[csw-maintainers] GPG Key Vote -- INVALID ballot

Philip Brown phil at bolthole.com
Tue Mar 1 18:00:59 CET 2011


On 3/1/11, Maciej Bliziński <maciej at opencsw.org> wrote:
>
>> Also, why is there not a link to the writeup, in the actual ballot?
>
> Because ballotbin does not support adding any text directly to the
> actual ballot.

Wow.. that's .. surprisingly limited.
But perhaps it is an artifact of which voting style you used?
[....] Yes, to a point.
As you mention, there is the option of adding a ["biographical"] note
per question, which is not exactly what I was hoping. But perhaps in
some voting issues, it would be good to use this.


>  As Peter F likes, to
> say: consequently, I've added the link to each of the 8 answers.

great


>. However, once their term of
>> office is ended, the same people still have the same parts of the key.
>> Nothing stops them from getting together and using it after their term
>> has ended.
>
> True.  The escrow option is not about revoking access; it's about
> distributing access.  It is not worse not better than the other
> options.  The threat that escrow protects against, is a single board
> member using the key without the consent of other board members.
> Using the key after the term of office ends, is another threat which
> needs another solution.
>
>> If my summary of the escrow is valid, please adjust the wording to
>> make that clear (or preferably just remove the secondary question
>> entirely), when the ballot is fixed and restarted.
>
> Since the vote is not about key revocation, I see no reason to remove
> the escrow question.

It is more complicated than you might think. Please see my adjusted writeup at
http://wiki.opencsw.org/vote-gpgkey
for why. That might convince you to move the key escrow vote, to
another time, after either more discussion, or alternative technology
is proposed.
If we had better key escrow tech (William suggested such may exist,
but costs $$$), then this wouldnt be a problem.


More information about the maintainers mailing list