GnuPG Encrypted Grades

[citruspi]

(Moved to ofCourse at the request at @ryansb)

CC: @ralphbean @rossdylan @thequbit @mansam @alexanderkyte @chorn

As a couple students mentioned last night, students aren't aware of their grades. @decause does contact students who aren't doing well, and anyone who he hasn't contacted is looking at a B or better, but there's still a lot of uncertainty, especially with the introduction of the plus/minus system.

One solution would be to use MyCourses, but let's be honest, MyCourses is a piece of shit.

I'd like to propose an alternative; GnuPG encrypted grades.

The idea is that as part of the First Flight assignment, students would create a 4096[0] bit GnuPG key pair. There would be a class which would cover GnuPG and it's usage. At the end of the class there would be a key signing party.

Students' grades would be kept up to date and uploaded to the class website. Each student's grade would encrypted, signed, and armored. Encrypted to make sure that grades are confidential, signed to make sure grades are only updated by @decause, and armored to make them viewable in the browser.

Perhaps @ryansb and @liam-middlebrook could add functionality to their command line tool which would simplify the process of updating and publishing grades. The publication of a student's grades in an unencrypted format or the publication of @decause's private key would have dire consequences - if the process could be automated[1] to prevent human error, all the better.

In addition to the increase in transparency by allowing students to see how they are doing in class, it would provide students with an introduction to the usage of and best practices for GnuPG, an important tool in the police state we're quickly approaching.

Any feedback is appreciated.

— @citruspi

[0] Perhaps, for the AdvFOSS class, we could make it even more interesting. In the class where GnuPG is covered, students would also learn to patch GnuPG to increase the key size beyond 4096 bits and then recompile GnuPG.

[1] Aside, of course, from the entry of the passphrase for the private key, because no one would create a private key without a passphrase, right?

[alexanderkyte]

I've been working on a distributed payment protocol based around social currency,
with optional decaying, It operates in a quasi-p2p manner through pgp
over imap. As reliable as your inbox.

I could tune knobs to make decause pay out grades (maybe a "quiz persona"
and a "hw persona") and students not afford to send grades to eachother
(infinite tariff). I would write it in C# for mono to make it cross
platform. I will leave it to mac owners to use xamarin to publish it. I can
do android.

Their grades stay in the email accounts they make wherever they
want(student email possible. ) Its fully student-owned. A linux daemon that
saves to a folder is also possible. I might give decause a script that
automates grade signing, and also saves to a reliable place. This would
need to be entered into mycourses manually if necessary. (TA labor?)

To clarify, we are making a private chain of trust with decause having the
authoritative key.

[Nolski]

I whole heatedly agree. I think with the quickly approaching police state, we should prioritize this issue.

+1 👍

[ryansb]

There are plenty of (simpler) wrappers around GPG that would be good for this.
Blackbox by stackexchange is a nice CLI tool, or if we wanted to make a grade distribution script something like python-gnupg would be a good choice.

[msoucy]

Almost a year has passed since this was first proposed, and almost the same amount of time since the last comment. As a result I'd like to poll the contributors and followers:

1. Is this still something that's desired?
2. If so, should it be opt-in or opt-out?

@decause @ritjoe @ralphbean as past and current professors, what is your opinion?

I personally feel that, if it IS made, it should be COMPLETELY opt-in on the professor's part.

(This is a nice demonstration of how GitHub should have some sort of "+1/-1" tracking)

[ghost]

On Wed, Dec 02, 2015 at 07:05:05PM -0800, Matt Soucy wrote:

Almost a year has passed since this was first proposed, and almost the same
amount of time since the last comment. As a result I'd like to poll the
contributors and followers:

1. Is this still something that's desired?
2. If so, should it be opt-in or opt-out?

@decause @ritjoe @ralphbean as past and current professors, what is your
opinion?

My view is that this has two components:

1. Teaching PGP/GnuPG in whatever course is using ofCourse, if it cannot be
   taken for granted already due to a pre-requisite (eg, if this is known to
   have been taught in HFOSS, it's reasonable to expect it for BizLeg, Advanced
   FOSS, FOSS Culture).

2. Enabling PGP/GnuPG to be set as a functional requirement for
   participation, hard-coded into ofCourse.

At the very least, (2) is (or should be seen as!) dependent on (1).

I absolutely and unreservedly agree about the importance of (1) to personal
autonomy and privacy, in line I think with what's been brought up above, and
think it should be part of our curriculum.

As such, we should work on (1), see how it goes, at most make it a
requirement for a single assignment, and then evaluate if, and if so, how
much more deeply to embed it into the entire course via ofCourse. I'll see
what I can do.

I personally feel that, if it IS made, it should be COMPLETELY opt-in on the
professor's part.

Absolutely. In the time-honored spirit of "I am not a lawyer and this does
not constitute legal advice," I do know there are legal requirements for how
student information, possibly including grades, are handled, over and above
any ethical concerns about student privacy already rightly expressed
earlier.

To what extent use of GnuPG to encrypt grades is recognized as meeting those
requirements, I couldn't say and at this point don't expect to prioritize
finding out, since ultimately final grades have to go into whatever official
$INSTITUTION system is required anyway.

[ryansb]

Yeah - I'd say the duplication required between $INSTITUTION's grade posting system and the GPG version would make it kind of a pain for profs, and may be confusing for students if they got out of sync.

The concept of GPG-encrypted grades is nice, but I don't think it's worth the headache. If someone who thinks it's worth the effort steps up and implements it, I'll merge the **** out of it, but it's not a feature I plan on implementing myself in the forseeable future.