w3c / captcha-accessibility

Inaccessibility of CAPTCHA
https://w3c.github.io/captcha-accessibility/
Other
3 stars 4 forks source link

blinded verifications and related work are currently missing #35

Open npdoty opened 5 years ago

npdoty commented 5 years ago

There are protocols under discussion and development that could provide anonymity, unlinkability or other privacy properties even when relying on a CAPTCHA provider and further work in that direction could provide a more generalizable solution.

For example, blinded signing of passes can allow a service to break the link between knowing which user completed which CAPTCHA and then when they used that CAPTCHA to prove their humanness and access a service. Privacy Pass is a protocol and browser extension implementing that functionality. The current design still relies on a centralized party, like a large CDN in front of many services that is also providing some protection against malicious traffic, but there could be further designs to make this off-path in a way that a third-party service provider could provide blinded tokens and redemption wouldn't need the user to directly contact the third-party.

The BrowserID protocol (no longer being actively developed) allowed for identity providers to authenticate a user to a relying party without the identity provider learning which relying parties the user authenticates with. That's just an example to note the privacy implications both of what is revealed to the host server and what is revealed to the third-party (for example, which services the user is trying to use).

JaninaSajka commented 5 years ago

Hello:

Thank you for your very helpful comments. We are working to revise our draft to incorporate your references, and to respond to other substantive comments received in recent weeks.

It is now clear to us that we will need to publish a second wide-review draft before finalizing this document.

Best,

Janina Sajka APA Chair

e271828- writes:

We are working on extending the OPRF draft IETF standard (https://github.com/chris-wood/draft-sullivan-cfrg-oprf/blob/master/draft-sullivan-cfrg-oprf.md) to address the accessibility use case, in particular for our hCaptcha.com service.

It is currently used by Cloudflare and hCaptcha.com for Privacy Pass (https://privacypass.github.io) anonymous user-authentication.

Will take us another week or so before we are ready to publish a proposal, but we believe it solves many issues in a way that preserves privacy while being substantially more robust to typical attacks.

Audio is dead as a countermeasure, so is no longer a plausible alternative. If it were effective, there would be no reason for reCAPTCHA to disable it when suspicious, as @dessant points out in w3c/captcha-accessibility#28 .

If this draft is still open for comments let me know, and we will work with you on extending it to cover this work.

-- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: w3c/captcha-accessibility#27

--

Janina Sajka

Linux Foundation Fellow Executive Chair, Accessibility Workgroup: http://a11y.org

The World Wide Web Consortium (W3C), Web Accessibility Initiative (WAI) Chair, Accessible Platform Architectures http://www.w3.org/wai/apa