DNSO Archives: [wg-review]

ICANN/DNSO DNSO Mailling lists archives

[wg-review]

<<< Chronological Index >>> <<< Thread Index >>>

Re: [wg-review] spoofed header

To: "wg Review list" <wg-review@dnso.org>, "Greg Burton" <sidna@feedwriter.com>
Subject: Re: [wg-review] spoofed header
From: "Miles B. Whitener" <mbw@i-theta.com>
Date: Thu, 1 Feb 2001 16:01:31 -0600
Cc: "Sotiropoulos" <sotiris@hermesnetwork.com>, <dconant@dnsga.org>, <mbw@i-theta.com>
References: <5.0.2.1.2.20010201142727.026370f0@pop.mail.yahoo.com>
Sender: owner-wg-review@dnso.org

Sounds like Sotiropoulos is in favor of a more secure system.

I think the following chain of reasoning is valid:

 1. If the initial subscription to the group is manually
conducted, there's a reasonable assurance that there's a unique
human behind the subscription.  Larger scale subscriptions would
have to be vouched for by people already somewhat trusted, in a
kind of hierarchy.
 2. If voters are required to openly Cc: (not Bcc:) to their
From: address, there's some protection against spoofing, without
requiring certificates.
 3. Normally, there would be no reason to mistrust the
chairperson, or better, secretary of the group, to act as a vote
counter in a secret ballot.

Now where am I wrong?  If the chair or secretary can't be trusted
to tally votes, this would be a serious problem that would need a
separate solution.


> All,
...

> While this is a clear demonstration of why either a cookie or
password
> based voting system is preferable to one conducted on an email
list, it is
> entirely inappropriate for a serious discussion.


--
This message was passed to you via the wg-review@dnso.org list.
Send mail to majordomo@dnso.org to unsubscribe
("unsubscribe wg-review" in the body of the message).
Archives at http://www.dnso.org/archives.html

References:
- [wg-review] spoofed header
  - From: Greg Burton <sidna@feedwriter.com>

<<< Chronological Index >>> <<< Thread Index >>>