- From: Patrick H. Lauke <redux@splintered.co.uk>
- Date: Tue, 14 Nov 2023 23:31:02 +0000
- To: w3c-wai-ig@w3.org
Getting back to authentication, I'd note that it's not accurate I think to say that the understanding document explicitly says that if something is NOT a login, then the SC is not applicable. Rather, it only provides prose around the login scenario. If there is another case of authentication (however, in the sense that it was intended - i.e. proving WHO you are, which is more restrictive than 'proving you're a human' which is the scenario for non-login uses of CAPTCHAs, or registering an account, where you're not *proving* who you are but telling a system who you claim to be), the understanding document doesn't mention it, but also - I don't think anyway - precludes it? If there are other non-login authentication scenarios, I'd suggest that the understanding document can of course be expanded to name-check/explain them, as long as it doesn't change the intended normative meaning. And yes, the core problem here is that WCAG did not explicitly define the term "authentication process", instead leaning just on referencing "process", which is problematic. All through the drafting of the SCs, it seemed there was a common understanding in AGWG about what "authentication" actually meant and that it didn't need defining as it was self-evident ... but clearly that's not the case. Incidentally, there's already a parallel discussion here https://github.com/w3c/wcag/issues/3264 (and a side note that this problem earned the SCs a little appearance in my recent presentation, on slide 68 https://patrickhlauke.github.io/wcag-interpretation/#68) P -- Patrick H. Lauke https://www.splintered.co.uk/ | https://github.com/patrickhlauke https://flickr.com/photos/redux/ | https://www.deviantart.com/redux https://mastodon.social/@patrick_h_lauke | skype: patrick_h_lauke
Received on Tuesday, 14 November 2023 23:31:13 UTC