W3C home > Mailing lists > Public > public-apa-admin@w3.org > January 2021

Call for Consensus (CFC): Updated Comments on review of a Web Authentication Specification

From: Becky Gibson <becky@knowbility.org>
Date: Wed, 27 Jan 2021 15:51:54 -0500
Message-Id: <63158280-16F9-450A-8B85-DCB0F145E54F@knowbility.org>
To: Accessible Platform Architectures Administration <public-apa-admin@w3.org>
Colleagues:
 
This is a Call for Consensus (CfC) to the Accessible Platform Architectures (APA) Working Group testing for agreement on an updated formal comment to Web Authentication: An API for accessing Public Key Credentials Level 2 W3C Candidate Recommendation Snapshot. 
https://www.w3.org/TR/webauthn-2/ <https://www.w3.org/TR/webauthn-2/>.

The document was authored by The Web Authentication Working Group (https://www.w3.org/Webauthn/ <https://www.w3.org/Webauthn/>). An accessibility review was requested of the APA as part of our role in performing horizontal review of W3C documents for accessibility concerns.

It was reviewed by APA member Paul Grenier who proposed the following comment (https://lists.w3.org/Archives/Public/public-apa/2020Dec/0021.html <https://lists.w3.org/Archives/Public/public-apa/2020Dec/0021.html>):
I have concerns that could be best summarized in a new section "Accessibility Considerations" which could follow "Security Considerations" or "Privacy Considerations" in document order. References to timing considerations should be updated to reference this new subheading. See editor's draft https:/w3c.github.io/webauthn/ <http://w3c.github.io/webauthn/>. Additionally, based on theaccessibility topics below, notes could be added to the appropriate sections (e.g., registration).

Proposed topics for "Accessibility Considerations":
1. Public key credentials should avoid using a single biometric factor. We would also like to call your attention to the W3C Note, Inaccessibility of CAPTCHA, Alternatives to Visual Turing Tests on the Web (https://www.w3.org/TR/turingtest/). 
2. Registration should provide affordances for users to complete authorization gestures correctly. This could involve naming the authenticator, choosing a picture to associate with the device, or entering freeform text instructions.
3. Ceremonies that rely on timing must follow WCAG Guideline 2.2 Enough Time (https://www.w3.org/WAI/WCAG21/Understanding/enough-time <https://www.w3.org/WAI/WCAG21/Understanding/enough-time>).
 
 
***Action to Take***
 
This CfC is now open for objection, comment, as well as statements of support via email. Silence will be interpreted as support, though messages of support are certainly welcome.
 
If you object to this proposed action, or have comments concerning this proposal, please respond by replying on list to this message no later than Monday February 1, 2021 23:59 (Midnight) Boston Time.
 
NOTE: This Call for Consensus is being conducted in accordance with the APA Decision Policy published at:
http://www.w3.org/WAI/APA/decision-policy <http://www.w3.org/WAI/APA/decision-policy>

Becky & Janina
co-chairs APA Working Group

Becky Gibson | Sr. Accessibility Strategist
Knowbility.org <http://knowbility.org/>
becky@knowbility.org <mailto:becky@knowbility.org>
Pronouns: she/her/hers

Janina Sajka
https://linkedin.com/in/jsajka <https://linkedin.com/in/jsajka>

Linux Foundation Fellow
Executive Chair, Accessibility Workgroup:    http://a11y.org <http://a11y.org/>

The World Wide Web Consortium (W3C), Web Accessibility Initiative (WAI)
Co-Chair, Accessible Platform Architectures    http://www.w3.org/wai/apa <http://www.w3.org/wai/apa>

Becky Gibson | Sr. Accessibility Strategist
Knowbility.org
becky@knowbility.org
Pronouns: she/her/hers





Received on Wednesday, 27 January 2021 20:52:11 UTC

This archive was generated by hypermail 2.4.0 : Thursday, 24 March 2022 20:22:54 UTC