- From: Alastair Campbell <acampbell@nomensa.com>
- Date: Tue, 5 Jun 2018 20:16:26 +0000
- To: John Foliot <john.foliot@deque.com>, lisa.seeman <lisa.seeman@zoho.com>
- CC: WCAG <w3c-wai-gl@w3.org>
Received on Tuesday, 5 June 2018 20:17:00 UTC
Hi everyone (and particularly John & Lisa), I'd like to run a proposed response past the group before posting to github (and notifying the commenter before the group gets a chance to review). https://github.com/w3c/wcag21/issues/948 I'd summarise the core issue as: using autocomplete/autofill could be an issue for privacy/security for people using shared devices (e.g. family computer), and autcomplete shouldn't be proposed as a technique to fulfil it. You can read the back and forth on the thread, but I'm proposing the response is: The working group have considered the security and privacy aspects of this, and whilst it must be acknowledged there may be some circumstances in which a user would not want fields identified and auto-filled, the working group feel the benefits outweigh the risks. Mitigating factors include: - This is functionality that is already available in user-agents, and used by some websites already. - It is something that must be enabled within the user-account and browser of the device used. - People can use various privacy features if that is a requirement. Currently the autocomplete attribute (for autofill) is the best supported method, so that will be the first technique provided. Personally, I don't see it as an issue, but I'd appreciate a review from others familiar with autocomplete. Kind regards, -Alastair
Received on Tuesday, 5 June 2018 20:17:00 UTC