14:56:28 <RRSAgent> RRSAgent has joined #wcag2ict
14:56:33 <RRSAgent> logging to https://www.w3.org/2023/11/30-wcag2ict-irc
14:56:33 <Zakim> RRSAgent, make logs Public
14:56:34 <Zakim> Meeting: WCAG2ICT Task Force Teleconference
14:56:34 <maryjom> zakim, clear agenda
14:56:34 <Zakim> agenda cleared
14:56:41 <maryjom> chair: Mary Jo Mueller
14:56:48 <maryjom> meeting: WCAG2ICT Task Force Teleconference
14:56:55 <maryjom> Zakim, please time speakers at 2 minutes
14:56:55 <Zakim> ok, maryjom
14:57:14 <maryjom> Agenda+ Announcements
14:57:40 <maryjom> Agenda+ Survey results: Review of proposal for 3.3.8 Accessible Authentication (Minimum)  - Question 2
14:57:49 <PhilDay> PhilDay has joined #wcag2ict
14:58:00 <maryjom> Agenda+ FPWD public comments
14:58:14 <maryjom> Agenda+ Survey results: Review of proposal for 3.3.8 Accessible Authentication (Minimum)  - Question 1
14:58:21 <olivia> olivia has joined #wcag2ict
14:58:27 <PhilDay> present+
14:58:27 <maryjom> regrets: Bruce Bailey, Shawn Thompson
14:58:49 <Devanshu> Devanshu has joined #wcag2ict
14:59:57 <olivia> present+
15:00:00 <maryjom> agenda?
15:00:28 <Mike_Pluke> Mike_Pluke has joined #wcag2ict
15:00:28 <mitch11> mitch11 has joined #wcag2ict
15:00:30 <mitch11> present+
15:00:34 <Mike_Pluke> present+
15:00:51 <cwadams> cwadams has joined #wcag2ict
15:00:53 <maryjom> present+
15:00:59 <cwadams> present+
15:01:40 <loicmn> loicmn has joined #wcag2ict
15:01:59 <PhilDay> https://github.com/w3c/wcag2ict/wiki/Scribe-list-&-instructions
15:02:12 <loicmn> present+
15:02:20 <mitch11> scribe+ mitch11
15:03:21 <mitch11> zakim, next item
15:03:21 <Zakim> agendum 1 -- Announcements -- taken up [from maryjom]
15:04:11 <mitch11> time crunch: public comments, SCs
15:04:24 <mitch11> maryjom: time crunch: public comments, SC
15:05:02 <mitch11> ... lead time 1 month for process with AG working group, including an approximately 2 week review from them
15:05:05 <Bryan_Trogdon> Bryan_Trogdon has joined #WCAG2ICT
15:05:17 <Bryan_Trogdon> present+
15:05:57 <mitch11> ... so end of January deadline for March publication
15:06:04 <mitch11> ... with holidays just 2 more meetings in 2023
15:06:22 <cwadams> q+
15:06:47 <mitch11> ... asked Mike Pluke about EN 301 549 timeline, it behooves us to provide to them what we've been working on
15:07:09 <mitch11> ... EN has an end of January early revision deadline
15:07:44 <Devanshu> present+
15:07:44 <mitch11> Mike_Pluke: it's not a final deadline January, good to finalize as early as possible, contract allows longer but other obligations require sooner
15:08:24 <maryjom> ack cwadams
15:08:33 <mitch11> ... for EN publication, it would probably require final WCAG2ICT
15:09:09 <mitch11> cwadams: please finalize what's assigned, but worst case good intentions but not feasible and don't let us know
15:09:28 <mitch11> ... so let Charles and Mary Jo know if you can't, so we can do something about it
15:09:36 <mitch11> maryjom: and there are some unassigned issues
15:09:40 <PhilDay> q+
15:10:06 <maryjom> ack PhilDay
15:10:07 <mitch11> ... continued progress is important
15:10:40 <mitch11> PhilDay: Mary Jo you sent notes for something to be added, do you want individual issues for each one or roll together?
15:10:52 <mitch11> maryjom: better individual issues so we can divide and conquer
15:11:29 <mitch11> ... after issues, we will return to remaining approx 5 for close functionality
15:11:58 <PhilDay> Closed functionality answers for reference: https://www.w3.org/2002/09/wbs/55145/wcag2ict-sc-problematic-for-closed/results#xq25
15:12:06 <mitch11> ... there was a survey a while back, there were questions on whether the "problematic" section needs adjustment, some questionnaires said yes
15:12:07 <PhilDay> and https://www.w3.org/2002/09/wbs/55145/wcag2ict-sc-problematic-for-closed/results#xq26
15:12:28 <mitch11> ... and some people indicated notes needed
15:12:33 <mitch11> ... help needed for the above
15:12:55 <mitch11> zakim, next item
15:12:55 <Zakim> agendum 2 -- Survey results: Review of proposal for 3.3.8 Accessible Authentication (Minimum)  - Question 2 -- taken up [from maryjom]
15:13:35 <maryjom> https://www.w3.org/2002/09/wbs/55145/WCAG2ICTauthentication/results#xq3
15:14:28 <mitch11> maryjom: do we need an item under "problematic" for this?
15:16:17 <mitch11> ... some say yes, some say no bullet needed
15:16:34 <mitch11> ... (summarized the survey results)
15:19:22 <GreggVan> GreggVan has joined #wcag2ict
15:19:31 <GreggVan> present+
15:19:35 <mitch11> present+ lboniello
15:19:38 <mitch11> lboniello: do we have notes to the effect of unless otherwise prevented by security needs
15:19:59 <GreggVan> present+
15:20:02 <GreggVan> q+
15:20:04 <PhilDay> q+ to say We could argue that PIN is not a cognitive function test
15:20:16 <mitch11> ... will check where she saw it, maybe in Canadian standard or 508
15:20:33 <mitch11> maryjom: (continuing summarizing the survey results)
15:22:03 <maryjom> ack GreggVan
15:22:36 <mitch11> GreggVan: copying a number is considered a cognitive test (really more of a cognitive task). If that's precluded,
15:22:53 <mitch11> ... then a PIN does fall into that category
15:23:37 <mitch11> ... There is an assumption in a web page context that you can copy and paste, not available in a closed device, and they don't know who you are yet
15:24:01 <mitch11> ... So we should make a note, where a system is not a personal system, then some strategies described in WCAG are not available
15:24:23 <mitch11> ... Security exception would be legal scoping, outside of our scope
15:24:27 <maryjom> ack PhilDay
15:24:27 <Zakim> PhilDay, you wanted to say We could argue that PIN is not a cognitive function test
15:24:42 <cwadams> definition of cognitive functional test:  https://www.w3.org/WAI/WCAG22/Understanding/accessible-authentication-minimum#dfn-cognitive-function-test
15:24:53 <mitch11> PhilDay: is PIN a cognitive function test? I struggle with it
15:25:04 <mitch11> ... outside the US you put a PIN in always at sale transactions too
15:25:32 <mitch11> ... some people remember the PIN as a shape rather than numbers, does that help make it not a cognitive function test?
15:25:46 <mitch11> ... agree otherwise we shouldn't be giving out exceptions
15:26:02 <Sam> Sam has joined #wcag2ict
15:26:16 <Sam> +present
15:26:21 <loicmn> q?
15:26:28 <loicmn> q+
15:26:32 <GreggVan> q+
15:26:34 <maryjom> ack loicmn
15:26:38 <mitch11> lboniello: would 0000 or 1111 make it simple enough?
15:26:54 <mitch11> loicmn: my son remembers position of digits
15:27:06 <mitch11> q+ GreggVan
15:27:43 <mitch11> ... do we need to add a note? I think not for alternatives
15:27:50 <mitch11> ... or a note as Gregg said could be good
15:27:59 <Sam> q+q+
15:28:04 <mitch11> s/alternatives/an exception/
15:28:11 <Sam> q+
15:28:19 <maryjom> ack GreggVan
15:28:49 <mitch11> GreggVan: reviewing the actual working, they included remembering a password as a cognitive function test (which it isn't really, it's actually a task)
15:28:59 <mitch11> s/working/wording/
15:29:27 <mitch11> ... yes these problems will exist, so the note should say assumption in WCAG that it's on a personal device with cutting and pasting
15:29:41 <mitch11> ... would not be available
15:29:54 <mitch11> ... putting this into closed functionality is okay, it includes closed functionality
15:30:29 <mitch11> ... WCAG made assumptions, that the user already authenticated onto the device
15:30:55 <PhilDay> q+ to say we need a note to say it is problematic, not necessarily saying an exception. We have done this for other SCs problematic for closed functionality.
15:30:57 <maryjom> ack q+
15:31:01 <mitch11> ... copy and paste becomes an assistive technology, as does a password manager, neither of which will be available
15:31:02 <maryjom> ack Sam
15:31:37 <loicmn> q+ to insist that it is not "problematic for closed functionality"... it is problematic for "shared use"
15:31:38 <mitch11> Sam: It's a problem if we put standards out there and there's not a way to apply them. Job of WCAG2ICT is to say how they apply
15:31:44 <maryjom> ack PhilDay
15:31:44 <Zakim> PhilDay, you wanted to say we need a note to say it is problematic, not necessarily saying an exception. We have done this for other SCs problematic for closed functionality.
15:31:47 <mitch11> ... Not acknowledging is a disservice
15:32:19 <maryjom> ack loicmn
15:32:19 <Zakim> loicmn, you wanted to insist that it is not "problematic for closed functionality"... it is problematic for "shared use"
15:32:22 <mitch11> PhilDay: we need to point out the difficulties
15:32:40 <mitch11> loicmn: yes the note about it problematic, but not in closed func
15:32:53 <GreggVan> q+
15:33:19 <mitch11> ... it should be in the general section instead
15:33:25 <mitch11> ... same problem for a computer in a library
15:33:30 <maryjom> ack GreggVan
15:33:51 <mitch11> GreggVan: we think of things that are closed in different ways
15:34:07 <mitch11> ... computers in libraries are closed in a way, closed by policy
15:34:36 <mitch11> ... so under closed functionality is appropriate
15:35:05 <mitch11> ... regulatory agencies will use WCAG2ICT as a basis for applying beyond web content
15:35:28 <mitch11> ... Morphic and ATOD are beginning as a solution
15:35:39 <maryjom> Poll: 1) Add a note regarding shared systems to SC problematic for closed functionality 2) Add a note regarding shared systems to the main 3.3.8 SC guidance, 3) Do not add any note, or 4) Something else.
15:36:17 <mitch11> lboniello: adding specificity to what kind of closed system is not a good idea, disagree with Gregg's point about the library
15:36:51 <mitch11> GreggVan: for someone who needs specific AT, for example in a library, why should it be considered accessible if info is exposed programmatically?
15:37:14 <dmontalvo> present+ Daniel
15:37:25 <mitch11> lboniello: are we going to change the way "closed" is defined? There are many ways they're locked down.
15:37:36 <PhilDay> 1  (+2 if needed because we don't have a section for shared systems)
15:37:41 <mitch11> ... so let's not try to define using examples in this particular response
15:37:52 <cwadams> interesting find:  https://chargebacks911.com/contactless-atms/#:~:text=Contactless%20ATMs%20may%20use%20biometric,than%20traditional%20PIN%2Dbased%20methods.
15:37:53 <cwadams> q+
15:38:02 <mitch11> GreggVan: So it's okay to say excluded by policy means closed?
15:38:21 <maryjom> ack cwadams
15:38:25 <mitch11> lboniello: or kiosk, or deep freeze solution, or other mechanism to prevent AT
15:38:44 <PhilDay> q+
15:38:59 <mitch11> cwadams: I'm not taking a side, but I found ATMs exploring advanced authentication methods that aren't PIN based
15:39:10 <mitch11> ... have never experienced one yet not requiring PIN
15:39:29 <GreggVan> q+
15:39:35 <maryjom> ack PhilDay
15:39:38 <mitch11> ... but there may be solutions I'm not imagining yet
15:40:12 <mitch11> PhilDay: There are specific security rules that differ for "on us" customers, one's own bank, from customer using interchange
15:40:33 <mitch11> ... We've been using biometrics for 20 years, but not instead of PIN only in addition
15:40:35 <cwadams> Thank you for that.
15:40:56 <maryjom> ack GreggVan
15:40:58 <cwadams> acknowledged.  DENIED!
15:40:59 <mitch11> ... If we designed an ATM from scratch then 4-digit PIN would not be enough
15:41:22 <mitch11> GreggVan: We did a lot of work making ATMs accessible in the past, lots of regulations, agree with PhilDay
15:41:55 <mitch11> ... One position: we shouldn't put in a regulation not done, we should't do it. But we do do that, like in buildings
15:42:35 <mitch11> ... Yet we should say something. It's true that making it too accessible makes it too vulnerable.
15:42:54 <mitch11> ... Don't know how, but yes there should be some comment.
15:43:12 <maryjom> Poll: 1) Add a note regarding shared systems and financial situations to SC problematic for closed functionality 2) Add a note regarding shared systems/financial to the main 3.3.8 SC guidance, 3) Do not add any note, or 4) Something else.
15:43:50 <loicmn> 2
15:43:55 <PhilDay> 1, or 1+2
15:43:56 <Mike_Pluke> 2
15:44:05 <Sam> 1
15:44:13 <mitch11> 2, or 1+2
15:44:14 <GreggVan> 2
15:44:23 <olivia> 2
15:44:25 <Devanshu> 2
15:44:26 <Bryan_Trogdon> 2
15:44:37 <cwadams> 7 twos, 2 ones
15:45:16 <mitch11> maryjom: we're landing on the main 3.3.8 guidance
15:45:20 <mitch11> ... anybody want to help develop?
15:45:32 <mitch11> ... Fernanda worked on this SC originally, she's not here today
15:46:13 <mitch11> lboniello: can try but will need help, ATM related not my main area
15:46:21 <mitch11> PhilDay: happy to help
15:47:02 <mitch11> GreggVan: I can also help
15:47:32 <mitch11> maryjom: thanks, would like to get these SCs finished up
15:47:43 <mitch11> zakim, next item
15:47:43 <Zakim> agendum 3 -- FPWD public comments -- taken up [from maryjom]
15:48:18 <mitch11> maryjom: We were working on updates for the Closed Functionality section. The original survey...
15:48:21 <maryjom> https://www.w3.org/2002/09/wbs/55145/WCAG2ICT-fpwd-responses/results
15:49:31 <mitch11> maryjom: (summarizing the results)
15:50:33 <maryjom> https://www.w3.org/2002/09/wbs/55145/WCAG2ICT-draft2-closed-functionality/results#xq1
15:52:17 <GreggVan> q+
15:53:24 <maryjom> ack GreggVan
15:53:26 <mitch11> ... are we good with modifying as proposed?
15:54:16 <mitch11> GreggVan: What Loic talked about what, it's the phone itself that are closed not the apps, so fine with the language
15:54:57 <mitch11> ... leave it to the group
15:55:12 <mitch11> ... unless an app is itself closed
15:55:25 <mitch11> maryjom: or leave out smartphones?
15:55:25 <GreggVan> q+
15:55:46 <mitch11> ack GreggVan
15:56:30 <PhilDay> q+
15:56:30 <mitch11> GreggVan: The problem is phones have some AT but not other AT, so if you need other AT you're stuck
15:56:37 <mitch11> ... you can add keyboard
15:56:49 <mitch11> q+
15:56:57 <PhilDay> q-
15:57:05 <mitch11> ... what's built in is great but not enough for everybody
15:57:05 <maryjom> q?
15:57:18 <maryjom> ack mitch
15:58:37 <PhilDay> mitch11: Reading this out of context of overall document. Did have a discussion in email, but the PR looks different to what we considered when having the discussion in email. Would like to review again.
15:59:29 <PhilDay> q
15:59:39 <cwadams> hard stop for me ....
15:59:39 <mitch11> maryjom: will put out survey with more options, OK
15:59:41 <mitch11> mitch11: yes
16:00:55 <mitch11> mitch11: it's important to get this right in the introductory section, it affects the rest
16:01:25 <mitch11> maryjom: keep at it, let me and Chuck know if you need help, keep it moving
16:02:27 <PhilDay> rrsagent, draft minutes
16:02:58 <RRSAgent> I have made the request to generate https://www.w3.org/2023/11/30-wcag2ict-minutes.html PhilDay
16:03:05 <dmontalvo> rrsagent, draft minutes
16:03:06 <RRSAgent> I have made the request to generate https://www.w3.org/2023/11/30-wcag2ict-minutes.html dmontalvo
16:03:41 <maryjom> zakim, end meeting
16:03:41 <Zakim> As of this point the attendees have been PhilDay, olivia, mitch, Mike_Pluke, maryjom, cwadams, loicmn, Bryan_Trogdon, Devanshu, GreggVan, lboniello, present, Daniel
16:03:41 <Zakim> RRSAgent, please draft minutes v2
16:03:42 <RRSAgent> I have made the request to generate https://www.w3.org/2023/11/30-wcag2ict-minutes.html Zakim
16:03:48 <Zakim> I am happy to have been of service, maryjom; please remember to excuse RRSAgent.  Goodbye
16:03:48 <Zakim> Zakim has left #wcag2ict
16:04:27 <maryjom> rrsagent, bye
16:04:27 <RRSAgent> I see no action items