|
|
|
Nominations are now open for the Cyberspace Communications, Inc. Board of Directors. In accordance with Article 4, Section d of the Bylaws, nominations will close on November 15 and an online election will be held December 1 through December 15. Terms of office begin on January 1, 2014, and are two years in length. Four seats are up for election this time around. Grex membership is a requirement for serving on the Board. Any current member of Grex who has paid at least 3 months' membership dues and meets state of Michigan eligibility requirements may run for and serve on the Board. The term of one board members have one more year to run: TS Taylor (tsty). Hence there is no point in nominating him. The four board members whose terms end on January 31 are Kent Nassen (kentn), Andy Ball (ball), Ryan Antkowiak (ryan), and Jonathan Chapman (glitch). To appear on the ballot, a person must be nominated in this item by November 15 and affirmatively accept the nomination in this item before the start of voting on December 1. Seconds are not required. Self-nominations are permitted.
40 responses total.
I nominate all four current board members whose terms end, if they want to run again.
Who on the current board is eligible to run again?
All are eligible to run again except TS. See: https://grex.org/cyberspace/board.xhtml Note that the Grex membership modified the by-laws to remove term limits.
Our grex governance page shows: Jonathan Chapman (glitch) Andrew Ball (ball) Ryan Antkowiak (ryan) Kent Nassen (kentn) Are the current Board members with expiring terms. Just so their names are explicitly in this item... I accept.
I accept as well.
Thank you both.
Why is TS excluded?
I'm not sure whether to accept the nomination.
TS ran last year for 2 year term. The entire Grex Board does not come up for re-election every year, in other words.
Andy, we could sure use your input on the Board, so I hope you'll accept.
question-- who on the board is the treasurer and is that person's term up? of course a group really only needs a treasure if it has money and paid members. Does grex have either now?
TS is the treasurer and no his term is not up.
BTW, technically nominations close(d) on Nov. 15 but since this item was a bit late in getting posted, we might want to extend the nomination period to be fair. Does anyone have an objection to that (we've done it in the past)?
Re 11: Grex has enough money to survive for quite a few years. Remember, we don't have many expenses now and people have been signing up for memberships right along. We have over $1000 at the current time (the exact number should be in the minutes of last meeting, which I don't think have been entered in coop yet). Our bylaws require a chairperson, a secretary, and a treasurer. It's not enough to say that a treasurer is all we need.
Hmmm... I only see two acceptances: kentn and glitch. As things stand right now, we will only have those two to vote on.
The election is set to run from one minute past midnight on 1 December through one minute before midnight on 15 December. We have two candidates (I hope both of them are members) for four seats. Note that voting is from the web, so we will have to wait for the main page to be modified. (I found it to be like eating a Lays potato chip.)
Yeah, we didn't get any other nominations. Feel free to make some. Or nominate yourself. Nominations should close tonight, though. Otherwise we'd need to push out the election a little.
Can someone contact the other nominees asking them to accept? I bet a lot of people do not realize there is an election coming up. I don't recall it being mentioned in agora.
Resp:16 The web page is not trustworthy at this point; the web server is not presenting a valid certificate (NotAfter has passed). If we require use of a b0rken website in order to participate we give people an ultimatum between poor security and participation.
You have to log in to vote, anyway. So I don't see the issue with the certificate on the web page.
The other nominees have been contacted weeks ago. As for announcing the nominations/election, it was/is in the motd and was announced in agora (item 3). It is also announced on the grex main web page.
The whole reason that a certifying authority sets a "NotValidAfter" attribute is to limit the time during which an adversary can subvert or snoop the traffic in-flight, whether because the adversary stole the key (and the inattentive system operators did not notice) or the adversary guessed the key. Allowing the certificate to lapse not only shows neglect by the organization operating the system that asserts the certificate, but exposes all ussers of the interface that asserts the certificate to having their in-flight traffic (including credentials, non-public information or other traffic) stolen or changed on the wire. I am not concerned that I have to enter my credentials in order to vote; I would expect and hope to have to (a reasonable control). The concern is that an adversary on or off the system could intercept my attempt to vote and either view the credentials used to put in the vote or change my vote in-flight. I work as a registration authority for an internal certifying authority and deal with this foolishness in my day job. -DTK
So do you think someone guessed the key? Maybe we should just go back to self-generated certs and cut this mysterious certifying authority out. I'm not sure we can trust them, either.
A self-signed certificate exacerbates the problem, because there is no way to tell if the certificate was in fact signed by the system itself, or by an adversary posing as the system. Since Grex's self-signed certificate is not by default in browsers' trust-stores, there would be no basis for trusting it, and without an out-of-band mechanism to convey the certificate for establishing trust, people would assume it has been compromised. The value of a CA (id eddum Certifying Authority) is that it anchors trust to a handful (actually over a hundred) organizations whose primary business is serving as trust providers, and whose root certificate (trust anchor) is included with browsers. CAs participate in what is known as the CA-Browser Forum, and are held to a high level of scrutiny. They in-turn scrutinize signing requests, and for highly trusted certificaes (Extended Validation (green address bar)), they perform extensive research to validate that the certificate was requested only by the entity that claims to be, and not by an imposter (can take up to three weeks for a new second-level domain; usually involves company letterhead, interviewing named company officers, whois registration, etc). To make the analogy, they serve as notary public for the PKI, and their activity is cryptographically verifyable. no, I do not think that the Grex private key has been pwned and taken home, but training people to ignore certificate warnings is in itself dangerous, as it lowers everybody's security awareness, and is poor OPSEC. Furthermore, the longer a key-pair hangs out there, the greater the likelihood of it being silently pwned, hence the expiration date on every certificate, giving a known (planned) end of usefulness.
Is it too late to nominate Tod for board member, since the voting process is not working yet anyway and we need two more members? If not, I nominate him. He told me he would accept. He has run before.
I haven't looked at the Grex bylaws recently, but I presume there is some mechanism for filling vacancies. There will now be two vacancies for the Board to fill. This will be simpler than restarting the voting - which, in fact, is not provided for the the bylaws.
The voting process IS working. I don't know why anyone would think it isn't. We'll need a special election, I expect, unless we want to interrupt the voting. The bylaws provide for filling vacancies in the Board via special election. BTW, this is the nominations item, not the "justify an SSL certificate" or "complain about why our SSL certificate has expired" item.
Tod, do you accept this belated nomination? If so, we can discuss what to do about it in re the current election.
I accept
Thanks, Tod. I hope we can get you on the ballot for this election. I'm checking with our vote admin. It won't affect the election of anyone else since we have four slots open.
We'll call this nominations item closed as of Nov. 30, 2013 and set up a separate nominations item for a special election for the two remaining seats. I wish the people who are so critical of things here would do the right thing, which is to help with Grex, but alas, criticizing is easy, helping with the operation of Grex is not.
Ignore them. It's time. Past time, actually.
Okay, I'm checking with the vote admin to see if we can get another candidate added. This would help us quite a bit.
Thanks Kent
I've entered a new nominations item, coop 344, so we can continue there. We will need to do a special election in any event.
I've made an unofficial, provisional count of the votes in the regular election for the Board of Directors for 2014. Six people voted. Five voted for both candidates, and one voted for only one candidate. So if any of the five who voted for both are members, and the candidates are members, then the two candidates were elected. The Treasurer has not provided a list of the members as of the end of the voting period, so I cannot make an official count.
Of the members, one voted in this election. Unfortunately, one of the candidates, glitch, was not a member at the time of the election and so was not eligible to run. The one member who voted did vote for kentn, so Kent is elected to a two year term, which started on January 1, 2014.
Thanks for doing the counting, gelinas. Time to organize another special election.
Thanks for running for election, Kent. Strange to have an election with as many voters as candidates.
|
|
|
- Backtalk version 1.3.30 - Copyright 1996-2006, Jan Wolter and Steve Weiss