On 3/4/2014 3:03 AM, Cantor, Scott wrote:
Big question: how much to do with ABFAB does this really have, vs.
essentially any really usable client UI for a non-trivial GSS-API
mechanism? More to the point, is this open to contributions from other
perspectives to broaden the document's applicability? I got the sense that
other than mentioning an NAI a fair bit, there's not much specific to
ABFAB here.
Nicely phrased.
To carry it further: Usability is very difficult specialty, often
finding that counter-intuitive results are best. My standard example is
that we typically assume it is always better to give users more
information, but in fact it isn't. (Think of the classic Bell curve.
Hitting the statistical peak, for users' cognitive load, means not too
little information and not too much.)
Although entirely well-intentioned, the draft suffers from either
offering very generic suggestions, such as:
"Implementers of an identity selector will need to carefully
consider their intended audience..."
or very specific advice that is given without empirical justification
and possibly contrary to empirical evidence, such as:
"Friendly icon for identity: To allow the user to differentiate
between the set of identities they have they should be able to set
an icon for that particular identity."
I chose that latter example because it is so obviously reasonable; it's
difficult to believe that it's not a good suggestion. However my
understanding is that users often are actually delayed or confused by
designs with icon usage, like this, that hasn't first been tested for
efficacy. So, sometimes, the icons are a good idea. Sometimes they
aren't. Guidance about making the choice is where the hard work is.
The draft offers no citations for HCI, UX, UCD or Usec research or
experience. That's an indication that it has the best of intentions,
but lacks both theoretical and empirical underpinnings, for a topic that
is acknowledged by its leaders to require both, when doing design.
And as difficult as usability is generally, it is much worse for usable
security...
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
_______________________________________________
abfab mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/abfab
