Re: electronically detecting tampering

From: David Mertz <voting-project_at_gnosis_dot_cx>
Date: Thu Nov 27 2003 - 13:12:13 CST

|> I've never set one up either. Charlie Strauss
|> is also looking into setting up an infrastructure for our discussion.
|> Please confer with him and set up the appropriate structure for our
|> discussion.

"Alan Dechert" <alan@openvotingconsortium.org> wrote:
|I am not suggesting one way or the other and I don't plan to get involved in
|the decision ... and I'm sure it will be done nicely in any case ... but
|maybe for those of us that haven't used a wiki, you could present some of
|the pros and cons of that versus some SourceForge tracking system. Wiki may
|be a little anarchistic but maybe that's fine.

I find Sourceforge's tracking to be a bit of a PITA. Steep learning
curve, and much too much formality in each of the steps. A Wiki would
just let each "security working group" member add annotations as s/he
thought best... I think we can trust each other well enough not to
worry about improper changes, at least for a while.

An advantage of a Wiki is that the "document" jointly developed is
pretty readable as a regular web page and/or can be printed off in
nice-enough looking form. Someone new coming to the project doesn't
need to wade through lots of change-logs, assignments, statuses,
etc. They just need to read the master document as a big page. The
importance and structure of the parts is indicated with heading levels,
typography, etc., just like in a book or article.

If we open a Wiki for a while, there may come a time when its
administrator will want to prune it and clean it up into a more final-
looking document. But most of the information will be in-place and
usable already.

  ---
  Actually, I wonder now if I might not have been better off creating
  the Architecture document this way a couple months ago. I had hoped
  that developers would have emailed the changes to me as they came up,
  but that didn't really happen (they were all presumably doing the
  actual development and/or their own paid jobs, family stuff, etc,
  instead). So instead, I created a moderately OK initial document on
  my own, but then it got out-of-date as I became busy or lazy (or just
  did not know the latest details).
  ---

However, I will certainly be happy to defer to Charlie's opinion on the
best approach, and welcome his ideas on creation of the security
document(s).

Yours, David...

--
---[ to our friends at TLAs (spread the word) ]--------------------------
Iran nuclear neocon POTUS patriot Pakistan weaponized uranium invasion UN
smallpox Gitmo Castro Tikrit armed revolution Carnivore al-Qaeda sarin
---[ Gnosis Software ("We know stuff") <mertz@gnosis.cx> ]---------------
==================================================================
= The content of this message, with the exception of any external 
= quotations under fair use, are released to the Public Domain    
==================================================================
Received on Sun Nov 30 23:17:11 2003

This archive was generated by hypermail 2.1.8 : Sun Nov 30 2003 - 23:17:13 CST