w3c/wbs-design
or
by mail to sysreq
.
The results of this questionnaire are available to anybody. In addition, answers are sent to the following email address: maryjom@us.ibm.com
This questionnaire was open from 2023-11-09 to 2023-11-15.
7 answers have been received.
Jump to results for question:
Review the draft proposal for Applying SC 3.3.8 Accessible Authentication (Minimum) to Non-Web Documents and Software. Indicate whether this proposal is ready to incorporate into the editor's draft and note any desired changes.
Choice | All responders |
---|---|
Results | |
The proposed content is ready to incorporate into the editor's draft, as-is. | |
The proposed content is ready to incorporate into the editor's draft, with the following changes. | 7 |
The proposal isn't ready yet. |
Responder | Review of proposed content for 3.3.8 Accessible Authentication (Minimum) | Comments |
---|---|---|
Mitchell Evan | The proposed content is ready to incorporate into the editor's draft, with the following changes. | (1) It needs word substitution, replacing "Web site" with "non-web document or software". (2) An added Note currently says: "Device passwords, used to unlock a device, are out of scope for this requirement as these are not up to the author." I would remove this Note, because the intent is similarly conveyed in the WebAuthn example in WCAG 2.2 Understanding. If not removed, then we should rephrase the note to allow for the case where the OS itself is the non-web software being evaluated. |
Phil Day | The proposed content is ready to incorporate into the editor's draft, with the following changes. | Modify the reference to web site |
Mike Pluke | The proposed content is ready to incorporate into the editor's draft, with the following changes. | Fine apart from the need to change Web site to "non-web document or software" |
Sam Ogami | The proposed content is ready to incorporate into the editor's draft, with the following changes. | Good with Mitchell changes. |
Olivia Hogan-Stark | The proposed content is ready to incorporate into the editor's draft, with the following changes. | +1 to Mitchell's changes |
Bruce Bailey | The proposed content is ready to incorporate into the editor's draft, with the following changes. | Does anyone know of password managers that work with, for example, an MS Word Document that is password protected? If not, seems like we should include a note to the effect that conventional off-line documents with embedded password protection do not typically satisfy this criterion. |
Loïc Martínez Normand | The proposed content is ready to incorporate into the editor's draft, with the following changes. | +1 to Mitchell's changes |
Is a bullet needed in the SC Problematic for Closed Functionality section for 3.3.8 Accessible Authentication (Minimum)? If so, please suggest the text.
Choice | All responders |
---|---|
Results | |
No bullet needed. Applies, as written, to closed functionality software. | 2 |
Bullet needed in the SC problematic for closed functionality section. Explain. | 5 |
Responder | 3.3.8 Accessible Authentication (Minimum) relevance to SC problematic for Closed Functionality | Comments |
---|---|---|
Mitchell Evan | No bullet needed. Applies, as written, to closed functionality software. | (1) The language of the criterion applies equally to non-web ICT with or without closed functionality. (2) The criterion links to four definitions, which are also okay as-is... "Cognitive function test": Whatever we decide for non-web ICT in general will also be fine for closed functionality. "Process": A note mentions web, but only as one illustrative example. "Mechanism": A note mentions the content itself as a way to provide a mechanism, in addition to user agents. "Non-text content": WCAG 2.2 Understanding makes the intention clear. (3) I see Phil's point about ATMs today requiring PIN, but I'd rather not concede to the status quo at the expense of users while also contradicting WCAG. Could this be a matter for policy and legislation to sort out the conflict, rather than us in the Task Force? Or, if we do need to address this under Closed Functionality, then ATMs would be just one example. The underlying problem can be described as ICT preventing users from transferring text from personal devices (as described in WCAG 2.2 Understanding). |
Phil Day | Bullet needed in the SC problematic for closed functionality section. Explain. | Some closed systems such as ATMs and payment devices require use of a personal identification number (PIN). This is an essential security feature that is mandatory in many territories, with other alternatives (such as biometrics) not being allowed by the security rules. |
Mike Pluke | Bullet needed in the SC problematic for closed functionality section. Explain. | This exact topic came up as a concern in a call today related to updating EN 301 549. The concern is that our accessibility standard should not be telling people to do something that might actually be illegal in some countries. We do not want to create the impression that because of these legal issues, failing to meet the SC is OK, it is still not accessible. I think that Phil's note nicely highlights that there may be an issue, without giving any impression that this means not meeting the SC is OK. |
Sam Ogami | Bullet needed in the SC problematic for closed functionality section. Explain. | +1 to Phils note. Add that the SC is exempt or not applicable in situations like Phils example. |
Olivia Hogan-Stark | Bullet needed in the SC problematic for closed functionality section. Explain. | +1 to other's concerns and building on Phil's note |
Bruce Bailey | Bullet needed in the SC problematic for closed functionality section. Explain. | I do not agree that a 4-6 digit PIN associated with bank card or the like is actually a cognitive function test. The user is not obligated to change them for years, and they are digits (not alphanumeric + symbols). Plus, if the user choses to do so, they can write the number on the card itself. If anyone has evidence that bankcards are a barrier for people with limited cognition, please share! In my experience, it is a requirement (for example) to change a PIN every 90 days that causes a PIN to be a cognitive function test. The banking industry very much seem to have this sorted out. |
Loïc Martínez Normand | No bullet needed. Applies, as written, to closed functionality software. | After reading Mitch's and Phil's comment, I believe that this is a success criterion that is no different for systems with closed functionality. If current technology (e.g. ATM) does not meet the SC, it is not for WCAG2ICT to declare this an "acceptable exception". It should be legislation doing this work, shouldn't it? |
Here is a link to the new term "cognitive function test" in WCAG 2.2. Do you agree that "cognitive function test" should be added to the section Glossary Items that Apply to All Technologies?
Choice | All responders |
---|---|
Results | |
Yes, add to Glossary Items that Apply to All Technologies | 2 |
No, because additional guidance or term replacements should be given. Explain. | 5 |
Responder | Add new WCAG 2.2 term "cognitive function test" | Comments |
---|---|---|
Mitchell Evan | No, because additional guidance or term replacements should be given. Explain. | I would apply word substitution to this sentence: "The common identifiers name, e-mail, and phone number are not considered cognitive function tests as they are personal to the user and consistent across Web sites." In this case I would change "Web sites" to "Web sites and non-web ICT". That said, I would defer to the Task Force for a different substitution or no substitution in this case. |
Phil Day | Yes, add to Glossary Items that Apply to All Technologies | Again, modify the reference to web site |
Mike Pluke | No, because additional guidance or term replacements should be given. Explain. | For this case I think that Mitch's unique substitution is the most appropriate. |
Sam Ogami | No, because additional guidance or term replacements should be given. Explain. | Good with Mitchell changes. |
Olivia Hogan-Stark | No, because additional guidance or term replacements should be given. Explain. | +1 to Mitchell's changes |
Bruce Bailey | Yes, add to Glossary Items that Apply to All Technologies | +1 to Mitch's edits. |
Loïc Martínez Normand | No, because additional guidance or term replacements should be given. Explain. | +1 to Mitch's edits. |
The following persons have not answered the questionnaire:
Send an email to all the non-responders.
Compact view of the results / list of email addresses of the responders
WBS home / Questionnaires / WG questionnaires / Answer this questionnaire
w3c/wbs-design
or
by mail to sysreq
.