Objet : Discussion list for Belenios
Archives de la liste
- From: "HOUART Gerald" <Gerald.Houart AT ulb.be>
- To: belenios-discuss <belenios-discuss AT inria.fr>
- Subject: Re: [belenios-discuss] Revisiting voter authentication
- Date: Wed, 21 Apr 2021 07:05:43 +0000
- Accept-language: fr-BE, en-US
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ulb.be; dmarc=pass action=none header.from=ulb.be; dkim=pass header.d=ulb.be; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=o6qdtvTwM3mBHuvejUNA4Fy+5HfbsSaPez2Na58JYto=; b=cGscYmhknAyVD4RrdtRGUpQVLjP2VLRH19oJDnIjOU4YK9/e0bcw+QLq9QZtWTKdud2rT4oeRhI0KQc+XhDkv3TuQ1VzaEp8FB4uSv92A+aJfL7ltjCQvZkveyXDJptfhupDZVYMJYAZ3D9hbMQA72C0OJKDy+MXjSPVRfI6nkvKg98aURUlU9cukAFs7b/b62aY5QTflQOQlyA+MXny4hLI66QMEvm73dc3G4vvMi9BghhNlCfsWeQvH/dtS3SPv6Cb5yl4uOUtNhzdQdjNf0v4+VOJWODjBDEBG/egn6hPCcvFkKvtSyBu+Xcz8hT+Rsf5hrQMMov9J/1+LCj04g==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=a+TxdBPlxZ+34d7EAyFrLKhrqGFkCwLjIjPjHQIaASUpyWH17Ty9sTEs9EeMpelVceaeVvfgVC24w+YshxLdyPXsYHvqW/pk+BYGbvkRABUhLlxNboABZ+01m/4uuXWttR1QJNke4jnz3w2VFW0mXfNfMziWmKnm+pBzk6+OabYrE2jm9osHERwmALy0QRXGWMGMzpjBqFZl5kfTCh8e0KSbNJL4wali/H78viCv7mTkyE+GiYwJxYX8v5OWR8HVOrNH5THPVwIv3TbTwIYF9OnRJSqee/65q40Y64cuWAyGvYHhGX/O82Brh7DjdChPwn38UwA+fRoJKBOfQgZXxA==
- Authentication-results: mail3-smtp-sop.national.inria.fr; spf=None smtp.pra=Gerald.Houart AT ulb.be; spf=Pass smtp.mailfrom=Gerald.Houart AT ulb.be; spf=Pass smtp.helo=postmaster AT EUR03-DB5-obe.outbound.protection.outlook.com
- Ironport-hdrordr: A9a23:+sqjmK4eMEPnx4AXPAPXwZ2BI+orLtY04lQ7vn1ZYxpTb8CeioSSjO0WvCWE8Qo5dVMBvZS7OKeGSW7B7pId2+NhRYuKcQH6tAKTR71KwpDlx1TbdxHW0+5GyONBXsFFebrNJH17l9u/3A6jD907ysKG+6zAv5a9815JTRt2L51m9RtzEAyBEkZ7ADBBH4dRLuv42uNihx6NPUsadd66AH5tZZmkm/TumIj9aRALQz4LgTPusRqS5LT3EweV034lOlty6Iwv6G3U1zH+j5/Nj9iA1hTe22XPhq45pPLdzLJ4afCku4wvBgzLsTvtTK9cYZHHgRZdmpDK1H8a1NXwq1MdJchpgkmhHV2dkF/g5gGl2j4r8nfjx1jwuxvenfA=
- Ironport-phdr: A9a23:ta4Z0BL2w2EeFpT7G9mcuIlhWUAX047cDksu8pMizoh2WeGdxfzKAkXT6L1XgUPTWs2DsrQY0ruQ6fi/Ejxfqb+681k6OKRWUBEEjchE1ycBO+WiTXPBEfjxciYhF95DXlI2t1uyMExSBdqsLwaK+i764jEdAAjwOhRoLerpBIHSk9631+ev8JHPfglEnjWwba52IRmsswndqssbjYRhJ6sz1xDEvmZGd+NKyG1yOFmdhQz85sC+/J5i9yRfpfcs/NNeXKv5Yqo1U6VWACwpPG4p6sLrswLDTRaU6XsHTmoWiBtIDBPb4xz8Q5z8rzH1tut52CmdIM32UbU5Uims4qt3VBPljjoMOjgk+2/Vl8NwlrpWrhK/qRJi347aboKbNPR8cazTfNMVWWVPUclKWixdGYy8apcDA/YbMOtaqYT2ulsArQG5BQmpHO7jxD1GiGb40qAmz+ovDxzN1xEhEd0QqnTbttH1O7ocXeuoy6TGzCvMb+lM1jf59YfEaBIvofaRXb1qa8rR1VIiFx7BjlqLs4DqJC2a2/0LvmOG4OVuSfihhHQ7qwFtvDev3MEsh5HNi48Vyl7I6Dl1zoY3KNC2SUN2Yd6qHYVNui+UM4Z7QcwvTWFmtSs01LELupq2cTQKxZg7xRPSb/yKfoaG7B/hUuuaPDl2hHVgeL2lhhay91CtyurhVsmo1FZKqS1FktrWun8R0BzT79CLSv96/ke72DaAzRrf6u9eIU0yiKHVKIYhz6Y/m5YPq0jPAzP6lUfsgKKZbEkp/vak5/zjb7jpvJOQKpJ4hhzkPqkhm8GzG+Q1PwcWU2SF+OmwyLPu8EjkTLlWlPI7k6zUvI7GKckYo6O1HgtY3Zom5hu6Ejur39IVlmQdIl1fYhKIlY3pNknOIP/mCfe/hEyhnjhlyP7aIrHsDIzBIHbenbrhZLp97FVTxxQpwdBY+pJUFqoOIPXuWk/3qdPUFAc5Mxazw+b7Ftpyyp8eWWOIAq+fKq/StkKI5v4rI+mLY48VuyzxJOQi5/7rlXM5mFkdcre13ZYPZ320Au5qL1iFbXfumNsMHn0Gsw4gQODyjV2NSz9TZ3K8X6Im4TE7DZqrA4bdSYC3mrOB2Dq0EodUaGBBF1CDC23od5mfVvcRbCKdOdVtnScaWrS5UY8uyQmutBPmy7pgNufb4TMXtZb929hz5u3Tkgoy+SVpAMScyGGCU3x0nngTRzItx6B+oUl9yk+Z3qRigvxYE8ZT5/JTXQsgO57c1b8yN9enUA/Fc9GIT03jTtS9CiwqVZplydIKbkB8HM7nghHY1DexGJcUkaaKDdo66PSP8WL2IpM361H7/ZMdxxEJT9FGMWHszvpQ+hLaA4KPs0KEnry2XbkY1mjH+THQniK1oEhEXVsoAu3+VncFax6OxfzJo3jaRrrrMowJdxNbwKaqN69ALNfk3w0ubMemA8zXZieKo0n1BRuMwdukQbfQIz5Y8A+ATU8OnkYU4GqMMhU4CmG5uWXCATdyFFXpJUTx7e15r3D9RUgxnVjiR30k7KK8/1suvdLZTvoS2rwevyJJgyhwFhC30oCPY+c=
Hi Stephane
We are using CAS for authentication in most of our elections but your
suggestion seems fine.
Another useful advantage will be that the e-mail with validation code will be
sent only to real voters and not to everyone.
Best
Gerald
Le 20/04/21 11:44, « belenios-discuss-request AT inria.fr au nom de Stéphane
Glondu » <belenios-discuss-request AT inria.fr au nom de
stephane.glondu AT inria.fr> a écrit :
Hello,
Currently, when one selects passwords for voter authentication (which is
most of the time), each voter receives two similar-looking e-mails: one
with the credential and one with a password. This has been reported as
confusing. Moreover, it is difficult to explain that the password can be
regenerated, but not the credential (which play different roles in the
protocol).
Therefore, I've been thinking on a new system that would confuse people
less while retaining interesting security properties. What I came up
with is a radical change in user experience, so I'm writing this message
to gather feedback from the community.
In this new system, the voter receives a single e-mail prior to the
election, the one with the credential. This e-mail is sent by the
credential authority. When the election is open, the voter enters
his/her credential, and votes as usual... but when it is time to
authenticate, he/she would just enter his/her username, and wait for an
e-mail sent by our server with a validation code that the voter would
enter in the web interface in order to continue.
The new system has been implemented in the development branch. You can
test it on the beta instance:
https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbelenios.loria.fr%2Fbeta%2Fadmin&data=04%7C01%7Cgerald.houart%40ulb.be%7C8853f615b951434ec0f508d903e0e539%7C30a5145e75bd4212bb028ff9c0ea4ae9%7C0%7C0%7C637545086716899183%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=XTxB52pVYxRSt%2BdCT3PHk4dvSZjhKkhS6qFJ02YWxZI%3D&reserved=0
When creating an election, in the first screen, select "email (imported
from server)" as authentication mechanism. Be aware that this instance
is... beta! (i.e. do not use it for actual elections!)
We are considering removing altogether the password-based authentication
for voters, because we do not see any more benefit in it. It would
survive a few more releases, and still be activable with configuration
but not enabled on our main instance... unless someone has a compelling
reason for keeping it.
By the way, this plan does not remove the possibility to authenticate
voters with CAS (or OpenID Connect in the development branch), in which
case no e-mail is sent in the authentication phase.
Cheers,
--
Stéphane
- [belenios-discuss] Revisiting voter authentication, Stéphane Glondu, 20/04/2021
- Re: [belenios-discuss] Revisiting voter authentication, HOUART Gerald, 21/04/2021
Archives gérées par MHonArc 2.6.19+.