- From: Rochford, John <john.rochford@umassmed.edu>
- Date: Sun, 1 Jun 2014 13:08:45 +0000
- To: "lisa.seeman" <lisa.seeman@zoho.com>
- CC: public-cognitive-a11y-tf <public-cognitive-a11y-tf@w3.org>
- Message-ID: <55BD19D83AA2BE499FBE026983AB2B58359DD5E2@ummscsmbx01.ad.umassmed.edu>
Lisa and All, It seems to me that the only part of Section 15 we should consider for impact on people with cognitive disabilities is the following. “Real-time measures in the application might include requiring completion of a CAPTCHA [CAPTCHA-Wikipedia] or responding to an out-of-band confirmation when the UI Security heuristic is triggered.” I say that because the rest of Section 15 references back-end features which, presumably, people with cognitive disabilities would not experience. Do you concur? John John Rochford UMass Medical School/E.K. Shriver Center Director, INDEX Program; Instructor, Family Medicine & Community Health http://www.DisabilityInfo.org Twitter: @ClearHelper From: lisa.seeman [mailto:lisa.seeman@zoho.com] Sent: Wednesday, May 28, 2014 12:37 PM To: lisa.seeman Cc: public-cognitive-a11y-tf Subject: Re: security protocols and cognative Specifically we should look at section 15 Implementation Considerations for Resource Authors This section is non-normative. When possible, resource authors SHOULD make use of violation reports and the unsafe attribute to apply additional security measures in the application or during back-end processing. Real-time measures in the application might include requiring completion of a CAPTCHA [CAPTCHA-Wikipedia<http://www.w3.org/TR/2014/WD-UISecurity-20140318/#bib-CAPTCHA-Wikipedia>] or responding to an out-of-band confirmation when the UI Security heuristic is triggered. Example back-end measures might include increasing a fraud risk score for individual actions that trigger or targets accounts/resources that frequently trigger UI Security heuristics. To be able to do this effectively, it is likely necessary to encode into the report-uri a unique identifier that can be correlated to the authenticated user and the action they are taking. All the best Lisa Seeman Athena ICT Accessibility Projects <http://accessibility.athena-ict.com/default.shtml> LinkedIn<http://il.linkedin.com/in/lisaseeman/>, Twitter<https://twitter.com/SeemanLisa> ---- On Wed, 28 May 2014 19:26:36 +0300 lisa.seeman<lisa.seeman@zoho.com<mailto:lisa.seeman@zoho.com>> wrote ---- Can we review security protocols for PF to see about the impact with cognitive. http://www.w3.org/TR/2014/WD-UISecurity-20140318/ All the best Lisa Seeman Athena ICT Accessibility Projects<http://accessibility.athena-ict.com/default.shtml> LinkedIn<http://il.linkedin.com/in/lisaseeman/>, Twitter<https://twitter.com/SeemanLisa>
Received on Sunday, 1 June 2014 13:09:12 UTC