[CAVO] Please give opinions and clarifying information on these responses

Juan E. Gilbert juan at ufl.edu
Mon Aug 31 16:01:29 UTC 2015


Yes, GPL is what we are looking for. 

Thanks,


---
Sent from my iPhone

> On Aug 31, 2015, at 11:37 AM, Patrick Masson <masson at opensource.org> wrote:
> 
> But to be clear, that is released under the Apache License. I believe Juan was looking for examples of GPL code.
> 
> BYW, we use Helios for the OSI Board Elections.
> 
>> On Mon, 2015-08-31 at 11:29 -0400, Juan E. Gilbert wrote:
>> When we release, we will post our source code. 
>> 
>> 
>> Thanks,
>> On 8/31/15 11:26 AM, David RR Webber (XML) wrote:
>>> The folks actually have their source code up on GitHub:
>>> https://vote.heliosvoting.org/about
>>> https://github.com/benadida/helios-server
>>> I'm not a big fan of encryption and shuffling mechanisms WRT voting - as its a barrier to transparency and verification.  However - having source code on GitHub clearly is a good thing.  Not sure how much documentation and design detail is also there - but its a start for sure.
>>> David
>>> -------- Original Message --------
>>> Subject: Re: [CAVO] Please give opinions and clarifying information on
>>> these responses
>>> From: "Juan E. Gilbert" <juan at ufl.edu>
>>> Date: Mon, August 31, 2015 9:15 am
>>> To: masson at opensource.org, CAVO <cavo at opensource.org>
>>> Cc: debbryant at opensource.org
>>> 
>>> Question, is there currently any open source GPL v.3 voting software available? I was told that when we release Prime III in September, it will be the first. I'm trying to confirm that true.
>>> 
>>> 
>>> Thanks,
>>> On 8/29/15 3:32 PM, Juan E. Gilbert wrote:
>>>> Patrick, Prime III will be released, probably on GitHub, in September, see http://www.knightfoundation.org/grants/201551186/
>>>> 
>>>> We received a grant to release it. New Hampshire is using it Statewide in 2016. So, it will be there. I'm working on the finishing touches to release it.
>>>> 
>>>> All of your other comments, make sense to me. I don't know Alan Dechert either, but I agree, he's someone we should know. The work he describes, we have done with Prime III as well.
>>>> 
>>>> Thanks,
>>>> On 8/29/15 1:52 PM, Patrick Masson wrote:
>>>>> All,
>>>>> 
>>>>> Here are some comments based on my initial review. I am particularly concerned with item eleven, OSET's response.
>>>>> 
>>>>> 1. Clear Ballot (clearballot.com) is not distributed with an OSI Approved Open Source License.
>>>>> <http://sfgov2.org/ftp/uploadedfiles/elections/rfi/20150811_RCVBallotDesign.pdf> 
>>>>> 2. International Voting Machines response states: "We are negotiable on certification and public review of software; not open source"
>>>>> <http://sfgov2.org/ftp/uploadedfiles/elections/rfi/20150818_IVM.pdf>
>>>>> 3. No documentation of open source claims (GPL3) for Prime III. Claims of open source license without access to code is meaningless.
>>>>> <http://sfgov2.org/ftp/uploadedfiles/elections/rfi/20150826_PrimeIII.pdf>
>>>>> 4. Statements like, "Designed so that all or part of the system’s software operates using open source software." and "Everyone Counts is based on open-source software while maintaining the security of a locked down system." are antithetical. Upon review, it could not be determined if the "eLect" software is actually distributed with an OSI Approved Open Source License.
>>>>> <http://sfgov2.org/ftp/uploadedfiles/elections/rfi/20150827_EC.pdf>
>>>>> 5, The only information provided in response to "Designed so that all or part of the system’s software operates using open source software." is "The database used by the Electionware election definition system is PostgreSQL, a scalable open source database." Obviously this does not apply to the actual election software.
>>>>> <http://sfgov2.org/ftp/uploadedfiles/elections/rfi/20150828_ES&S.pdf>
>>>>> 6. I do not know who Alan Dechert is but he sounds like someone CAVO should reach out to. He seems very committed.
>>>>> <http://sfgov2.org/ftp/uploadedfiles/elections/rfi/20150828_Dechert.pdf>
>>>>> 7. Digital Foundry's response seems to be a proposal to build a system. While they seem positively inclined toward open source, they do not state specifically that the work developed would be assigned an OSI Approved Open Source License.
>>>>> <http://sfgov2.org/ftp/uploadedfiles/elections/rfi/20150828_DigitalFoundryResponse.pdf>
>>>>> 8. In response to the RFI's statement, "Designed so that all or part of the system’s software operates using open source software." HartInterCivic states, "Yes. Verity is designed to use open source software." Using open source software (e.g. Linux OS, noSQL DB, etc.) is not the same as the elections/voting software being released with an OSI Approved Open Source License.
>>>>> <http://sfgov2.org/ftp/uploadedfiles/elections/rfi/20150828_Hart.pdf>
>>>>> 9. In response to the RFI's statement, "Designed so that all or part of the system’s software operates using open source software," Dominion Voting states, "Dominion’s Democracy Suite is designed so that parts of the system’s software operates using open source software, such as the use of Linux for the development of ImageCast optical scan tabulators. In addition, due to the fa ct that many COTS components form part of the voting system, additional system components operate on open source software, such as the Android platform used in conjunction with the ImageCast X voting terminal." Using open source software (e.g. Linux OS, Android, etc.) is not the same as the elections/voting software being released with an OSI Approved Open Source License.
>>>>> <http://sfgov2.org/ftp/uploadedfiles/elections/rfi/20150828_Dominion.pdf>
>>>>> 10. Galois appears to seek a contract to build a system. They make several claims, "Our products are all Open Source, customers can purchase fit-for-purpose versions, and we have a variety of support and service contracts." "We can provide evidence of these claims by simply referring evaluators to our Open Source product repositories." Looking at their prior work / GitHub repositories (<https://github.com/GaloisInc>), they appear to distribute work under the BSD license.
>>>>> <http://sfgov2.org/ftp/uploadedfiles/elections/rfi/20150828_Galois.pdf>
>>>>> 11. OSET has made two claims, that I am leery of: 1. that they have submitted the OSET Public License (OPL) or some other to the OSI. I am not aware of any submission for review, but have asked the OSI Board to confirm. The statement on page 9 that open source licenses "may not work for procurement regulations" and elections software requires "certain terms and conditions," seem dubious.
>>>>> <http://sfgov2.org/ftp/uploadedfiles/elections/rfi/20150828_OSET.pdf>
>>>>> 12. In response to the RFI's statement, "Designed so that all or part of the system’s software operates using open source software," Clear Ballot states, "Clear Ballot is built with modern software tools, allowing the integration of many open source pieces of software in its voting system. The main programming language is Python and many of the web utilities come from open source software." Using open source software in the development of a system (e.g. Python, etc.) is not the same as the elections/voting software itself being released with an OSI Approved Open Source License.
>>>>> <http://sfgov2.org/ftp/uploadedfiles/elections/rfi/20150828_ClearBallot.pdf>
>>>>> 
>>>>> Hope this helps,
>>>>> Patrick
>>>>> 
>>>>> 
>>>>>> On Fri, 2015-08-28 at 22:56 -0700, Brent Turner wrote: 
>>>>>> http://sfgov2.org/index.aspx?page=4892
>>>>>> 
>>>>>> _______________________________________________
>>>>>> CAVO mailing list
>>>>>> CAVO at opensource.org
>>>>>> https://lists.opensource.org/cgi-bin/mailman/listinfo/cavo
>>>>> 
>>>>> 
>>>>> 
>>>>> _______________________________________________
>>>>> CAVO mailing list
>>>>> CAVO at opensource.org
>>>>> https://lists.opensource.org/cgi-bin/mailman/listinfo/cavo
>>>> 
>>>> -- 
>>>> Juan E. Gilbert, Ph.D. 
>>>> Andrew Banks Family Preeminence Endowed Professor & Chair
>>>> Computer & Information Science & Engineering Department 
>>>> University of Florida 
>>>> P.O. Box 116120 
>>>> Gainesville, FL 32611 
>>>> 352.562.0784 (V)
>>>> 352.392.1220 (F)
>>>> juan at ufl.edu
>>>> Twitter: @DrJuanGilbert 
>>>> http://www.juangilbert.com/ 
>>> 
>>> -- 
>>> Juan E. Gilbert, Ph.D. 
>>> Andrew Banks Family Preeminence Endowed Professor & Chair
>>> Computer & Information Science & Engineering Department 
>>> University of Florida 
>>> P.O. Box 116120 
>>> Gainesville, FL 32611 
>>> 352.562.0784 (V)
>>> 352.392.1220 (F)
>>> juan at ufl.edu
>>> Twitter: @DrJuanGilbert 
>>> http://www.juangilbert.com/ 
>>> 
>>> _______________________________________________
>>> CAVO mailing list
>>> CAVO at opensource.org
>>> https://lists.opensource.org/cgi-bin/mailman/listinfo/cavo
>>> 
>>> 
>>> _______________________________________________
>>> CAVO mailing list
>>> CAVO at opensource.org
>>> https://lists.opensource.org/cgi-bin/mailman/listinfo/cavo
>> 
>> -- 
>> Juan E. Gilbert, Ph.D. 
>> Andrew Banks Family Preeminence Endowed Professor & Chair
>> Computer & Information Science & Engineering Department 
>> University of Florida 
>> P.O. Box 116120 
>> Gainesville, FL 32611 
>> 352.562.0784 (V)
>> 352.392.1220 (F)
>> juan at ufl.edu
>> Twitter: @DrJuanGilbert 
>> http://www.juangilbert.com/ 
> 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensource.org/pipermail/cavo_lists.opensource.org/attachments/20150831/60feb3b8/attachment.html>


More information about the CAVO mailing list