[CAVO] Please give opinions and clarifying information on these responses

Juan E. Gilbert juan at ufl.edu
Mon Aug 31 15:29:17 UTC 2015


When we release, we will post our source code.


Thanks,


On 8/31/15 11:26 AM, David RR Webber (XML) wrote:
> The folks actually have their source code up on GitHub:
>
> https://vote.heliosvoting.org/about
>
> https://github.com/benadida/helios-server
>
> I'm not a big fan of encryption and shuffling mechanisms WRT voting - 
> as its a barrier to transparency and verification.  However - having 
> source code on GitHub clearly is a good thing.  Not sure how much 
> documentation and design detail is also there - but its a start for sure.
>
> David
>
>     -------- Original Message --------
>     Subject: Re: [CAVO] Please give opinions and clarifying information on
>     these responses
>     From: "Juan E. Gilbert" <juan at ufl.edu <mailto:juan at ufl.edu>>
>     Date: Mon, August 31, 2015 9:15 am
>     To: masson at opensource.org <mailto:masson at opensource.org>, CAVO
>     <cavo at opensource.org <mailto:cavo at opensource.org>>
>     Cc: debbryant at opensource.org <mailto:debbryant at opensource.org>
>
>     Question, is there currently any open source GPL v.3 voting
>     software available? I was told that when we release Prime III in
>     September, it will be the first. I'm trying to confirm that true.
>
>
>     Thanks,
>
>
>     On 8/29/15 3:32 PM, Juan E. Gilbert wrote:
>>     Patrick, Prime III will be released, probably on GitHub, in
>>     September, see http://www.knightfoundation.org/grants/201551186/
>>
>>     We received a grant to release it. New Hampshire is using it
>>     Statewide in 2016. So, it will be there. I'm working on the
>>     finishing touches to release it.
>>
>>     All of your other comments, make sense to me. I don't know Alan
>>     Dechert either, but I agree, he's someone we should know. The
>>     work he describes, we have done with Prime III as well.
>>
>>     Thanks,
>>
>>
>>     On 8/29/15 1:52 PM, Patrick Masson wrote:
>>>     All,
>>>
>>>     Here are some comments based on my initial review. I am
>>>     particularly concerned with item eleven, OSET's response.
>>>
>>>     1. Clear Ballot (clearballot.com <http://clearballot.com>) is
>>>     not distributed with an OSI Approved Open Source License.
>>>     <http://sfgov2.org/ftp/uploadedfiles/elections/rfi/20150811_RCVBallotDesign.pdf>
>>>
>>>     2. International Voting Machines response states: "We are
>>>     negotiable on certification and public review of software; not
>>>     open source"
>>>     <http://sfgov2.org/ftp/uploadedfiles/elections/rfi/20150818_IVM.pdf>
>>>     3. No documentation of open source claims (GPL3) for Prime III.
>>>     Claims of open source license without access to code is meaningless.
>>>     <http://sfgov2.org/ftp/uploadedfiles/elections/rfi/20150826_PrimeIII.pdf>
>>>     4. Statements like, "Designed so that all or part of the
>>>     system’s software operates using open source software." and
>>>     "Everyone Counts is based on open-source software while
>>>     maintaining the security of a locked down system." are
>>>     antithetical. Upon review, it could not be determined if the
>>>     "eLect" software is actually distributed with an OSI Approved
>>>     Open Source License.
>>>     <http://sfgov2.org/ftp/uploadedfiles/elections/rfi/20150827_EC.pdf>
>>>     5, The only information provided in response to "Designed so
>>>     that all or part of the system’s software operates using open
>>>     source software." is "The database used by the Electionware
>>>     election definition system is PostgreSQL, a scalable open source
>>>     database." Obviously this does not apply to the actual election
>>>     software.
>>>     <http://sfgov2.org/ftp/uploadedfiles/elections/rfi/20150828_ES&S.pdf>
>>>     6. I do not know who Alan Dechert is but he sounds like someone
>>>     CAVO should reach out to. He seems very committed.
>>>     <http://sfgov2.org/ftp/uploadedfiles/elections/rfi/20150828_Dechert.pdf>
>>>     7. Digital Foundry's response seems to be a proposal to build a
>>>     system. While they seem positively inclined toward open source,
>>>     they do not state specifically that the work developed would be
>>>     assigned an OSI Approved Open Source License.
>>>     <http://sfgov2.org/ftp/uploadedfiles/elections/rfi/20150828_DigitalFoundryResponse.pdf>
>>>     8. In response to the RFI's statement, "Designed so that all or
>>>     part of the system’s software operates using open source
>>>     software." HartInterCivic states, "Yes. Verity is designed to
>>>     use open source software." Using open source software (e.g.
>>>     Linux OS, noSQL DB, etc.) is not the same as the
>>>     elections/voting software being released with an OSI Approved
>>>     Open Source License.
>>>     <http://sfgov2.org/ftp/uploadedfiles/elections/rfi/20150828_Hart.pdf>
>>>     9. In response to the RFI's statement, "Designed so that all or
>>>     part of the system’s software operates using open source
>>>     software," Dominion Voting states, "Dominion’s Democracy Suite
>>>     is designed so that parts of the system’s software operates
>>>     using open source software, such as the use of Linux for the
>>>     development of ImageCast optical scan tabulators. In addition,
>>>     due to the fa ct that many COTS components form part of the
>>>     voting system, additional system components operate on open
>>>     source software, such as the Android platform used in
>>>     conjunction with the ImageCast X voting terminal." Using open
>>>     source software (e.g. Linux OS, Android, etc.) is not the same
>>>     as the elections/voting software being released with an OSI
>>>     Approved Open Source License.
>>>     <http://sfgov2.org/ftp/uploadedfiles/elections/rfi/20150828_Dominion.pdf>
>>>     10. Galois appears to seek a contract to build a system. They
>>>     make several claims, "Our products are all Open Source,
>>>     customers can purchase fit-for-purpose versions, and we have a
>>>     variety of support and service contracts." "We can provide
>>>     evidence of these claims by simply referring evaluators to our
>>>     Open Source product repositories." Looking at their prior work /
>>>     GitHub repositories (<https://github.com/GaloisInc>), they
>>>     appear to distribute work under the BSD license.
>>>     <http://sfgov2.org/ftp/uploadedfiles/elections/rfi/20150828_Galois.pdf>
>>>     11. OSET has made two claims, that I am leery of: 1. that they
>>>     have submitted the OSET Public License (OPL) or some other to
>>>     the OSI. I am not aware of any submission for review, but have
>>>     asked the OSI Board to confirm. The statement on page 9 that
>>>     open source licenses "may not work for procurement regulations"
>>>     and elections software requires "certain terms and conditions,"
>>>     seem dubious.
>>>     <http://sfgov2.org/ftp/uploadedfiles/elections/rfi/20150828_OSET.pdf>
>>>     12. In response to the RFI's statement, "Designed so that all or
>>>     part of the system’s software operates using open source
>>>     software," Clear Ballot states, "Clear Ballot is built with
>>>     modern software tools, allowing the integration of many open
>>>     source pieces of software in its voting system. The main
>>>     programming language is Python and many of the web utilities
>>>     come from open source software." Using open source software in
>>>     the development of a system (e.g. Python, etc.) is not the same
>>>     as the elections/voting software itself being released with an
>>>     OSI Approved Open Source License.
>>>     <http://sfgov2.org/ftp/uploadedfiles/elections/rfi/20150828_ClearBallot.pdf>
>>>
>>>     Hope this helps,
>>>     Patrick
>>>
>>>
>>>     On Fri, 2015-08-28 at 22:56 -0700, Brent Turner wrote:
>>>>     http://sfgov2.org/index.aspx?page=4892
>>>>
>>>>     _______________________________________________
>>>>     CAVO mailing list
>>>>     CAVO at opensource.org <mailto:CAVO at opensource.org>
>>>>     https://lists.opensource.org/cgi-bin/mailman/listinfo/cavo
>>>
>>>
>>>
>>>     _______________________________________________
>>>     CAVO mailing list
>>>     CAVO at opensource.org
>>>     https://lists.opensource.org/cgi-bin/mailman/listinfo/cavo
>>
>>     -- 
>>     Juan E. Gilbert, Ph.D.
>>     Andrew Banks Family Preeminence Endowed Professor & Chair
>>     Computer & Information Science & Engineering Department
>>     University of Florida
>>     P.O. Box 116120
>>     Gainesville, FL 32611
>>     352.562.0784 (V)
>>     352.392.1220 (F)
>>     juan at ufl.edu
>>     Twitter: @DrJuanGilbert
>>     http://www.juangilbert.com/  
>
>     -- 
>     Juan E. Gilbert, Ph.D.
>     Andrew Banks Family Preeminence Endowed Professor & Chair
>     Computer & Information Science & Engineering Department
>     University of Florida
>     P.O. Box 116120
>     Gainesville, FL 32611
>     352.562.0784 (V)
>     352.392.1220 (F)
>     juan at ufl.edu
>     Twitter: @DrJuanGilbert
>     http://www.juangilbert.com/  
>
>     ------------------------------------------------------------------------
>     _______________________________________________
>     CAVO mailing list
>     CAVO at opensource.org <mailto:CAVO at opensource.org>
>     https://lists.opensource.org/cgi-bin/mailman/listinfo/cavo
>
>
>
> _______________________________________________
> CAVO mailing list
> CAVO at opensource.org
> https://lists.opensource.org/cgi-bin/mailman/listinfo/cavo

-- 
Juan E. Gilbert, Ph.D.
Andrew Banks Family Preeminence Endowed Professor & Chair
Computer & Information Science & Engineering Department
University of Florida
P.O. Box 116120
Gainesville, FL 32611
352.562.0784 (V)
352.392.1220 (F)
juan at ufl.edu
Twitter: @DrJuanGilbert
http://www.juangilbert.com/

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensource.org/pipermail/cavo_lists.opensource.org/attachments/20150831/b287d5bf/attachment.html>


More information about the CAVO mailing list