<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 TRANSITIONAL//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=UTF-8">
<META NAME="GENERATOR" CONTENT="GtkHTML/4.6.6">
</HEAD>
<BODY>
All,<BR>
<BR>
Here are some comments based on my initial review. I am particularly concerned with item eleven, OSET's response.<BR>
<BR>
1. Clear Ballot (clearballot.com) is not distributed with an OSI Approved Open Source License.<BR>
<<A HREF="http://sfgov2.org/ftp/uploadedfiles/elections/rfi/20150811_RCVBallotDesign.pdf">http://sfgov2.org/ftp/uploadedfiles/elections/rfi/20150811_RCVBallotDesign.pdf</A>> <BR>
2. International Voting Machines response states: "We are negotiable on certification and public review of software; not open source"<BR>
<<A HREF="http://sfgov2.org/ftp/uploadedfiles/elections/rfi/20150818_IVM.pdf">http://sfgov2.org/ftp/uploadedfiles/elections/rfi/20150818_IVM.pdf</A>><BR>
3. No documentation of open source claims (GPL3) for Prime III. Claims of open source license without access to code is meaningless.<BR>
<<A HREF="http://sfgov2.org/ftp/uploadedfiles/elections/rfi/20150826_PrimeIII.pdf">http://sfgov2.org/ftp/uploadedfiles/elections/rfi/20150826_PrimeIII.pdf</A>><BR>
4. Statements like, "Designed so that all or part of the system’s software operates using open source software." and "Everyone Counts is based on open-source software while maintaining the security of a locked down system." are antithetical. Upon review, it could not be determined if the "eLect" software is actually distributed with an OSI Approved Open Source License.<BR>
<<A HREF="http://sfgov2.org/ftp/uploadedfiles/elections/rfi/20150827_EC.pdf">http://sfgov2.org/ftp/uploadedfiles/elections/rfi/20150827_EC.pdf</A>><BR>
5, The only information provided in response to "Designed so that all or part of the system’s software operates using open source software." is "The database used by the Electionware election definition system is PostgreSQL, a scalable open source database." Obviously this does not apply to the actual election software.<BR>
<<A HREF="http://sfgov2.org/ftp/uploadedfiles/elections/rfi/20150828_ES&S.pdf">http://sfgov2.org/ftp/uploadedfiles/elections/rfi/20150828_ES&S.pdf</A>><BR>
6. I do not know who Alan Dechert is but he sounds like someone CAVO should reach out to. He seems very committed.<BR>
<<A HREF="http://sfgov2.org/ftp/uploadedfiles/elections/rfi/20150828_Dechert.pdf">http://sfgov2.org/ftp/uploadedfiles/elections/rfi/20150828_Dechert.pdf</A>><BR>
7. Digital Foundry's response seems to be a proposal to build a system. While they seem positively inclined toward open source, they do not state specifically that the work developed would be assigned an OSI Approved Open Source License.<BR>
<<A HREF="http://sfgov2.org/ftp/uploadedfiles/elections/rfi/20150828_DigitalFoundryResponse.pdf">http://sfgov2.org/ftp/uploadedfiles/elections/rfi/20150828_DigitalFoundryResponse.pdf</A>><BR>
8. In response to the RFI's statement, "Designed so that all or part of the system’s software operates using open source software." HartInterCivic states, "Yes. Verity is designed to use open source software." Using open source software (e.g. Linux OS, noSQL DB, etc.) is not the same as the elections/voting software being released with an OSI Approved Open Source License.<BR>
<<A HREF="http://sfgov2.org/ftp/uploadedfiles/elections/rfi/20150828_Hart.pdf">http://sfgov2.org/ftp/uploadedfiles/elections/rfi/20150828_Hart.pdf</A>><BR>
9. In response to the RFI's statement, "Designed so that all or part of the system’s software operates using open source software," Dominion Voting states, "Dominion’s Democracy Suite is designed so that parts of the system’s software operates using open source software, such as the use of Linux for the development of ImageCast optical scan tabulators. In addition, due to the fa ct that many COTS components form part of the voting system, additional system components operate on open source software, such as the Android platform used in conjunction with the ImageCast X voting terminal." Using open source software (e.g. Linux OS, Android, etc.) is not the same as the elections/voting software being released with an OSI Approved Open Source License.<BR>
<<A HREF="http://sfgov2.org/ftp/uploadedfiles/elections/rfi/20150828_Dominion.pdf">http://sfgov2.org/ftp/uploadedfiles/elections/rfi/20150828_Dominion.pdf</A>><BR>
10. Galois appears to seek a contract to build a system. They make several claims, "Our products are all Open Source, customers can purchase fit-for-purpose versions, and we have a variety of support and service contracts." "We can provide evidence of these claims by simply referring evaluators to our Open Source product repositories." Looking at their prior work / GitHub repositories (<<A HREF="https://github.com/GaloisInc">https://github.com/GaloisInc</A>>), they appear to distribute work under the BSD license.<BR>
<<A HREF="http://sfgov2.org/ftp/uploadedfiles/elections/rfi/20150828_Galois.pdf">http://sfgov2.org/ftp/uploadedfiles/elections/rfi/20150828_Galois.pdf</A>><BR>
11. OSET has made two claims, that I am leery of: 1. that they have submitted the OSET Public License (OPL) or some other to the OSI. I am not aware of any submission for review, but have asked the OSI Board to confirm. The statement on page 9 that open source licenses "may not work for procurement regulations" and elections software requires "certain terms and conditions," seem dubious.<BR>
<<A HREF="http://sfgov2.org/ftp/uploadedfiles/elections/rfi/20150828_OSET.pdf">http://sfgov2.org/ftp/uploadedfiles/elections/rfi/20150828_OSET.pdf</A>><BR>
12. In response to the RFI's statement, "Designed so that all or part of the system’s software operates using open source software," Clear Ballot states, "Clear Ballot is built with modern software tools, allowing the integration of many open source pieces of software in its voting system. The main programming language is Python and many of the web utilities come from open source software." Using open source software in the development of a system (e.g. Python, etc.) is not the same as the elections/voting software itself being released with an OSI Approved Open Source License.<BR>
<<A HREF="http://sfgov2.org/ftp/uploadedfiles/elections/rfi/20150828_ClearBallot.pdf">http://sfgov2.org/ftp/uploadedfiles/elections/rfi/20150828_ClearBallot.pdf</A>><BR>
<BR>
Hope this helps,<BR>
Patrick<BR>
<BR>
<BR>
On Fri, 2015-08-28 at 22:56 -0700, Brent Turner wrote:
<BLOCKQUOTE TYPE=CITE>
<A HREF="http://sfgov2.org/index.aspx?page=4892">http://sfgov2.org/index.aspx?page=4892</A><BR>
<BR>
</BLOCKQUOTE>
<BLOCKQUOTE TYPE=CITE>
<PRE>
_______________________________________________
CAVO mailing list
<A HREF="mailto:CAVO@opensource.org">CAVO@opensource.org</A>
<A HREF="https://lists.opensource.org/cgi-bin/mailman/listinfo/cavo">https://lists.opensource.org/cgi-bin/mailman/listinfo/cavo</A>
</PRE>
</BLOCKQUOTE>
<BR>
</BODY>
</HTML>