- From: lisa.seeman <lisa.seeman@zoho.com>
- Date: Wed, 28 May 2014 19:37:10 +0300
- To: lisa.seeman <lisa.seeman@zoho.com>
- Cc: "public-cognitive-a11y-tf" <public-cognitive-a11y-tf@w3.org>
Received on Wednesday, 28 May 2014 16:39:42 UTC
Specifically we should look at section 15 Implementation Considerations for Resource Authors This section is non-normative. When possible, resource authors SHOULD make use of violation reports and the unsafe attribute to apply additional security measures in the application or during back-end processing. Real-time measures in the application might include requiring completion of a CAPTCHA [CAPTCHA-Wikipedia] or responding to an out-of-band confirmation when the UI Security heuristic is triggered. Example back-end measures might include increasing a fraud risk score for individual actions that trigger or targets accounts/resources that frequently trigger UI Security heuristics. To be able to do this effectively, it is likely necessary to encode into the report-uri a unique identifier that can be correlated to the authenticated user and the action they are taking. All the best Lisa Seeman Athena ICT Accessibility Projects LinkedIn, Twitter ---- On Wed, 28 May 2014 19:26:36 +0300 lisa.seeman<lisa.seeman@zoho.com> wrote ---- Can we review security protocols for PF to see about the impact with cognitive. http://www.w3.org/TR/2014/WD-UISecurity-20140318/ All the best Lisa Seeman Athena ICT Accessibility Projects LinkedIn, Twitter
Received on Wednesday, 28 May 2014 16:39:42 UTC