voting/foundation.gnome.org/elections/2003/verify.wml
Vincent Untz 633462006d try to make the titles more consistent
2005-03-01  Vincent Untz  <vincent@vuntz.net>

	* foundation.gnome.org/*wml: try to make the titles more consistent

	* foundation.gnome.org/about/history/index.wml: add previous board
2005-03-01 12:16:38 +00:00

110 lines
3.8 KiB
XML

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<title>GNOME Foundation 2003 Elections Verification</title>
<meta name="cvsdate" content="$Date$" />
</head>
<body>
<h1>Verification of the GNOME Foundation 2003 Elections Results</h1>
<p>
To run the vote counting scripts, you need to download this archive:
<a href="2003-verif.tar.gz">2003-verif.tar.gz</a>.
</p>
<p>
Please note that you need make, wget, perl and python to run the
verification.
</p>
<h2>Warning</h2>
<p>
The authentication tokens sent in the ballots were calculated with an
old version of the MD5 perl module. It seems there is a bug in this
version which make it impossible to get the same authentication tokens
without this buggy module.
</p>
<p>
Note that the authentication tokens did work as expected: they are used
to identify the member so we're sure it's him/her who did vote. The only
problem arises when counting the votes: to verify the identity of a
voter, you need the buggy module.
</p>
<p>
We needed to work around this bug so everyone could verify the results.
This is why the verification software contains bad-token.txt: this
file contains all the miscalculated tokens and every information needed
to associate them with tokens that everyone can verify.
</p>
<p>
We advise every member to download the verification software and to
verify that his/her counted vote is indeed the vote he/she sent
</p>
<h2>Running the verification</h2>
<p>
Here are the steps to obtain the results:
</p>
<pre>$ tar zxvf 2003-verif.tar.gz</pre>
<pre>$ cd 2003-verif</pre>
<pre>$ make</pre>
<p>
The results should be in results.txt. A list of errors will be generated
at the top of the output. The final tallies will be at the bottom.
</p>
<h2>The verification software</h2>
<p>
With this verification software, you should get the same results that the
one posted by the GNOME Foundation Membership and Elections Committee.
You may want to verify the validity of this software, so here are some
hints to help you:
</p>
<ul>
<li>
look at bad-token.txt: this file contains the list of all the
validation tokens that were calculated using a misbehaving perl module.
The only way to get these tokens is to use the misbehaving perl module.
This file is used as a reference so we can replace the miscalculated
tokens with tokens that everyone can verify.
</li>
<li>
look at fix-token.pl: this script use bad-token.txt to search for the
miscalculated authentication tokens in the vote archives and replace
them with authentication tokens that everyon can verify. You can look
at the source code to be sure it does its job well and does nothing
else.
</li>
<li>
look at registered-voters.txt: this file contains the list of voters.
You can match it with the <a href="voters.html">official list</a>.
</li>
<li>
look at vote-archives.diff: this file contains all the modifications
that are made to the original vote archives to make the script work
without any problem. The main modifications are due to UTF-8 problems
or some misplaced characters. Some spams are also removed from the
archives.
</li>
<li>
look at vote-counter.py: this script does the counting. You can read
its code if you want to search for serious bugs that may alter the
results.
</li>
</ul>
</body>
</html>