[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Demexp-dev] voting tools

From: skaller
Subject: Re: [Demexp-dev] voting tools
Date: 23 Sep 2004 05:43:47 +1000

On Thu, 2004-09-23 at 04:03, David MENTRE wrote:

> I'm new to lablgtk2, so feel free to make comments on code structure. 

Lol -- I've built two interfaces to gtk: worked on mlgtk,
and then built a Vyper interface to it. But I've never
done more than hello world program using gtk, and not
used lablgtk2 at all :)

Still .. GUI's are laborious rather than hard. 
The labouriousest <g> part is usually figuring out
what order to do things in (callbacks suck :)

> My GNU Arch repository is at:
>  address@hidden

Ok .. I'll have to get Arch first .. building it now ...

> You'll find always the latest tarball of the code at:
> This is just a proposal, if you don't like it, just tell me.

It sounds ok, but I'll have to build arch (i'm getting tla-1.2.1),
then figure out how to grab the sources... if you have a hint
how to do that it may help (CVS certainly isn't obvious)

> In our last project meeting on Monday, we defined following priorities
> for development (taking as hypothesis that I was the only developer):

LOL! I know that feeling .. :)

>  5. security protocol and its implementation (it might necessitate code
>     refactoring).

yeah, the first thing is to get a working demo.

IMHO: security and encryption and virtually independent.
There are plenty of plug-in encryption libs around.

Security is all about an architectural model .. how keys are
stored, which processes to use etc.

For example you could accept signed email votes.
Or insist on online verification.
GPG is all about security -- the encryption is just a minor 
detail, typically a plugin :)

For Felix I would like people to be able to 
examine source code online, so they can tell what it
does, and examine signed certificates from experts
giving opinions about what it does.. then download
an execute it .. with some reason to believe they're
executing what they just examined.

Executing stuff off the internet is risky -- so I need
a pretty good security model.. but the download itself,
for example, could just use https -- there's no secrecy
here, just a need to be sure the code will do what you
expect: I need a security model. The encryption isn't
really an issue :)

John Skaller, mailto:address@hidden
voice: 061-2-9660-0850, 
snail: PO BOX 401 Glebe NSW 2037 Australia
Checkout the Felix programming language

reply via email to

[Prev in Thread] Current Thread [Next in Thread]