- From: John Rochford via GitHub <sysbot+gh@w3.org>
- Date: Fri, 22 Dec 2017 17:46:59 +0000
- To: public-webauthn@w3.org
JohnRochfordUMMS has just created a new issue for https://github.com/w3c/webauthn: == cognitive-accessibility consideration == Hi All, As a Cognitive Accessibility Task Force member, and as manager of its Accessible Authentication success criterion (SC), I recently reviewed the Web Authentication working draft. I assessed what impact our Accessible Authentication SC might have on it, and how the task force's work could be helpful to it. (I saw nothing in the working draft that I thought would have an impact on our SC.) Examples - **3. Terminology** contains the following definition. “User consent means the user agrees with what they are being asked, i.e., it encompasses reading and understanding prompts.” I think something fundamental is missing: following prompts. People with cognitive disabilities may lack capabilities needed to follow such prompts. - Throughout the Web Authentication working draft, there are multiple references to submitting passwords and PINs, to which our SC definitely applies. - Also, there are references to fixed periods in which user interaction is required. E.g., "4.1.5. Platform Authenticator Availability states “A timeout value on the order of 10 minutes is recommended; this is enough time for successful user interactions to be performed but short enough that the dangling promise will still be resolved in a reasonably timely fashion.” I saw no discussion of enabling users with cognitive disabilities to extend such periods. If you are interested, I would be pleased to work with you to incorporate cognitive-accessibility elements in the Web Authentication working draft. My aim is to be helpful, not critical. John Rochford Please view or discuss this issue at https://github.com/w3c/webauthn/issues/733 using your GitHub account
Received on Friday, 22 December 2017 17:47:01 UTC