- From: Lola <notifications@github.com>
- Date: Fri, 05 Dec 2025 02:03:48 -0800
- To: w3ctag/design-reviews <design-reviews@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
- Message-ID: <w3ctag/design-reviews/issues/1119/3616144896@github.com>
lolaodelola left a comment (w3ctag/design-reviews#1119)
Hi folks,
Thank you for your patience here. We have decided to resolve our review as **satisfied with concerns** because of the [risks of harm involved with the use, and particularly over-use, of digital credentials](https://www.w3.org/2001/tag/doc/prevent-credential-abuse/). However we appreciate that the changes made to the spec during the review period address some of the technical concerns we originally had. There is still potential for harms to be caused to users via the protocols and formats defined outside of the specification.
In closing, and understanding that there is more work being done, we have a few things we'd like you to consider whilst continuing to develop the spec.
* The document does not address the behaviour of the proposed solution in private browsing mode.As per [web platforms design principles (section 2.9)](https://www.w3.org/TR/design-principles/#do-not-expose-use-of-private-browsing-mode), the UA should not exhibit different behaviour in this mode. However, there are specific use cases, such as proof of age, where certain disclosures are mandated by regulations even when the user is browsing in private mode. This could inadvertently reveal unnecessary information to entities other than the UA (e.g., the wallet, website, or verifier) about whether the user is browsing in private or normal mode.
* The [accessibility considerations section](https://www.w3.org/TR/digital-credentials/#accessibility-considerations) goes into some of the following, which is great, but we need to go further to ensure people are not disproportionately harmed, or excluded:
- It's vital that any human-readable information conveyed by the protocol or credential format is available in alternative formats for people with disabilities. Essentially, anything that is being presented to the user as part of using credentials must _at least_ comply with WCAG. Protocols and formats should not be added to the registry if they don't address these concerns.
There's a clause in the spec that says "...SHOULD be labelled and exposed to assistive technologies" but this ought to be widened to ensure WCAG compliance, and made a MUST - otherwise people will be excluded.
- Cognitive disabilities and accessibility barriers could present disproportionately high levels of risk or harm, or outright exclude some users. Care - and extensive user research - will need to be used in the design of the UX around the credentials' lifecycles. This point applies mainly to UA (including wallet) implementer, but could apply to policy makers and credential formats too.
Supporting info: [there are many barriers that users can encounter when dealing with similar scenarios, as highlighted in this research from the Web Accessibility Initiative, and others](https://www.w3.org/WAI/WCAG22/Understanding/accessible-authentication-enhanced.html#resources).
--
Reply to this email directly or view it on GitHub:
https://github.com/w3ctag/design-reviews/issues/1119#issuecomment-3616144896
You are receiving this because you are subscribed to this thread.
Message ID: <w3ctag/design-reviews/issues/1119/3616144896@github.com>
Received on Friday, 5 December 2025 10:03:52 UTC