Re: ISSUE-43: don\'t disable assistive technology (public comment) from Mary Ellen Zurko on 2007-04-18 (public-wsc-wg@w3.org from April 2007)

From: Mary Ellen Zurko <Mary_Ellen_Zurko@notesdev.ibm.com>
Date: Wed, 18 Apr 2007 16:11:11 -0400
To: Web Security Context WG <public-wsc-wg@w3.org>
Message-ID: <OFAEF38F16.7E145388-ON852572C1.0051DF42-852572C1.006EE67B@LocalDomain>

We're not giong to disable assistive technologies. UAAG 1.0 Guideline 6 
speaks to how user agents make existing data structures and content 
available to assistive technologies. Out of scope "New security 
information" (5.4) points out that we're not extending protocols and data 
formats. So it all keeps working. Defining "user agent" in the right place 
with the right defintion (ISSUE-29) will provide further clarity for both 
of the points raised here. 5.3 is trying to get at the notion that the 
usability is with the human user; we are not addressing ease of automated 
processing where there is no human involved at all. Here's a slight 
modification that I propose that I hope would make that clearer: 

The Working Group will only consider Web interactions that include a human 
user as the target of the trust decisions that this working group is 
chartered to address. Situations in which all security relevant 
information is consumed and acted upon only by automated agents are out of 
scope.


          Mez

Mary Ellen Zurko, STSM, IBM Lotus CTO Office       (t/l 333-6389)
Lotus/WPLC Security Strategy and Patent Innovation Architect




Web Security Context Issue Tracker <dean+cgi@w3.org> 
Sent by: public-wsc-wg-request@w3.org
04/15/2007 10:59 AM
Please respond to
Web Security Context WG <public-wsc-wg@w3.org>


To
public-wsc-wg@w3.org
cc

Subject
ISSUE-43: don\'t disable assistive technology (public comment)








ISSUE-43: don't disable assistive technology (public comment)

http://www.w3.org/2006/WSC/Group/track/issues/43

Raised by: Bill Doyle
On product: Note: use cases etc.

>From public comments
raised by: Al Gilman Alfred.S.Gilman@ieee.org

http://lists.w3.org/Archives/Public/public-usable-
authentication/2007Apr/0000.html


don't disable assistive technology 
where it says, in 4.2 User agents
   Use cases considered by this Working Group must involve a web user
   agent, operated by a human user. 
where it says, in 5.3 Security context information for consumption by 
automated agent
The Working Group will only consider Web interactions that include a human 

user. Situations in which all security relevant information is consumed 
and 
acted upon my automated agents are out of scope.
you must change
The latter statement is incompatible with standard accessibility 
requirements, 
in particularly the W3C Recommendation on User Agent Accessibility 
Guidelines.  Please review UAAG 1.0, Guideline 6.  On the client side the 
user 
must have the option to employ automated assistance that accesses either 
the 
W3C DOM or a platform-defined accessibility API.  The machinability of the 

security information (information characterizing the security aspect of 
the 
user's current browse context) is a matter of importance to people with 
disabilities, and must not be neglected.
where it says, in  4.4 Third-party recommendation
The recommendations of certificate authorities,
   visited web sites or reputation services integrated into the user
   agent are in scope for this Working Group.
please consider 
 The architecture needs to support reputation services integrated with the 
AT 
as well as integrated with the base browser.
Why? 
People with disabilities who use heavy-duty Assistive Technology such as a 

screen reader, voice command software, or on-screen-keyboard for switch 
input 
management, will find the Assistive Technology a more natural  bundle host 
for 
recommendation-service access funtions, as opposed to the base browser.

Received on Wednesday, 18 April 2007 20:11:15 UTC