- From: Patrick H. Lauke <redux@splintered.co.uk>
- Date: Tue, 2 Jan 2018 11:54:09 +0000
- To: Alastair Campbell <acampbell@nomensa.com>, "w3c-wai-gl@w3.org" <w3c-wai-gl@w3.org>
On 02/01/2018 11:42, Alastair Campbell wrote: > AC: >>> We are not trying to specify what is happening on the user-end, just what the site cannot rely on. > > PL: >> You *are* if you normatively say that a site cannot rely on "transcribe >> information", aka copying. > > The distinction is that a site can have a 1st or 2nd factor that uses recall/transcription if there is another option that does not. Is this made clear in the normative language of the SC? I'd have thought that if you explicitly say you can't rely on transcribing, that means none of the factors can rely on transcribing? > Or more subtly, the same option could have two modes. E.g. an automatic entry method (copy/paste, or USB hardware) as well as copy the number across. Two-factor transcribing usually involves a freshly generated number/code, which can't be auto-filled by UAs. > CAPTCHA’s have multiple issues, but if it is required for a login (like the webex for W3C meetings sometimes), then it should come under this as well due to the transcribing aspect. CAPTCHAs themselves are orthogonal to the issue though. A login could also rely on color alone, or some widget that only works with the mouse (e.g. an on-screen number pad that only works with the mouse) or some other accessibility problem...doesn't mean that those also need to be included here? P -- Patrick H. Lauke www.splintered.co.uk | https://github.com/patrickhlauke http://flickr.com/photos/redux/ | http://redux.deviantart.com twitter: @patrick_h_lauke | skype: patrick_h_lauke
Received on Tuesday, 2 January 2018 11:54:35 UTC