[CAVO] Please give opinions and clarifying information on these responses

Juan E. Gilbert juan at ufl.edu
Sat Aug 29 19:32:09 UTC 2015


Patrick, Prime III will be released, probably on GitHub, in September, 
see http://www.knightfoundation.org/grants/201551186/

We received a grant to release it. New Hampshire is using it Statewide 
in 2016. So, it will be there. I'm working on the finishing touches to 
release it.

All of your other comments, make sense to me. I don't know Alan Dechert 
either, but I agree, he's someone we should know. The work he describes, 
we have done with Prime III as well.

Thanks,


On 8/29/15 1:52 PM, Patrick Masson wrote:
> All,
>
> Here are some comments based on my initial review. I am particularly 
> concerned with item eleven, OSET's response.
>
> 1. Clear Ballot (clearballot.com) is not distributed with an OSI 
> Approved Open Source License.
> <http://sfgov2.org/ftp/uploadedfiles/elections/rfi/20150811_RCVBallotDesign.pdf> 
>
> 2. International Voting Machines response states: "We are negotiable 
> on certification and public review of software; not open source"
> <http://sfgov2.org/ftp/uploadedfiles/elections/rfi/20150818_IVM.pdf>
> 3. No documentation of open source claims (GPL3) for Prime III. Claims 
> of open source license without access to code is meaningless.
> <http://sfgov2.org/ftp/uploadedfiles/elections/rfi/20150826_PrimeIII.pdf>
> 4. Statements like, "Designed so that all or part of the system’s 
> software operates using open source software." and "Everyone Counts is 
> based on open-source software while maintaining the security of a 
> locked down system." are antithetical. Upon review, it could not be 
> determined if the "eLect" software is actually distributed with an OSI 
> Approved Open Source License.
> <http://sfgov2.org/ftp/uploadedfiles/elections/rfi/20150827_EC.pdf>
> 5, The only information provided in response to "Designed so that all 
> or part of the system’s software operates using open source software." 
> is "The database used by the Electionware election definition system 
> is PostgreSQL, a scalable open source database." Obviously this does 
> not apply to the actual election software.
> <http://sfgov2.org/ftp/uploadedfiles/elections/rfi/20150828_ES&S.pdf>
> 6. I do not know who Alan Dechert is but he sounds like someone CAVO 
> should reach out to. He seems very committed.
> <http://sfgov2.org/ftp/uploadedfiles/elections/rfi/20150828_Dechert.pdf>
> 7. Digital Foundry's response seems to be a proposal to build a 
> system. While they seem positively inclined toward open source, they 
> do not state specifically that the work developed would be assigned an 
> OSI Approved Open Source License.
> <http://sfgov2.org/ftp/uploadedfiles/elections/rfi/20150828_DigitalFoundryResponse.pdf>
> 8. In response to the RFI's statement, "Designed so that all or part 
> of the system’s software operates using open source software." 
> HartInterCivic states, "Yes. Verity is designed to use open source 
> software." Using open source software (e.g. Linux OS, noSQL DB, etc.) 
> is not the same as the elections/voting software being released with 
> an OSI Approved Open Source License.
> <http://sfgov2.org/ftp/uploadedfiles/elections/rfi/20150828_Hart.pdf>
> 9. In response to the RFI's statement, "Designed so that all or part 
> of the system’s software operates using open source software," 
> Dominion Voting states, "Dominion’s Democracy Suite is designed so 
> that parts of the system’s software operates using open source 
> software, such as the use of Linux for the development of ImageCast 
> optical scan tabulators. In addition, due to the fa ct that many COTS 
> components form part of the voting system, additional system 
> components operate on open source software, such as the Android 
> platform used in conjunction with the ImageCast X voting terminal." 
> Using open source software (e.g. Linux OS, Android, etc.) is not the 
> same as the elections/voting software being released with an OSI 
> Approved Open Source License.
> <http://sfgov2.org/ftp/uploadedfiles/elections/rfi/20150828_Dominion.pdf>
> 10. Galois appears to seek a contract to build a system. They make 
> several claims, "Our products are all Open Source, customers can 
> purchase fit-for-purpose versions, and we have a variety of support 
> and service contracts." "We can provide evidence of these claims by 
> simply referring evaluators to our Open Source product repositories." 
> Looking at their prior work / GitHub repositories 
> (<https://github.com/GaloisInc>), they appear to distribute work under 
> the BSD license.
> <http://sfgov2.org/ftp/uploadedfiles/elections/rfi/20150828_Galois.pdf>
> 11. OSET has made two claims, that I am leery of: 1. that they have 
> submitted the OSET Public License (OPL) or some other to the OSI. I am 
> not aware of any submission for review, but have asked the OSI Board 
> to confirm. The statement on page 9 that open source licenses "may not 
> work for procurement regulations" and elections software requires 
> "certain terms and conditions," seem dubious.
> <http://sfgov2.org/ftp/uploadedfiles/elections/rfi/20150828_OSET.pdf>
> 12. In response to the RFI's statement, "Designed so that all or part 
> of the system’s software operates using open source software," Clear 
> Ballot states, "Clear Ballot is built with modern software tools, 
> allowing the integration of many open source pieces of software in its 
> voting system. The main programming language is Python and many of the 
> web utilities come from open source software." Using open source 
> software in the development of a system (e.g. Python, etc.) is not the 
> same as the elections/voting software itself being released with an 
> OSI Approved Open Source License.
> <http://sfgov2.org/ftp/uploadedfiles/elections/rfi/20150828_ClearBallot.pdf>
>
> Hope this helps,
> Patrick
>
>
> On Fri, 2015-08-28 at 22:56 -0700, Brent Turner wrote:
>> http://sfgov2.org/index.aspx?page=4892
>>
>> _______________________________________________
>> CAVO mailing list
>> CAVO at opensource.org <mailto:CAVO at opensource.org>
>> https://lists.opensource.org/cgi-bin/mailman/listinfo/cavo
>
>
>
> _______________________________________________
> CAVO mailing list
> CAVO at opensource.org
> https://lists.opensource.org/cgi-bin/mailman/listinfo/cavo

-- 
Juan E. Gilbert, Ph.D.
Andrew Banks Family Preeminence Endowed Professor & Chair
Computer & Information Science & Engineering Department
University of Florida
P.O. Box 116120
Gainesville, FL 32611
352.562.0784 (V)
352.392.1220 (F)
juan at ufl.edu
Twitter: @DrJuanGilbert
http://www.juangilbert.com/

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensource.org/pipermail/cavo_lists.opensource.org/attachments/20150829/6d435495/attachment.html>


More information about the CAVO mailing list