• No products in the cart.

The Complexity of Doing Things Right in Distributed Board Elections by David Maxwell

Helping coordinate an annual Board of Directors replacement process isn’t easy. It’s a bit more difficult when the organization is a globally-distributed non-profit open source organization.

The NetBSD Project is an open source effort that develops, maintains, and distributes an Operating System that runs on over 57 different hardware platforms, including a BSD Unix Kernel and full suite of userland utilities, and the various toolchain elements required to make it a self-hosting and cross-build capable development environment.

The NetBSD Foundation is the non-profit organization that administers the Project. The ‘TNF’ Board appoints the Project Core team, manages finances, and sets overall direction for the project.

In a distributed project, it is important that all the steps in the election process be transparent and auditable, so that every participant can be as certain as possible that the process is not compromised in any way, and that their own vote gets counted correctly, while still keeping the actual votes secret.

The process begins with the Board finding a volunteer Chairperson for the Nominations Committee. I was asked to Chair the process this year, and I thought that there might be some general interest in how this process works whether you want to know more about the NetBSD Project, or you want to apply some of these techniques to another organization.

My first task is to solicit volunteers for the Nominating Committee from the membership of the project. (That happens on an internal project mailing list, so most people reading this post won’t see that email.) I’ve given a week and a half for people to volunteer, at which point I will publish (to the membership) the list of volunteers. Two days after that (during which time, anyone who feels they volunteered, but weren’t on my list can raise an objection) the volunteer list and the results of a government-run public lottery (Ontario Lotto 649 for Feb 27th, 2016 in this case) will be fed into an algorithm that selects the ten individuals that will make up the Nominations Committee.

By publishing the set of volunteers in advance, everyone in the project has access to that input to the algorithm. By publishing the lottery date in advance, everyone in the project has access to the random numbers that drive the selection. By publishing the source code for the algorithm in advance, every project member can individually confirm that the process is run securely, and the membership of the NomCom can not be controlled by the Chair, or anyone else.

A secure voting process shares a lot in common with cryptography. The creators have to understand the inputs, the quality of the randomness supplied, and the transformations applied to the data. The designer also needs to understand the properties which are meant to be guaranteed by the process, such as transparency and individual confirmation of the entire process in this case.

The Foundation’s bylaws are available for anyone to read. This is just the first step in NetBSD’s entire annual process. From there, the NomCom begins their deliberations. If there is interest in this process, I’ll post again as the NomCom and board election continues.

P.S. The NetBSD electoral process was inspired by the Internet Engineering Task Force (IETF) process.

Source: LinkedIn Pulse

About the Author:

David Maxwe3f258b2ll

2016 Nominations Committee Chair for The NetBSD Foundation

Specialties: Security, Protocols, Programming, Architecture, Kernel, Userland, Unix, Cisco, NetBSD


0 responses on "The Complexity of Doing Things Right in Distributed Board Elections by David Maxwell"

Leave a Message

Your email address will not be published. Required fields are marked *

© HAKIN9 MEDIA SP. Z O.O. SP. K. 2013