W3C home > Mailing lists > Public > w3c-wai-gl@w3.org > October to December 2005

RE: session timeouts - Re: Guideline 2.2 Issue Summary

From: Gregg Vanderheiden <gv@trace.wisc.edu>
Date: Mon, 10 Oct 2005 13:59:22 -0500
To: "'Gez Lemon'" <gez.lemon@gmail.com>, <w3c-wai-gl@w3.org>
Message-ID: <006201c5cdcc$ba6d87d0$8c17a8c0@NC6000BAK>

Yes

How about "at least 10 times the timeout period".  That would allow you to
drop people who left the process but keep most all people who are just
slower. 


 
Gregg

 -- ------------------------------ 
Gregg C Vanderheiden Ph.D. 
Professor - Ind. Engr. & BioMed Engr.
Director - Trace R & D Center 
University of Wisconsin-Madison 


-----Original Message-----
From: w3c-wai-gl-request@w3.org [mailto:w3c-wai-gl-request@w3.org] On Behalf
Of Gez Lemon
Sent: Monday, October 10, 2005 1:47 PM
To: w3c-wai-gl@w3.org
Subject: Re: session timeouts - Re: Guideline 2.2 Issue Summary


On 10/10/05, Isofarro <lists@isofarro.uklinux.net> wrote:
> Be a little wary of the practical implications of these ideas (both 
> ideas). Server session timeouts are typically there as a means of a 
> server reclaiming unused memory. In the UK there's also the Data 
> Protection Act to consider, which, in terms of financial websites and 
> its related webapplications, its not advisable to keep a session open 
> indefinitely, nor is it advisable to store potentially private 
> information in a cookie.

Good points, Mike. The only other technique I can think of would be to offer
registration and keep the transaction in a database, which would allow them
a reasonable amount of time (however much the administrator could afford for
a transaction table) to complete the form.

Best regards,

Gez

--
_____________________________
Supplement your vitamins
http://juicystudio.com
Received on Monday, 10 October 2005 18:59:39 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 7 December 2009 10:47:40 GMT