Re: Defining "Open Source" in the context of eVoting solution requirements.

From: Election Technology <electiontechnology_at_gmail_dot_com>
Date: Thu Oct 16 2008 - 17:12:09 CDT

Professor David Wagner actually covered this topic in some (relatively)
recent congressional testimony.
http://www.cs.berkeley.edu/~daw/papers/testimony-house07.pdf

On Wed, Oct 15, 2008 at 12:51 AM, Edward Cherlin <echerlin@gmail.com> wrote:

> On Tue, Oct 14, 2008 at 7:59 PM, David RR Webber (XML) <david@drrw.info>
> wrote:
> > Recently there has been a range of interpretations of open source,
> ranging
> > from - we cannot have "open source" because of all the wierd licensing
> > models, through to - we will do "disclosed source" instead.
>
> My interpretation has always been well outside that range. My
> expectation is that we will use GPL licensing for ordinary public
> distribution in Red Hat rpm packages or Debian deb packages, or any
> other system including OLPC xo bundles, but that only certified and
> tested releases compliant with applicable law can be used in real
> elections. So people can do what they like with the code to test
> proposed voting methods, security protocols and attacks, and whatever
> else seems good to them, and they have to contribute any modifications
> they distribute back to the community under the same license or
> better.
>
> I don't insist on GPL, as long as some group that understands the
> implications defines an official standard for public/government source
> code rights for the purpose. We could propose development of such a
> standard to relevant standards bodies such as ANSI and ISO.
>
> IETF is unsuitable because it does not issue binding standards, just
> "Requests for Proposal" (RFP). ECMA is unsuitable because it is a
> manufacturer's association, not a proper standards body, and is known
> not to know how to do an open standard. IEEE is possible if they feel
> it is within their charter. We can discuss other possibilities.
>
> > Well it's no secret that as with other terms in the software industry
> there
> > are so many possible interpretations of what "open source" is.
>
> Open Source and Free Software both. The official definitions are by by
> Richard Stallman and others at the Free Software Foundation for Free
> Software, and by Bruce Perens (originally for Debian) and others for
> Open Source. There are many licenses using the term Open Source in
> their definitions, many of them listed at FSF. Each is a specific
> license offered by a specific organization. The generic term is Free
> Software, meaning software under any Free license. FSF is generally
> considered to be the authority on this matter.
>
> http://www.fsf.org/licensing/licenses/
> http://www.debian.org/social_contract
>
> > Therefore I've put together a strawman of what this should mean in the
> > context of eVoting and E2E solutions for eVoting. Notice this
> specifically
> > sets out precisely what is required to be met to ensure that the unique
> > transparency and verification aspects of voting are covered.
> >
> > Feel free to improve refine and wordsmith as needed! Hopefully this can
> > then serve as the basis to make it completely obvious what is needed when
> > the requirement for "open source" is stipulated.
> >
> > Thanks, DW
>
> s/old/new/ substitute new for old in the line above
>
> s/old/new/g substitute new for old everywhere (globally)
>
> > ======================================================
> >
> > Defining "Open Source" in the context of eVoting solution requirements.
> >
> > Preamble
> >
> > The concept of open source is important for ensuring transparency and
>
> s/concept of open source is/concepts of Open Source and Free Software are/
>
> > verification in eVoting solutions - however the term "open source"
>
> s/term "open source"/terms "Open Source" and "Free Software"/
>
> > has many interpretations and so here we attempt to provide a level
>
> s/has/have/
>
> > setting of what this should mean in the context of eVoting solutions.
> > There are three areas considered: licensing and access, programming
> > conventions, and operational verification.
> >
> > Licensing and Access
> >
> > Software solely designed for and used in the primary operation of the
> > eVoting solution should be made publically available for inspection by
>
> s/publically/publicly/g
>
> > interested persons without precondition or costs. Particularly this
> > should apply to the specific version and release used in an election.
>
> > Such open and free access should be permitted irrespective of whatever
> > licensing, copyright or intellectual property constraints the developer
> > of the software may be entitled to.
>
> Such Open and Free access must be provided for by law regardless of
> the prior rights in the software any party may have. In order to offer
> software for use in elections, the owners of such right must grant an
> appropriate license in accordance with a publicly defined standard.
>
> > A central repository will hold the certified copies of software used in
> > an election. This would be hosted by a national organization such as
> > NIST, GSA or NSF, and / or from the specific States election
>
> s/adminstration/administration/
>
> > site.
> >
> > Programming Conventions
> >
> > The software should be written in such a manner to aid and facilitate
>
> s/manner to/manner as to/
>
> > inspection. The code should be written in plain language, using obvious
> > techniques and naming conventions that can be easily followed by
> > software developers and practioners and appropriately commented as per
> > normal software industry best practices.
>
> Conversion of the plain version to an optimized version, should this
> be necessary, will use documented and widely available Free tools.
>
> > Specifically the code should not be obfuscated using either automated
> > software tools nor manually refactored to deliberately obscure the
> > purpose and functioning of the software. The software developer should
> > be required to explain and otherwise document any specific area of the
> > code that is unclear or is performing a particularly complex function or
> > algorithm.
> >
> > The software should be developed in a programming language that is
>
> s/is/has tools/
>
> > broadly publically available
>
> under Free license
>
> > and not a limited or proprietary technology
> > that is known only to the eVoting solution implementers
>
> or some other small community.
>
> > The code should be documented with overall information about each
> > software code module, its purpose,
>
> algorithms used,
>
> > and its relationship to the overall
> > eVoting solution, inputs and outputs and the sequence of operation of
> > that module along with the previous and following steps. An overall
> > workflow of the software modules should also be required to be
> > published.
>
>
> (Not just a workflow. We should find or create a suitable software
> documentation standard, including object definitions.)
>
> > Operational Verification
> >
> > The software should be provided along with all the necessary build and
>
> s/should/must/g
>
> > compilation supporting configuration files, scripts, documentation,
> > prerequisites and dependencies such that any software practitioner
> > familiar with that development environment may reproduce the executable
> > software components as used in the election.
> >
> > The software should be designed to operate on
>
> a wide range of
>
> > available generic computer
> > hardware equipment that is commercially available from retail vendors to
> > the general public.
> >
> > A set of default configuration files should be provided to allow
> operation
> > of a verification test suite. Also any publically published results
> > and election records should be able to be run with the verification test
> > suite.
> >
> > _______________________________________________
> > OVC-discuss mailing list
> > OVC-discuss@listman.sonic.net
> > http://lists.sonic.net/mailman/listinfo/ovc-discuss
> > By sending email to the OVC-discuss list, you thereby agree to release
> the
> > content of your posts to the Public Domain--with the exception of
> > copyrighted material quoted according to fair use, including publicly
> > archiving at http://gnosis.python-hosting.com/voting-project/
>
> --
> Don't panic.--HHGTTG, Douglas Adams
> fivethirtyeight.com, 3bluedudes.com Obama still moving ahead in EC!
> http://www.obamapedia.org/page/Smears Join us!
> http://wiki.sugarlabs.org/go/User:Mokurai For the children
> _______________________________________________
> OVC-discuss mailing list
> OVC-discuss@listman.sonic.net
> http://lists.sonic.net/mailman/listinfo/ovc-discuss
> By sending email to the OVC-discuss list, you thereby agree to release the
> content of your posts to the Public Domain--with the exception of
> copyrighted material quoted according to fair use, including publicly
> archiving at http://gnosis.python-hosting.com/voting-project/
>

_______________________________________________
OVC-discuss mailing list
OVC-discuss@listman.sonic.net
http://lists.sonic.net/mailman/listinfo/ovc-discuss
By sending email to the OVC-discuss list, you thereby agree to release the content of your posts to the Public Domain--with the exception of copyrighted material quoted according to fair use, including publicly archiving at http://gnosis.python-hosting.com/voting-project/
==================================================================
= The content of this message, with the exception of any external
= quotations under fair use, are released to the Public Domain
==================================================================
Received on Fri Oct 31 23:17:04 2008

This archive was generated by hypermail 2.1.8 : Fri Oct 31 2008 - 23:17:05 CDT