Add Accessibility Considerations section

index.bs

@@ -7052,6 +7052,15 @@ the [=[RP]=] could mitigate the privacy leak using the same approach of returnin
 as discussed in [[#sctn-username-enumeration]].
 
 
+# Accessibility Considerations # {#sctn-accessiblility-considerations}
+
+[=User verification=]-capable [=authenticators=], whether [=roaming authenticators|roaming=] or [=platform authenticators|platform=], should offer users more than one user verification method.  For example, both fingerprint sensing and PIN entry. This allows for fallback to other user verification means if the selected one is not working for some reason. Note that in the case of [=roaming authenticators=], the authenticator and platform might work together to provide a user verification method such as PIN entry [[FIDO-CTAP]].
+
+[=[RPS]=], at [=registration=] time, SHOULD provide affordances for users to complete future [=authorization gestures=] correctly. This could involve naming the authenticator, choosing a picture to associate with the device, or entering freeform text instructions (e.g., as a reminder-to-self).
+
+[=Ceremonies=] relying on timing, e.g., a [=registration ceremony=] (see {{PublicKeyCredentialCreationOptions/timeout}}) or an [=authentication ceremony=] (see {{PublicKeyCredentialRequestOptions/timeout}}), ought to follow [[!WCAG21]]'s [Guideline 2.2 Enough Time](https://www.w3.org/TR/WCAG21/#enough-time). If a [=client platform=] determines that a [=[RP]=]-supplied timeout does not appropriately adhere to the latter [[!WCAG21]] guidelines, then the [=client platform=] MAY adjust the timeout accordingly.
+
+
 # Acknowledgements # {#sctn-acknowledgements}
 We thank the following people for their reviews of, and contributions to, this specification:
 Yuriy Ackermann,