At 1:19 PM +0100 2/21/09, Per Jessen wrote:
Nathan Rixham wrote:
it's all a bit pointless, the only way to ensure only one vote per
person is to get take and test a dns sample from each user.
anything else is going to be flawed
Not at all - you issue voting-rights based on user identity. Works very
well in many places. Here in Switzerland for instance.
/Per
Certainly voting methodology can work provided you can accurately
identify the voter -- and therein lies the problem.
Fortunately/unfortunately, the server can only gather a limited
amount of information from a user's visit and certainly not enough to
accurately discern one user from another.
So some other method must be employed and all methods revolve around
some process where the user is required to identify themselves online
before casting their vote.
Now, the question is -- how do you do that? With Unions, Federal,
State, Local and other such organizations, they often have hard-copy
ID cards that the user have in their possession.
The organization wanting the gather the vote simply has to have an
online database with those ID numbers to approve and subsequently
permit voting. However, a problem still remains, which is "Is the
person casting the vote the person who is registered to that ID?" At
some point you have to conclude that the person submitting the
correct ID is the person voting.
If you don't have a hard-copy ID card for the people you are
accepting votes from, then you must rely on some other method of
uniquely identifying the person voting.
The method I suggested was simply to use the person's email address.
Each email address is indeed unique. HOWEVER, many people could use
the same email address and thus the method cannot guarantee the
identity of the person casting the vote. But like the ID card, at
some point you have to conclude that the person submitting the
correct email address is the person voting. Neither method is
perfect, but one vote is gathered per ID/email address.
Granted, my method does not prohibit someone from gathering numerous
email address and voting several times. But my method does provide a
better job than not requiting any identification from the voter at
all, as was suggested at the beginning of this thread by someone who
didn't understand the problem. It's one thing to be required to have
a real email address, it's another matter to just click and click
again. Even with using COOKIES, it's not a problem to click, clear
COOKIES, and click again.
So in Switzerland if each of you have a ID card, then the problem is
"solved" as descried above. However, if there is no ID card, then
other methods must be considered. But I just don't see any way of
uniquely identifying a user online without some sort of unique user
input -- do you?
Cheers,
tedd
--
-------
http://sperling.com http://ancientstones.com http://earthstones.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
