W3C home > Mailing lists > Public > public-rqtf@w3.org > June 2019

RE: CAPTCHA: Still not ready!

From: Scott Hollier <scott@hollier.info>
Date: Tue, 18 Jun 2019 05:11:23 +0000
To: Janina Sajka <janina@rednote.net>, "public-rqtf@w3.org" <public-rqtf@w3.org>
CC: "coga@rednote.net" <coga@rednote.net>
Message-ID: <SN6PR01MB434924F4D4BDE50342B3EEF9DCEA0@SN6PR01MB4349.prod.exchangelabs.com>
To Janina

I've had a look at the changes - great work. I'm especially pleased to see discussion about the audio CAPTCHA, reCAPTCHA v2 reference and other fallback mechanisms moved to the present as it seems these CAPTCHAs never really die out and it's good to have the guidance out there. 

In regards to your dilemma, I'd go for option 2 - in the presentations I've given about the note questions about federated identity and singe sign-on comes up a fair bit so it'd be good to address it in some form. I also don't think the current text is too bad IMHO and if this is likely to cause the Note to bog down the editing process then I'm open to a quick solution. 

That's my two cents anyway!

Scott. 


Dr Scott Hollier 
Digital Access Specialist 
Mobile: +61 (0)430 351 909
Web: www.hollier.info
 
Technology for everyone
 
Australian Access Awards 2019 Call For Nominations - celebrate best practice by nominating your favourite accessible Australian website or app. It's free!  
 
Keep up with digital access news by following @scotthollier on Twitter and subscribing to Scott's newsletter. 

-----Original Message-----
From: Janina Sajka <janina@rednote.net> 
Sent: Monday, 17 June 2019 11:53 PM
To: public-rqtf@w3.org
Cc: coga@rednote.net
Subject: CAPTCHA: Still not ready!

Good Monday, All!

We continue to tighten our argument in CAPTCHA. Since last week's RQTF call. Regretably, I believe there's still more to do on this sisyphian document. As ever the Editor's Draft is here:

https://w3c.github.io/apa/captcha/

***The Good News***

*	More is said about cognitive and learning disabilities. See the
*	first paragraph at
	https://w3c.github.io/apa/captcha/#the-accessibility-challenge:

	NOTE: There's still time to say more!

	*	Sec. 3 has been reorganized, and Secs. 4 and 5
	*	incorporated. After all, they're all multi-party
	*	approaches. It was illogical to make them separate.

	*	The verbs used discussing reCAPTCHA have been changed
	*	yet again, this time toward using more present
	*	progressive constructs. Two factors drove this: a.) I've
	*	found audio reCAPTCHAs still being available; b.) I've
	*	found the Google reCAPTCHA FAQ announcing that V. 2 is
	*	not going away. That document is now hyperlinked, and
	*	the paragraph noting that the content provider decides
	*	on fallback under V. 3 edited accordingly.

*	The potential benefits of Turing Tokens now have their own
*	separate section here:
	https://w3c.github.io/apa/captcha/#why-not-federated-turing-tokens

*	The list items in our Conclusion section are rewritten somewhat
*	and now appear as an ordered list.

***The Bad News***

Our discussion of Federated Identity Systems and of Single
*	Sign-On Systems now appears quite inadequate to me, especially
*	in the light of what we've discovered and written about Turing
*	Tokens.

I'm mulling two potential solutions:

1.)	Remove Federated Identity and Single Sign-On. They don't really
add anything that describes their role in Turing testing.

2.)	Combine them into a single section, because the industry is
itself fairly confused about a bright line between them. Then, blast them for ignoring Turing testing entirely as though authenticating logins was the only requirement.

I'm of two minds on the above as I write this. I'm eager to hear opinions.

Best,

Janina

-- 

Janina Sajka

Linux Foundation Fellow
Executive Chair, Accessibility Workgroup:	http://a11y.org

The World Wide Web Consortium (W3C), Web Accessibility Initiative (WAI)
Chair, Accessible Platform Architectures	http://www.w3.org/wai/apa
Received on Tuesday, 18 June 2019 05:11:48 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 17 January 2023 20:26:46 UTC