
of our past votes back to at least 2004, right?
I don't want to change the by-laws, so can the election system be
changed to offer a secret ballot instead of a confidential one?
One possibility is to require the secret cookie to change one's vote.
That does mean if the secret cookie is lost after voting, a vote can't
be changed (has-voted would need to be tracked seperately). Also, I
don't know whether recent developments in MD5 hash collisions make
this unsafe. Comments?
Any other ways to fix this?
Thanks,
--
MJ Ray - see/vidu http://mjr.towers.org.uk/email.html
Experienced webmaster-developers for hire http://www.ttllp.co.uk/
Also: statistician, sysadmin, online shop builder, workers co-op.
Writing on koha, debian, sat TV, Kewstoke http://mjr.towers.org.uk/
| From | Date | Subject | |
|---|---|---|---|
| Next Message | MJ Ray | 2007-08-07 17:09:50 | Re: Election results |
| Previous Message | Joshua D. Drake | 2007-08-07 16:37:05 | Re: Election results |