- From: lisa.seeman <lisa.seeman@zoho.com>
- Date: Sun, 21 Aug 2016 20:08:44 +0300
- To: Rochford <john.rochford@umassmed.edu>
- Cc: "public-cognitive-a11y-tf@w3.org" <public-cognitive-a11y-tf@w3.org>
- Message-Id: <156ae119a75.f9de8d5b285934.6404765729156425108@zoho.com>
Hi John
I think you are down for :Do not add mechanisms that are likely to confuse the user in a way that may do them harm and use known techniques to keep the user safe." The URL is given as : https://rawgit.com/w3c/coga/master/extension/index.html#semantics
Please check at https://www.w3.org/WAI/PF/cognitive-a11y-tf/wiki/SC_todo_list
Mike is doing the security one. If you wish to switch please check with him
Re working with web authentication - we, as APA should definitely give the feedback and coordinate with them. However I think to conform to WCAG 2.1 we still nee a success criteria that enables people to use content without a security protocol that bars people with cognitive disabilities.
All the best
Lisa Seeman
LinkedIn, Twitter
---- On Sun, 21 Aug 2016 19:49:16 +0300 Rochford<john.rochford@umassmed.edu> wrote ----
Hi Lisa and All,
In my work on privacy and security success criteria, I found a new, directly-relevant W3C publication. In my opinion, “Web Authentication: A Web API for accessing scoped credentials”, addresses well the privacy and security issues we have identified.
Thus, I suggest that, rather than develop our own privacy and security success criteria, we work with the Web Authentication Working Group as it develops its own. One idea is we could help it consider how to help web authentication interactions be as simple as possible.
Example:
In the working group’s use cases for embedded authenticators (1.1. Registration), step 2 is:
· “The phone prompts, "Do you want to register this device with example.com?".
We could suggest to the working group that it always considers using simple language. Perhaps:
· the user’s device could be detected so “device” becomes “phone” or “tablet”;
· “sign up” could replace “register”;
· The “example.com”/name of business could be replaced by the name of the service the user is trying to sign up for.
Thoughts?
John
John Rochford
UMass Medical School/E.K. Shriver Center
Director, INDEX Program
Instructor, Family Medicine & Community Health
www.DisabilityInfo.org
Twitter: @ClearHelper
Confidentiality Notice:
This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential, proprietary, and privileged information. Any unauthorized review, use, disclosure, or distribution is prohibited. If you are not the intended recipient, please contact the sender immediately and destroy or permanently delete all copies of the original message.
Received on Sunday, 21 August 2016 17:09:09 UTC