Making the ballots secret
MJ Ray
mjr at phonecoop.coop
Tue Aug 7 17:01:54 UTC 2007
While trying to find the definition of the multi-winner SPI method for
Antti-Juhani Kaijanaho, I spotted this little gem in Article Five of
http://www.spi-inc.org/corporate/by-laws which relates to comments I
made elsewhere:
"Ballots concerning election or removal of officers shall be secret
ballots."
At present, ballots are (correctly IMO) described as confidential, not
secret, on the voting pages like
https://members.spi-inc.org/vote/election.php?ref=6
One way they are not secret is that votes seem to be stored on that
server indefinitely. Any webmaster of members.spi-inc could see all
of our past votes back to at least 2004, right?
I don't want to change the by-laws, so can the election system be
changed to offer a secret ballot instead of a confidential one?
One possibility is to require the secret cookie to change one's vote.
That does mean if the secret cookie is lost after voting, a vote can't
be changed (has-voted would need to be tracked seperately). Also, I
don't know whether recent developments in MD5 hash collisions make
this unsafe. Comments?
Any other ways to fix this?
Thanks,
--
MJ Ray - see/vidu http://mjr.towers.org.uk/email.html
Experienced webmaster-developers for hire http://www.ttllp.co.uk/
Also: statistician, sysadmin, online shop builder, workers co-op.
Writing on koha, debian, sat TV, Kewstoke http://mjr.towers.org.uk/
More information about the Spi-general
mailing list