W3C home > Mailing lists > Public > w3c-wai-ig@w3.org > January to March 2005

Re: accessible banking:

From: david poehlman <david.poehlman@handsontechnologeyes.com>
Date: Tue, 1 Feb 2005 09:43:09 -0500
Message-ID: <00c001c5086c$6075cbf0$6401a8c0@DAVIDPC>
To: "John Foliot - WATS.ca" <foliot@wats.ca>, "'Kelly Pierce'" <kpierce2000@earthlink.net>, "'John Carpenter'" <John.Carpenter@pdms.com>, "'wai-ig list'" <w3c-wai-ig@w3.org>

John,

Me thinks but me could be rong that ada does not take security into account 
where matters of the internet are concerned?

Johnnie Apple Seed

----- Original Message ----- 
From: "John Foliot - WATS.ca" <foliot@wats.ca>
To: "'Kelly Pierce'" <kpierce2000@earthlink.net>; "'david poehlman'" 
<david.poehlman@handsontechnologeyes.com>; "'John Carpenter'" 
<John.Carpenter@pdms.com>; "'wai-ig list'" <w3c-wai-ig@w3.org>
Sent: Tuesday, February 01, 2005 9:37 AM
Subject: RE: accessible banking:


Kelly Pierce wrote:
>
> **Not under the Americans with Disabilities Act.  As long as
> the means of
> communication made available to you is effective, I.e.
> allowing you to
> complete a certain task, then the bank has fulfilled its
> access obligations.

OK, but what if the means is ineffective, or presents an undue burden or
potential "security issue" as defined by the U.S. Homeland Security?

"June 29, 2004 - The U.S. government's Computer Emergency Readiness Team
(US-CERT) is warning Web surfers to stop using Microsoft's Internet Explorer
(IE) browser.

US-CERT is a non-profit partnership between the Department of Homeland
Security (DHS) and the public and private sectors. It was established in
September 2003 to improve computer security preparedness and response to
cyber attacks in the United States.

"There are a number of significant vulnerabilities in technologies relating
to the IE domain/zone security model, the DHTML object model, MIME-type
determination, and ActiveX. It is possible to reduce exposure to these
vulnerabilities by using a different Web browser, especially when browsing
untrusted sites," US-CERT noted in a vulnerability note
(http://www.kb.cert.org/vuls/id/713878)."

http://www.internetnews.com/security/article.php/3374931

This is not really an anti-IE comment on my part (OK, maybe it is <grin>),
but it's also a reality in 2005.  Never mind that any institution that
claims to be security conscious and yet relies on IE/Microsoft Security is..
Shall we say, poorly informed, it is, IMHO, just bad business to insist that
clients *only* use a given tool.  How would you react if the local gas
station would sell you gas, but only if you drove an American model car...


> Under the ADA, courts view access by functional performance,
> not by process.
> they also don't consider optimal or preferential means but
> the means that is
> sufficient to complete the specified task.

Right, and so the question then becomes, given the numerous documented
security issues attached to Internet Explorer, is the "tool" sufficient to
use to conduct "security related" tasks, such as e-banking?

> You may choose not to use
> Internet Explorer, but in 2005 I have not seen an argument
> saying that it is
> unreasonable or insufficient to require people with
> disabilities only to use
> Internet Explorer to access online banking services.  It
> seems like you want
> access beyond what is required beyond that of the ADA.

I won't argue David's case, but I personally agree that Universal
Accessibility is the goal.  Some U.S. Banks might slide under the legal
requirement by being "accessible" to IE users, but I think everybody on this
list knows that *that response* is a wink and a nudge, and is mostly smoke
and mirrors.

JF
--
John Foliot  foliot@wats.ca
Web Accessibility Specialist / Co-founder of WATS.ca
Web Accessibility Testing and Services
http://www.wats.ca   1.866.932.4878 (North America)


>
> Kelly
Received on Tuesday, 1 February 2005 14:43:53 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 19 July 2011 18:14:19 GMT