Maybe all we need for Internet voting is more certificates?

I had lunch yesterday with a co-worker who previously worked at VeriSign. We were discussing Internet voting, and she asked "wouldn't using certificates just solve the problem?" I explained why the problem with Internet voting isn't really about protecting the network communications, but rather issues of anonymity, vulnerability of the central servers, etc. Certificates are a hammer useful for one type of nail (where you need encryption or signatures), but are useless against the more significant types of nails in voting systems: accidental or deliberate flaws in software, errors in ballot setups, insider or outsider attacks, etc.

But afterwards it made me think: how many voters out there have been drinking the Kool-Aid that if it's got a little lock in the corner of the browser window, then it must be secure? Maybe that should be the new marketing spin for the voting system vendors - display a padlock, and everyone will believe it's true!

As the issue of Internet voting keeps coming back year after year, we should expect more questions of this sort from well-meaning voters who don't understand the full spectrum of security issues.