[Demexp-dev] Leparlement and security (was: Re: [top-politics] Re: TOP invitation to programmers.)

[David MENTRE]

Hello Emmanuel,

2006/10/6, echarp <address@hidden>:
> I was the author of those comments, not too harsh hopefully.

Constructive criticism is one pillar of democracy. :-)


> The goal is a forum/mailingList/chat/news system, where every post is
> also a poll and potentially a vote.

That's an iteresting concept. But won't you have too many votes that a
user will have to track? ;-)


> There is one solution that _could_ bring *trust*: total and complete
> transparency. To the point of real time *reproducibility*.
>
> To the point where a *P2P* system of servers can be set up by any number
> of willing individuals. Then *PGP signatures* to ensure the relationship
> between a vote and a persona. *Electoral lists* (of PGP public keys) to
> calculate results.
>
> http://leparlement.org/security

I see two weak points in your approach:

* the first one is obviously lack of anonymity. I think anonymous
vote is an essential part of democracy: avoid social pressure for each
individual's decision. After that, you are arguing that anonymity is
difficult to do on the Internet. You might be right but I hope one day
we'll have strong arguments to invalidate your hypothesis; ;-)

* the second one is that it is difficult to link a GPG public key (or
any kind of authentication token) to an individual. How can you be
sure that I'm not creating thousands of GPG keys, cast thousand votes
to change the vote result? This is a tricky question and we'll have to
face the same issue in demexp. In demexp, we plan to rely on external
proof, e.g. birth certificate, but we'll have also to face fake ones.

Best wishes,
d.