Re: Accessibility of security indicators

It's certainly an important question, but probably one that's best
addressed by filing bugs against individual browser vendors rather than
mandating something in a spec. I've just filed https://crbug.com/447191,
for instance.

That said,
https://w3c.github.io/webappsec/specs/mixedcontent/#requirements-ux has a
normative requirement to make security indicators accessible, based on the
thread here:
http://lists.w3.org/Archives/Public/public-webappsec/2014Dec/0042.html. Do
you think we should say more there? Are there other specs the group has
produced which should contain similar statements?

-mike

--
Mike West <mkwst@google.com>, @mikewest

Google Germany GmbH, Dienerstrasse 12, 80331 München,
Germany, Registergericht und -nummer: Hamburg, HRB 86891, Sitz der
Gesellschaft: Hamburg, Geschäftsführer: Graham Law, Christine Elizabeth
Flores
(Sorry; I'm legally required to add this exciting detail to emails. Bleh.)

On Thu, Jan 8, 2015 at 12:55 PM, <chaals@yandex-team.ru> wrote:

> Hi,
>
> as far as I know, there is no indication of the security of a page
> available to e.g. screenreader users.
>
> Given that browser developers seem to be highly responsive to security
> concerns, perhaps we should be investing a little time in making sure that
> the ?1% of blind users who cannot see the padlock can get something from it.
>
> While we are at it, we might want to consider people using screen
> magnification, who often lose the part of the screen where the padlock is
> from their view.
>
> Of course this means talking to the people who make the relevant software
> as well as the browser makers. But I thought it would be useful to try
> starting the conversation.
>
> cheers
>
> --
> Charles McCathie Nevile - web standards - CTO Office, Yandex
> chaals@yandex-team.ru - - - Find more at http://yandex.com
>
>