RE: Accessible Authentication and issue responses

I think this issue should be moved to GitHub, for further analysis in the next phase of WCAG development.

As an aside, if a Web application is designed to defeat password managers (e.g., by detecting whether the text of a password is being entered by hand), then, depending on its implementation, it may fail to meet the last clause of SC 4.1.2, since the password is a value that can be set by the user, but, in this case, it cannot be "programmatically set" as defined in WCAG.

Further discussion of accessible authentication should also consider issues raised by biometric techniques, which are addressed in EN 301 549 and in the revised regulations under section 508 of the Rehabilitation Act, but not in WCAG itself.

-----Original Message-----
From: Patrick H. Lauke [mailto:redux@splintered.co.uk]
Sent: Tuesday, January 2, 2018 7:29 AM
To: w3c-wai-gl@w3.org
Subject: Re: Accessible Authentication and issue responses

On 02/01/2018 12:12, Alastair Campbell wrote:
>
> That does make the SC dependant on WebAuthN, but 3 of the major browsers are already in beta-testing, it seems on track for 2018Q2 when WebAuthN should finish.

Browser support is only one aspect here, though. The other part is that the user must have a device which does provide the authentication service itself (fingerprint sensor, appropriate Windows Hello compatible computer/webcam for face recognition for instance, etc).

P
--
Patrick H. Lauke

https://na01.safelinks.protection.outlook.com/?url=www.splintered.co.uk&data=02%7C01%7Cjjwhite%40ets.org%7C3dfb77b7d7ca4046cc7b08d551dce081%7C0ba6e9b760b34fae92f37e6ddd9e9b65%7C0%7C0%7C636504931466177196&sdata=1TLerkyYEidYYTAuy9xRH7vvmMKZnukQTireeOdjwLU%3D&reserved=0 | https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fpatrickhlauke&data=02%7C01%7Cjjwhite%40ets.org%7C3dfb77b7d7ca4046cc7b08d551dce081%7C0ba6e9b760b34fae92f37e6ddd9e9b65%7C0%7C0%7C636504931466177196&sdata=hBIrFC4mn5eRFitT%2BOXPu3OH5miM50HqkZV4bmDK8ew%3D&reserved=0

https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fflickr.com%2Fphotos%2Fredux%2F&data=02%7C01%7Cjjwhite%40ets.org%7C3dfb77b7d7ca4046cc7b08d551dce081%7C0ba6e9b760b34fae92f37e6ddd9e9b65%7C0%7C0%7C636504931466177196&sdata=PoskX4UA%2BCreBvCWGlW803a1auwmRakAUMZibE2PLUI%3D&reserved=0 | https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fredux.deviantart.com&data=02%7C01%7Cjjwhite%40ets.org%7C3dfb77b7d7ca4046cc7b08d551dce081%7C0ba6e9b760b34fae92f37e6ddd9e9b65%7C0%7C0%7C636504931466177196&sdata=EyWp9cH%2BEeEJMFopy8FHV1yEOhjrz2UurqpKToopxog%3D&reserved=0

twitter: @patrick_h_lauke | skype: patrick_h_lauke


________________________________

This e-mail and any files transmitted with it may contain privileged or confidential information. It is solely for use by the individual for whom it is intended, even if addressed incorrectly. If you received this e-mail in error, please notify the sender; do not disclose, copy, distribute, or take any action in reliance on the contents of this information; and delete it from your system. Any other use of this e-mail is prohibited.


Thank you for your compliance.

________________________________

Received on Wednesday, 3 January 2018 13:55:19 UTC