- From: Rochford, John <john.rochford@umassmed.edu>
- Date: Tue, 4 Jan 2022 13:11:43 +0000
- To: Janina Sajka <janina@rednote.net>, "White, Jason J" <jjwhite@ets.org>
- CC: "public-apa@w3.org" <public-apa@w3.org>
Hi Janina and Jason, I forwarded your responses below to Alastair for his opinion. I thank you both for you thoughtful responses. John John Rochford University of Massachusetts Medical School Eunice Kennedy Shriver Center Director, INDEX Program Faculty, Family Medicine & Community Health www.DisabilityInfo.org About Me LinkedIn EasyText.AI Schedule a meeting with me. -----Original Message----- From: Janina Sajka <janina@rednote.net> Sent: Wednesday, December 29, 2021 8:13 AM To: White, Jason J <jjwhite@ets.org> Cc: Rochford, John <john.rochford@umassmed.edu>; public-apa@w3.org Subject: Re: [EXTERNAL] [turingtest] Accessible Authentication Thanks for your question, John. I would agree with Jason's response especially to the point that the various wCAG SC aalso appear unclear to me as regards the distinction between authentication of login vis a vis authenticating one's personhood. These are not the same thing. Also, we'd be unlikely to point to a proposed anything in a document we hope to move to W3C Statement Status. So, if the confusion between logging in and authenticating one's humanity is cleared up when WCAG 2.2 goes TR we might indeed point to it--but by no means in a pre CR status. hth Janina White, Jason J writes: > Thank you for the question, which raises interesting issues. To answer it directly: > > 1. The proposed WCAG 2.2 success criteria 3.3.7 and 3.3.8 didn't exist, at least in their current form, when the CAPTCHA Note was last significantly revised circa 2019; and they were controversial at that time. They presently remain proposals only, as WCAG 2.2 is not yet in Candidate Recommendation or beyond. We can consider whether to refer to them in a subsequent draft of the CAPTCHA Note, as the proposals are relevant in this context. > 2. More substantially, it is not clear that 3.3.7 or 3.3.8 addresses the CAPTCHA phenomenon. In particular, if we read 3.3.7 and 3.3.8 in conjunction with the "CAPTCHA" item in success criterion 1.1.1, then it makes sense to interpret 1.1.1 as allowing perception-based CAPTCHA challenges, as long as alternatives relying on different senses are available. One can then interpret "authentication" in 3.3.7 and 3.3.8 as referring only to verifying the identity of the user - and not to determining whether the user is human, which is the distinctive function served by CAPTCHA challenges. In addition, it is not clear that tasks requiring the user to recognize objects or characters in images, spoken words, etc., involve "memorization" in the sense in which this term is used in the definition of "cognitive function test" in the WCAG 2.2 proposal. Thus, WCAG 2.2 is arguably best interpreted as not changing the status quo with respect to CAPTCHA, as established by success criterion 1.1.1 in WCAG 2.0. > If the intention of the Accessibility Guidelines Working Group is to override the explicit statements about CAPTCHA in 1.1.1, then this will need to be made very clear, in my opinion. The only consistent reading of the draft as a whole at the moment appears to be to interpret 3.3.7 and 3.3.8 as not addressing CAPTCHA, at least of the kind which is expressly permitted under 1.1.1. > > From: Rochford, John <john.rochford@umassmed.edu> > Sent: Tuesday, 28 December 2021 6:29 > To: public-apa@w3.org > Subject: [EXTERNAL] [turingtest] Accessible Authentication > > CAUTION: This email originated from outside of our organization. Do not click links or open attachments unless you recognize the sender and know the content is safe. > Hello Editors, > Great Inaccessibility of CAPTCHA doc<https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.w3.org%2FTR%2Fturingtest%2F&data=04%7C01%7Cjohn.rochford%40umassmed.edu%7C1a8a734f2e6b4019957808d9cad55ea5%7Cee9155fe2da34378a6c44405faf57b2e%7C0%7C0%7C637763840036308302%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=mgYtIX69wbj1du6a%2FqU3Ec3SimDgvG%2B7DYtSDyeGgH0%3D&reserved=0>! Very thorough. > > Why is there no mention of the proposed Accessible Authentication SC 3.3.7<https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fw3c.github.io%2Fwcag%2Fguidelines%2F22%2F%23accessible-authentication&data=04%7C01%7Cjohn.rochford%40umassmed.edu%7C1a8a734f2e6b4019957808d9cad55ea5%7Cee9155fe2da34378a6c44405faf57b2e%7C0%7C0%7C637763840036308302%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=XY97G5GAmzYl4deyJYqVUxSBHdQBDoUs0TPzHFckAp4%3D&reserved=0>? > > > John > > John Rochford > University of Massachusetts Medical School Eunice Kennedy Shriver > Center Director, INDEX Program Faculty, Family Medicine & Community > Health > DisabilityInfo.org<https://nam10.safelinks.protection.outlook.com/?url > =http%3A%2F%2Fwww.disabilityinfo.org%2F&data=04%7C01%7Cjohn.rochfo > rd%40umassmed.edu%7C1a8a734f2e6b4019957808d9cad55ea5%7Cee9155fe2da3437 > 8a6c44405faf57b2e%7C0%7C0%7C637763840036308302%7CUnknown%7CTWFpbGZsb3d > 8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C > 3000&sdata=EmAOR38PPgMrvvXgCX6XH7VvztJAD8FJ3OxnHFjo7Fo%3D&rese > rved=0> > EasyText.AI<https://nam10.safelinks.protection.outlook.com/?url=https% > 3A%2F%2Feasytext.ai%2F&data=04%7C01%7Cjohn.rochford%40umassmed.edu > %7C1a8a734f2e6b4019957808d9cad55ea5%7Cee9155fe2da34378a6c44405faf57b2e > %7C0%7C0%7C637763840036308302%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAw > MDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=3Q > RDlrU6i619N2R9syhOA9icLqIyHHZZTzaXEiGoB48%3D&reserved=0> > LinkedIn<https://nam10.safelinks.protection.outlook.com/?url=https%3A% > 2F%2Fwww.linkedin.com%2Fin%2Fjohn-rochford%2F&data=04%7C01%7Cjohn. > rochford%40umassmed.edu%7C1a8a734f2e6b4019957808d9cad55ea5%7Cee9155fe2 > da34378a6c44405faf57b2e%7C0%7C0%7C637763840036308302%7CUnknown%7CTWFpb > GZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0 > %3D%7C3000&sdata=BS7UVCim7333u66mHom25hX%2FFlCZzJzjUkxuLK%2FjXiA%3 > D&reserved=0> About > Me<https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fa > bout.me%2Fjohnrochford&data=04%7C01%7Cjohn.rochford%40umassmed.edu > %7C1a8a734f2e6b4019957808d9cad55ea5%7Cee9155fe2da34378a6c44405faf57b2e > %7C0%7C0%7C637763840036308302%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAw > MDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=Bw > h637%2FBgsJL7r9hMn9tB85ZUo%2BU8DSXBbaupkx9fD4%3D&reserved=0> > Schedule a meeting with > me.<https://nam10.safelinks.protection.outlook.com/?url=http%3A%2F%2Fb > it.ly%2FCallJR&data=04%7C01%7Cjohn.rochford%40umassmed.edu%7C1a8a7 > 34f2e6b4019957808d9cad55ea5%7Cee9155fe2da34378a6c44405faf57b2e%7C0%7C0 > %7C637763840036308302%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQ > IjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=J2%2FkdL44 > Io60mPag0XKVYWv2rqGuEMy6ruKuw0GfXsI%3D&reserved=0> > > Confidentiality Notice: > This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential, proprietary, and privileged information. Any unauthorized review, use, disclosure, or distribution is prohibited. If you are not the intended recipient, please contact the sender immediately and destroy or permanently delete all copies of the original message. > > > ________________________________ > > This e-mail and any files transmitted with it may contain privileged or confidential information. It is solely for use by the individual for whom it is intended, even if addressed incorrectly. If you received this e-mail in error, please notify the sender; do not disclose, copy, distribute, or take any action in reliance on the contents of this information; and delete it from your system. Any other use of this e-mail is prohibited. > > > Thank you for your compliance. > > ________________________________ -- Janina Sajka (she/her/hers) https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Flinkedin.com%2Fin%2Fjsajka&data=04%7C01%7Cjohn.rochford%40umassmed.edu%7C1a8a734f2e6b4019957808d9cad55ea5%7Cee9155fe2da34378a6c44405faf57b2e%7C0%7C0%7C637763840036308302%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=6jFE6AcmmKGRz16Ugz4dSa5rYGrbIVNKa%2F3LJLsRotg%3D&reserved=0 Linux Foundation Fellow Executive Chair, Accessibility Workgroup: https://nam10.safelinks.protection.outlook.com/?url=http%3A%2F%2Fa11y.org%2F&data=04%7C01%7Cjohn.rochford%40umassmed.edu%7C1a8a734f2e6b4019957808d9cad55ea5%7Cee9155fe2da34378a6c44405faf57b2e%7C0%7C0%7C637763840036308302%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=3Xd5zwLzRr2CLdTdumxZOb77qg3dPrzn2dFdRj0d3%2FA%3D&reserved=0 The World Wide Web Consortium (W3C), Web Accessibility Initiative (WAI) Co-Chair, Accessible Platform Architectures https://nam10.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.w3.org%2Fwai%2Fapa&data=04%7C01%7Cjohn.rochford%40umassmed.edu%7C1a8a734f2e6b4019957808d9cad55ea5%7Cee9155fe2da34378a6c44405faf57b2e%7C0%7C0%7C637763840036308302%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=LU0Mkfgb8LX4%2FSlfQlthdhF%2FNvqwwmT4aSfNJzCJafU%3D&reserved=0
Received on Tuesday, 4 January 2022 13:11:58 UTC