- From: White, Jason J <jjwhite@ets.org>
- Date: Mon, 11 Mar 2019 13:29:06 +0000
- To: Janina Sajka <janina@rednote.net>
- CC: "public-rqtf@w3.org" <public-rqtf@w3.org>
Thank you, Janina. A further aspect of the biometrics issue is that, to the best of my knowledge, the biometric data are not shared directly with the party requesting authentication. They are, instead, processed locally by the user's device, and the authentication itself takes place via cryptographic protocols.
I'll readily admit that I am not acquainted with the details.
On 3/11/19, 09:17, "Janina Sajka" <janina@rednote.net> wrote:
Thanks, Jason.
As I continue to consider the comment we received, I believe we're being
asked to say more about further developments in biometrics. Possible
plain language example is that fingerprint sensors could validate not
only a pattern match in the ridges and valleys that constitute the
traditional fingerprint, but also the presence of a pulse and, blood
flow, and body heat. These would not be available should someone create
a mold from fingerprints left on objects.
I think that's one aspect of the post.
Perhaps even more interesting is his pointer to work attempting to
enhance privacy while supporting noninteractive authentication. He gives
this pointer while suggesting this is just one scheme among several:
https://nam01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fprivacypass.github.io&data=02%7C01%7Cjjwhite%40ets.org%7C6113ff19599f4f19621108d6a623f1ef%7C0ba6e9b760b34fae92f37e6ddd9e9b65%7C0%7C0%7C636879070652445009&sdata=zp2oRRpiFffSNburYtGrzFI5CaPOZOVbmRa9vX3ZGgk%3D&reserved=0
I wonder whether we need do much more than note people are working on
such things, and that noninteractive mechanisms that also protect
individual privacy would be welcome.
The mechanism at the above URI seems different from reCAPTCHA V. 2 in
that it isn't analyzing how users interact with their devices.
That's as far as I've gotten with these latest comments. I welcome
further discussion. Perhaps, should we find we need to say more, we
might need a consult from W3C privacy or authentication people.
Janina
White, Jason J writes:
> I'll add these issues to our agenda for next week's meeting. All Task Force participants are welcome to review and comment on the list in the meantime.
>
> On 3/8/19, 19:50, "Janina Sajka" <janina@rednote.net> wrote:
>
> Thanks for the heads up, Jason. Yes, I do see three substantive comments
> from the same poster in the past day or so. I find his writing a bit
> hard to grok, but it seems there are some good points. We'll need to
> study these and discuss.
>
> You may be correct about another publication round.
>
> Janina
>
> White, Jason J writes:
> > Dear colleagues,
> >
> > Please note that new issues have been opened on GitHub containing public comments on our "CAPTCHA" draft.
> >
> > All of the issues can be reviewed here:
> > https://nam01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fw3c%2Fapa%2Fissues&data=02%7C01%7Cjjwhite%40ets.org%7C6113ff19599f4f19621108d6a623f1ef%7C0ba6e9b760b34fae92f37e6ddd9e9b65%7C0%7C0%7C636879070652445009&sdata=QUNVCNGArUmavWsV4S8t1W2HW2M9swnHYiTkkyS7bFE%3D&reserved=0
> >
> >
> > ________________________________
> >
> > This e-mail and any files transmitted with it may contain privileged or confidential information. It is solely for use by the individual for whom it is intended, even if addressed incorrectly. If you received this e-mail in error, please notify the sender; do not disclose, copy, distribute, or take any action in reliance on the contents of this information; and delete it from your system. Any other use of this e-mail is prohibited.
> >
> >
> > Thank you for your compliance.
> >
> > ________________________________
>
> --
>
> Janina Sajka
>
> Linux Foundation Fellow
> Executive Chair, Accessibility Workgroup:https://nam01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fa11y.org&data=02%7C01%7Cjjwhite%40ets.org%7Cc0ad0d4027d44575d02908d6a429447f%7C0ba6e9b760b34fae92f37e6ddd9e9b65%7C0%7C0%7C636876894492439672&sdata=YH2YalHc9NB7v9dCpw4v3li%2FjLMnNsosdydjrxgZ%2Bs4%3D&reserved=0
>
> The World Wide Web Consortium (W3C), Web Accessibility Initiative (WAI)
> Chair, Accessible Platform Architectureshttps://nam01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.w3.org%2Fwai%2Fapa&data=02%7C01%7Cjjwhite%40ets.org%7Cc0ad0d4027d44575d02908d6a429447f%7C0ba6e9b760b34fae92f37e6ddd9e9b65%7C0%7C0%7C636876894492439672&sdata=uvt%2BD2YXgp0qDm0Pn4xreJwdSKI16QtMcSr9RnZNrRk%3D&reserved=0
>
>
>
>
>
> ________________________________
>
> This e-mail and any files transmitted with it may contain privileged or confidential information. It is solely for use by the individual for whom it is intended, even if addressed incorrectly. If you received this e-mail in error, please notify the sender; do not disclose, copy, distribute, or take any action in reliance on the contents of this information; and delete it from your system. Any other use of this e-mail is prohibited.
>
>
> Thank you for your compliance.
>
> ________________________________
--
Janina Sajka
Linux Foundation Fellow
Executive Chair, Accessibility Workgroup:https://nam01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fa11y.org&data=02%7C01%7Cjjwhite%40ets.org%7C6113ff19599f4f19621108d6a623f1ef%7C0ba6e9b760b34fae92f37e6ddd9e9b65%7C0%7C0%7C636879070652445009&sdata=zeqBIzZCDyPe%2FZ4Kxh2tvenq5O9OWxaB6yrPw9HwpRs%3D&reserved=0
The World Wide Web Consortium (W3C), Web Accessibility Initiative (WAI)
Chair, Accessible Platform Architectureshttps://nam01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.w3.org%2Fwai%2Fapa&data=02%7C01%7Cjjwhite%40ets.org%7C6113ff19599f4f19621108d6a623f1ef%7C0ba6e9b760b34fae92f37e6ddd9e9b65%7C0%7C0%7C636879070652445009&sdata=bXbOMlqBA3PpWWHOmUYVWHCnU5Mgzpa4o2rBFk7rsrY%3D&reserved=0
________________________________
This e-mail and any files transmitted with it may contain privileged or confidential information. It is solely for use by the individual for whom it is intended, even if addressed incorrectly. If you received this e-mail in error, please notify the sender; do not disclose, copy, distribute, or take any action in reliance on the contents of this information; and delete it from your system. Any other use of this e-mail is prohibited.
Thank you for your compliance.
________________________________
Received on Monday, 11 March 2019 13:29:33 UTC