[E-voting] The best VVAT is good for

Ryan Meade ryan at meade.net
Mon Oct 24 23:21:17 IST 2005

On 24/10/2005 16:35, "Brian O'Byrne" <bobyrne at statesoft.ie> wrote:

> To be very pedantic about it the VVPB we currently use is also not an
> audit trail. Information security professionals will talk about an
> audit trail having failure modes different to the thing being audited
> (or better: having no common failure modes), so a thing cannot be its
> own audit trail.

Whether the paper votes themselves can be termed an "audit trail" has been
debated before on this list:

http://lists.stdlib.net/pipermail/e-voting/2004-July/subject.html - the
thread titled "Thomas Greene just doesn't get it!"

While I take Brian's point above about the usage of "audit trail" in an
information security context, my view remains that in general usage an audit
trail does not necessarily have to be separate to that which is being
audited.  Further, I think it's very useful to be able to point out that the
current paper system already has an audit trail, which would have been lost
in the switchover to e-voting.


More information about the E-voting mailing list