W3C home > Mailing lists > Public > public-cognitive-a11y-tf@w3.org > December 2017

Re: going though comments from 2.2.6 Accessible Authentication and new wording.

From: Alastair Campbell <acampbell@nomensa.com>
Date: Tue, 19 Dec 2017 16:02:47 +0000
To: lisa.seeman <lisa.seeman@zoho.com>
CC: "W3c-Wai-Gl-Request@W3. Org" <w3c-wai-gl@w3.org>, public-cognitive-a11y-tf <public-cognitive-a11y-tf@w3.org>, "Rochford, John" <john.rochford@umassmed.edu>
Message-ID: <911002D2-4959-4605-94C3-AE865800833A@nomensa.com>
Hi Lisa,

> Also firefox seem to be quite advanced in their webauth implementation (see https://wiki.mozilla.org/Security/CryptoEngineering#Web_Authentication) and looking though the wg minuets it seems Edge also has implementation (https://blogs.windows.com/msedgedev/2016/04/12/a-world-without-passwords-windows-hello-in-microsoft-edge/) - there may be better links but these seem to show that enough features are implemented to meet our needs for conformance to our SC.

I think you are confusing ‘implemented’ and available, Chrome has implemented and released the features, but the others have not. They have also not committed to when those features will be released. I would expect 2018, but if they hit issues, perhaps not.

> Where do you see that it is experimental? looking at your link I could just find the following: "Web Authentication API SUPPORTED Build Number 14291+ "

Where it says: “As of EdgeHTML 14, the implementation is prefixed”

For us to rely on an implementation (i.e. accessibility support) there needs to be something there.

NB: I’m much less concerned by things like adding-icons or adjusting text, but this is about security.

> You can  use multi-factor identification with Bluetooth or generate a RC code (on the browser)

That’s not a web-standard method, I went through how those options are expensive here:

We need a standardised method, and even then it does not cover 2 factors!

Received on Tuesday, 19 December 2017 16:03:21 UTC

This archive was generated by hypermail 2.4.0 : Thursday, 24 March 2022 20:24:00 UTC