<scribe> scribe: janina
jgw: Notes some remaining
concerns whether we've been sufficiently thorough
... Master branch has only minor changes
... the js-captcha branch has substantial changes
<jasonjgw> Janina undertook web-based research to find out what CAPTCHA-related options were available for content providers wishing to do what is appropriate for users.
<jasonjgw> Janina notes that third-party human interaction proof/CAPTCHA providers are widely used.
<jasonjgw> Janina reorganized the material to create two categories of potential solutions: stand-alone approaches, and multi-party approaches. The available solutions are grouped under those headings.
<jasonjgw> Janina notes the use of risk-based analysis to determine wehther to present a CAPTCHA challenge - apparently implemented by ReCAPTCHA. There's a long list of factors that can be taken into account in assessing risk.
<jasonjgw> Scott notes the lack of literature in this area (ReCAPTCHA, use of risk-based authentication type techniques). The challenge lies in what to say about it in the absence of strong research evidence.
<jasonjgw> Janina notes subtleties in the draft. Janina notes the Web Authentication specification.
<jasonjgw> Scott: notes that these techniques fall back to a more conventional CAPTCHA.
<jasonjgw> Janina notes internationalization issues with audio CAPTCHA.
<jasonjgw> Janina: suggests the conclusions should be clarified and strengthened - developers should consider waht they are putting in place and monitor whether it's working.
<jasonjgw> Scott will carefully read the document and check the links.
<jasonjgw> Janina notes the new section on honeypots - hidden forms that appear (to robots) to be CAPTCHAs, but which are not.
<jasonjgw> Regarding honeypots, Janina will clarify the preferred appraoch to hiding content from both the display and from screen readers.
<jasonjgw> Janina: notes the problem of identifying whether a user is human without revealing the identity of the individual.
<jasonjgw> Janina notes the role of federated identity here - relying on another party to assert that the user is human without disclosing identity to the relying party.
W3C Games Workshop https://www.w3.org/2018/12/games-workshop/
<jasonjgw> Scott notes the game accessibility guidelines that are available.
<jasonjgw> Jason notes David Sloan's music domain work.
<jasonjgw> Conclusion of the meeting: there will be antoehr draft on Janina's CAPTCHA note branch.
This is scribe.perl Revision: 1.154 of Date: 2018/09/25 16:35:56 Check for newer version at http://dev.w3.org/cvsweb/~checkout~/2002/scribe/ Guessing input format: Irssi_ISO8601_Log_Text_Format (score 1.00) Default Present: jasonjgw, janina, scott_h Present: jasonjgw janina scott_h Regrets: Judy David Found Scribe: janina Inferring ScribeNick: janina WARNING: No meeting chair found! You should specify the meeting chair like this: <dbooth> Chair: dbooth Found Date: 09 Jan 2019 People with action items: WARNING: Input appears to use implicit continuation lines. You may need the "-implicitContinuations" option. WARNING: IRC log location not specified! (You can ignore this warning if you do not want the generated minutes to contain a link to the original IRC log.)[End of scribe.perl diagnostic output]