W3C home > Mailing lists > Public > public-webauthn@w3.org > February 2021

[webauthn] Request for an Accessibility Considerations section to API for Accessing Public key credentials CR (#1557)

From: Becky Gibson via GitHub <sysbot+gh@w3.org>
Date: Tue, 02 Feb 2021 21:30:08 +0000
To: public-webauthn@w3.org
Message-ID: <issues.opened-799706654-1612301407-sysbot+gh@w3.org>
becka11y has just created a new issue for https://github.com/w3c/webauthn:

== Request for an Accessibility Considerations section to API for Accessing Public key credentials CR ==
An accessibility review was requested of the APA as part of our role in performing a horizontal review of W3C documents for accessibility concerns.

We reviewed Web Authentication: An API for accessing Public Key Credentials Level 2 W3C Candidate Recommendation Snapshot:  https://www.w3.org/TR/webauthn-2/

The following comment (https://lists.w3.org/Archives/Public/public-apa/2020Dec/0021.html) was reviewed and approved via a CfC by the APA working group (https://lists.w3.org/Archives/Public/public-apa/2021Feb/0029.html):

We have concerns that could be best summarized in a new section "Accessibility Considerations" which could follow "Security Considerations" or "Privacy Considerations" in document order. References to timing considerations should be updated to reference this new subheading. See editor's draft https:/w3c.github.io/webauthn/. Additionally, based on the accessibility topics below, notes could be added to the appropriate sections (e.g., registration).

Proposed topics for "Accessibility Considerations":
1. Public key credentials should avoid using a single biometric factor. We would also like to call your attention to the W3C Note, Inaccessibility of CAPTCHA, Alternatives to Visual Turing Tests on the Web (https://www.w3.org/TR/turingtest/). 
2. Registration should provide affordances for users to complete authorization gestures correctly. This could involve naming the authenticator, choosing a picture to associate with the device, or entering freeform text instructions.
3. Ceremonies that rely on timing must follow WCAG Guideline 2.2 Enough Time (https://www.w3.org/WAI/WCAG21/Understanding/enough-time).

Thank you for your consideration.


Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1557 using your GitHub account

Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Tuesday, 2 February 2021 21:30:10 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:42 UTC