RE: 7 Day Call for Consensus March 17, 2016 ARIA Working Group Resolutions from Léonie Watson on 2016-03-22 (public-aria-admin@w3.org from March 2016)

From: Léonie Watson <tink@tink.uk>
Date: Tue, 22 Mar 2016 10:38:19 -0400
To: "'Rich Schwerdtfeger'" <richschwer@gmail.com>
Cc: "'ARIA Working Group'" <public-aria-admin@w3.org>, <wseltzer@w3.org>
Message-ID: <158001d18448$7ddb70a0$799251e0$@tink.uk>

 

From: Rich Schwerdtfeger [mailto:richschwer@gmail.com] 
Sent: 20 March 2016 16:5

“On the other hand, a screen reader could announce the characters being typed and not know to not do that. Furthermore, people are creating these things today and there is no way to know that the textfield is a password field. Would you prefer to not know?”

 

The role as a means to identify the purpose of the field is one thing, the described AT behaviour is another. Whilst there is a chance that what is displayed on-screen and what is announced by a screen reader may not match, there is a problem.

 

I’m at the AC meetings this week, and took the opportunity to ask a couple of privacy/security people for their thoughts, in case I am worried over nothing. Virginie Galindo and Wendy Seltzer both felt that a potential mismatch between what’s on-screen and what’s announced by a screen reader would be of concern. Wendy has suggested that WebAppsSec could take a look, which I think would be helpful.

 

Léonie.

 

@LeonieWatson tink.uk Carpie diem.

Received on Tuesday, 22 March 2016 14:38:52 UTC