diff --git a/controllers/basic.py b/controllers/basic.py
index ad67032..9d85912 100644
--- a/controllers/basic.py
+++ b/controllers/basic.py
@@ -27,6 +27,10 @@ def index(self):
@web
def learn(self):
return self.render('learn')
+
+ @web
+ def faq(self):
+ return self.render('faq')
class AboutController(Controller):
diff --git a/index.yaml b/index.yaml
index 97ecf60..b22e559 100644
--- a/index.yaml
+++ b/index.yaml
@@ -10,14 +10,14 @@ indexes:
# automatically uploaded to the admin console when you next deploy
# your application using appcfg.py.
-# Used 3 times in query history.
+# Unused in query history -- copied from input.
- kind: ElectionExponent
properties:
- name: election
- name: exponent
direction: desc
-# Used 30 times in query history.
+# Used once in query history.
- kind: KeyShare
properties:
- name: election
@@ -43,7 +43,7 @@ indexes:
- name: tallied_at
- name: cast_id
-# Used 33 times in query history.
+# Used once in query history.
- kind: Voter
properties:
- name: election
diff --git a/templates/faq.tmpl b/templates/faq.tmpl
new file mode 100644
index 0000000..9b8a920
--- /dev/null
+++ b/templates/faq.tmpl
@@ -0,0 +1,26 @@
+#include "templates/header.tmpl"
+ Frequently Asked Questions
+
+
+
+ - Q. Why am I being asked to log in with my Google Account?
+ - For scalability, Helios is currently hosted at Google App Engine, and we use Google Accounts for logging in so you don't need to remember yet another password. You do not need to have or use a Google Account to be a voter, only to be an election administrator.
+
+ - Q. So Google and Helios know who I voted for?
+ - As long as you manage the election yourself or along with trustees, your vote is encrypted with the election public key before it leaves your browser, and neither Helios nor Google App Engine can decrypt it. If you select "Helios manages my election", then it is technically possible for Helios to decrypt your vote, since Helios holds the decryption key.
+
+ - Q. But Google and Helios can change the election result and I wouldn't know the difference.
+ - Definitely not. The point of an open-audit election is that you don't trust the election administrators. The election result comes with a mathematical proof of the tally, and even Google with its very powerful computers cannot fake this proof without being caught. Even if you choose to let Helios manage your election, Helios cannot fake the proof.
+
+ - Q. Still, I do not trust Google.
+ - Remember that you are not asked to trust Google here: the administrator cannot corrupt the election result. But fair enough. We're working on a version of Helios that does not require Google App Engine.
+
+ - Q. How do you expect the average voter to understand this complex math?
+ - Most people don't know how cars or MRI machines work, but they know to ask a disinterested expert whether those work well. The same goes for Helios and open-audit voting: anyone has access to all of the details needed to understand the underlying proofs, but if someone doesn't have the time, they can ask a friend who does.
+
+
+
+ More questions? Email Ben.
+
+
+#include "templates/footer.tmpl"
diff --git a/templates/footer.tmpl b/templates/footer.tmpl
index 8e29ecd..d51e44b 100644
--- a/templates/footer.tmpl
+++ b/templates/footer.tmpl
@@ -5,14 +5,14 @@