Closed stuartpb closed 7 years ago
It also clears the path for a different kind of questionnaire. For instance, right now a site that requires several questions to be answered, each one being mandatory, would be represented as a series of lists with required: 1
and one item under options
. In that case, it's probably not a knowledge
set of questions, and should probably be profiled in a different structure.
Actually, what about challenge
? That's the term Washington Connect uses, and I think it makes about as much sense.
Admittedly, it's not as precise as knowledge
(a CAPTCHA is a kind of challenge, too, after all), but it's also not as broad (knowledge
can describe lots of things, like, say, a "knowledge base", and seeing "requires knowledge" is a lot more "lol wut" than "requires challenge").
I'm going to go forward with this right now as challenge
.
I'm thinking
questions
should get moved under aknowledge
field (ie. becomingknowledge.questions
), which can describe "user knowledge" as a component of the profile in general.I think this should be moved under a more general topic to mirror
password
,username
, and other profile-oriented topics: this would also allow forknowledge.notes
to describe user questions instead ofquestions[0].notes
, which is where notes are going right now.It'll also open up the door for
knowledge.answers.contents
andknowledge.answers.value
(andknowledge.answers.value.must
etc), introduce a name for use in other fields to refer to when answers are required, as well as future fields that can describe other aspects of how user knowledge may be used (for instance, when knowledge answers can be used to recover a password without an email).Some names I considered and rejected for the umbrella for this:
security
: As I said in https://github.com/opws/domainprofiles/issues/22#issuecomment-278618444,security
is too broad to use as a top-level container name, even though it would make thissecurity.questions
, in line with what it's normally called.secret
orsecrets
: Not only issecret
also too broad (aren't passwords supposed to be secret, too?), it also reflects a fundamental misunderstanding in the design of security questions: their answers, when followed by design, are not inherently secret. See the Sarah Palin Yahoo hack, for instance.facts
ortrivia
: Also too broad, could easily be seen as overlapping withnotes
(and also presupposes more about questions than is inherently true: they could just as easily be opinions).