[OpenID] Several Questions for the Current & Future Board

Fri Dec 12 14:36:09 UTC 2008

Ill offer ~8h of my own time to look at the openid-related part of the election software and its operational configuration. Since it's my time (not Board time, not Community time) its too important to folks if its wasted. I won't be offended if folks think I'm not qualified to even look at the code, as a trained software engineer (25 years) or professional security engineer (15+ years).

Now I don't even know what language it was written in, or if I know it! But, it doesn't matter.  After 25 years of looking at other people's (usually legacy) code, Ive learned to apply smell tests regardless of code or application problem. (I even managed to dominate Boo for a week or two, used in one of the openid 1.1 libraries!)

If anything derails (pun) this election, it's would be bad PR that the voting methods were not transparent - particularly in the application of openid identity verification/validation. But transparency is our own community metric.

Now,  Of course this voting apparatus would not not pass the public election laws on voting machines; no one ever assumed it would! It's just a fun application of openid. So let's see what people thought was important in the design/operating criteria.

Formally, however, folks have a situation  in which we are promoting openid, by using it. (Great!) And, folks are using are for a (highly) legal matter: grant certain authorities from the incorporation documents to directors, officers, board secretaries, etc. Not that I have the slightest authority, Id recommend as much transparency as folks can afford. I'll thus offer 8h of my time (for free), focusing only on the use made of the openid + https modules - as reflected in code and operational config.

The  code does not have to even be compliable or executable. 30m phone time with its main programmer would be helpful, to help navigate the code base and the organization of the deployment.

From: general-bounces at openid.net [mailto:general-bounces at openid.net] On Behalf Of Dick Hardt
Sent: Thursday, December 11, 2008 10:49 PM
To: sappenin at gmail.com
Cc: OpenID List
Subject: Re: [OpenID] Several Questions for the Current & Future Board

On 11-Dec-08, at 10:30 PM, David Fuelling wrote:

Hey all,

I have a few questions for either the current or future board members:

 1.  What kind of software are we using for the election, who created it, and will it be released publicly for audit/inspection purposes?

    *   Do current candidate have an opinion about OIDF voting software being publicly inspectable/available?

Perhaps as a Canadian, I have trust in an elections committee. While I have don't oppose the software being public -- I think we have so many other things that are better use of our time.

    *

 1.  Does the OIDF currently make it's budget and financial expenditure information public?
As Treasurer, I ensured that both were and are public information. They are in the board mailing list archives.

 1.

    *   Do current candidate have a position on providing full financial transparency of OIDF moving forward?

I would hope we would continue on with the transparency.

-- Dick

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20081212/e08340e7/attachment-0002.htm>