Fw: Public Comment on VVSG1 draft June. 05

From: David Webber \(XML\) <"David>
Date: Wed Aug 10 2005 - 11:12:06 CDT

I just sent this in today to the EAC - sparked by
revelations that Diebold is planning an "All-in-1"
voting solution - server based.

We need to start moving forward on more comments
as well - as the 27th September deadline for comments
is fast approaching us...

The current EAC VVSG - IMHO - is almost worthless -
being nothing more than a rubber stamp for vendor
contrived solutions. There are very little first principles
being enforced. There are no formal test procedures
and methods being advocated / required.

NIST VVSG2 draft does contain some significant
enhancements that we need to ensure are injected,
along with more stringent test and verification procedures
relating to the operation particularly of counting and
vote storage details.

Clarification / exposing their unenforcable mock testing too -
such as the need to ensure a failure rate of only 1:10,000,000
writes. Yet 20%+ of Diebold equipment in California was
just DOA!!

I'm sure there is more too!

DW

p.s. They appear to have taken down the online
       comments form - so the email is the only way
       available.

----- Original Message -----
From: "David Webber (XML)" <david@drrw.info>
To: <votingsystemguidelines@eac.gov>
Sent: Wednesday, August 10, 2005 12:03 PM
Subject: Public Comment on VVSG1 draft June. 05

> To the Commission:
>
> Some vendors appear to be taking steps to integrate their voting solutions
> with voter registration systems.
>
> Whatever the intentions and motivations to this there are some fundamental
> principles being broken here that need to be clarified and protected by
the
> VVSG.
>
> 1) There has to be a complete physical separation between the voter
> registration system and the voting system. No direct realtime electronic
> connection can be permitted, nor can the voting system know in anyway who
> voters are, nor store lists of voters.
>
> 2) The only connection between the two systems is the voter themselves and
> the physical act of voting. That is the principle we need to establish in
> the VVSG.
>
> 3) So when a voter is acknowledged in the registration system and is
> provided access to the voting system, they carry a physical access token
of
> some kind that denotes their entitlement to vote. Their voting event then
> corresponds to the event in the registration system.
>
> 4) Because voting is private this process has to be anonymous and a voting
> system can have no knowledge of voters demographic information of any
kind,
> even and especially including total numbers of voters registered or other
> metrics.
>
> I believe these priniciples need to be enshrined in the architecture
> requirements for EAC VVSG based systems.
>
> Sincerely,
>
> David Webber,
> 25404 Clearwater Drive,
> Damascus, MD
>
> Member OASIS Election Markup Language (EML) TC
>

_______________________________________________
OVC discuss mailing lists
Send requests to subscribe or unsubscribe to arthur@openvotingconsortium.org
==================================================================
= The content of this message, with the exception of any external
= quotations under fair use, are released to the Public Domain
==================================================================
Received on Wed Aug 31 23:17:24 2005

This archive was generated by hypermail 2.1.8 : Thu Sep 15 2005 - 11:44:12 CDT