Rémi Denis-Courmont (12023-11-14):
> The French (XIXth century) Empire used notoriously public ballots, and the 
> results were skewed to say the least. There is a good reason why ballots are 
> supposed to be confidential.
> 
> And I don't think FFmpeg is immune to the same sort of issues. Consider the 
> case of developers with any kind of corporate affiliation or financial 
> dependency. What's to prevent their boss from telling them how to vote if the 
> ballots are public?

Nothing prevents their boss from telling them how to vote, even if the
ballots are secret.

The kind of secrecy a remote voting software can give us is “urn-style”
secrecy: once the ballot is in the box, now way of knowing whose ballot
it is.

But to prevent bosses from interfering, we would need
“voting-booth-style” secrecy: secrecy as the ballot is being cast and no
way for the person who cast it to prove what they voted for.

Vote-from-home systems cannot provide voting-booth-style secrecy:
somebody can hover behind your back while you cast your ballot, or even
demand you surrender your secret token.

Urn-style secrecy, the only kind we can have, only protects from casual
interference, like a kind in a conservative family not daring vote
liberal, or an elected official voting against the interests of their
biggest campaign donors. This is obviously not a problem for a libre
software projects where contributors are all over the world and barely
know each others.

Now that the question has been raised and I had a chance to reflect on
it, I think votes should probably be public. For votes about technical
questions, it seems to me quite obvious. For votes about people, like
the one now, it is more doubtful because it can lead to more personal
polarization, but I am rather in favor too.


Also, I will say it here instead of sending a separate mail:

I find the strategy of legal intimidation about the GDPR disgusting.

Regards,

-- 
  Nicolas George