Re: (was: What's in a name) Secret URL, SURL - "Web key"?
Jed at Webstart
donnelley1 at Webstart.Com
Thu Dec 8 22:10:03 EST 2005
At 03:51 PM 12/8/2005, Sam Coleman wrote:
>At 11:58 AM 12/8/2005, you wrote:
>>What do others think about this "Secret URL" and SURL proposal?
>>I'm with Ping and it seems Sandro in liking this choice. Can we agree
>>on this name and abbreviation? Dissent?
>Yeah, I'll dissent
>If you want this to become widespread, then the
>average person needs to understand it. URL is
>probably not understood now, so SURL will be worse.
OK. I still think an abbreviation term like
"URL" is useful at some point, but let's focus on the higher level term.
What about "Secret link" as later came up on the list?
>(Both are fine for the tech community.) It's
>also not secret--people can pass them around
>without divulging the secret beyond what the pointer allows.
No, this is exactly the point. If people do
"pass them around" as you say, they are sharing
permissions. They are giving something that
might be important away - very much like
"divulging" a password. It may be true that we
can protect the raw data in some encrypted form,
but all that does is to put a layer of protection
against inadvertent disclosure. The important
thing from a user perspective is that this
"thing" does represent the right (permission) to access some resource/object.
>I think that "Secure" is a better prefix. People
>are sort of used to using "secure" sites, and
>that is really what you are providing.
I don't think so. What's "secure" about:
(even if I had encryption protecting it's
representation)? Once I put it into an email or
into a Web page or any other shared container my
intention is to deliberately give whatever
permission it conveys to whoever has access to
that new container. There is no inherent
"security" in that act. Care must be
taken. Matches and children and all that.
>So, what term is the public most used to using?
>"Bookmark" seems to be one. I don't understand
>your objection. You use a bookmark to mark a
>place in a book. A web bookmark marks the place
>on the web. "Pointer" might be another possibility, but less intuitive.
I'm content to accept that if that's what people
really think. Remember, though, that this
particular sort of "bookmark" isn't just telling
you where you are, it is actually a key that
unlocks something. That's why others have suggested the key metaphor.
What do you think about Web key?
>On the other hand, if you want a term to be used
>only by developers, then SURL is fine.
I think it will be helpful to have a separate
term for the representation. Even people in the
street use the term URL, far more I think than
the term "bookmark". I never hear that term when
referring to what one copies off a billboard or
pulls out of an email or ... It's always a
URL. Do others have a different experience?
>They will, of course, coin a new term for
>whatever the application user sees. Too bad it can't be the same.
I believe it is what a user sees/hears/user
(transcending specific applications) that's
important for this level of discussion. We have
to have demonstrations and words to use when
selling this stuff. As I mentioned in my previous message:
For me the power comes when I as, say, a manager or
a salesman or ... can create a new sharing structure out
of whole cloth:
, put some "stuff" (other sharings) in it, and then send it to you
in an email and be confident that you got exactly the permissions
that I wanted to convey. Also that we can use those permissions
to facilitate further cooperative work on what is now our common
project. That sort of bootstrapping without needing any damn
system administrator (I am one of those ;-) or the like to set up
a "group" or set up passwords or accounts or ........
I believe that is a very empowering technology.
It's a little like the power of a wiki, but:
1. It transcends specific systems and "accounts",
2. It isn't just about text or images, but more general
resources that can be things like bank accounts, the
permission to change a schedule or exercise a reservation,
a shared project file, etc., etc.
I actually think an important aspect of such empowerment
is the ability to effectively manage financial transactions. Maybe
I'll tickle Ian's interest with this, but we may find agreement in
considering the current situation where we transfer what amounts
to a password to access our account (credit card number,
expiration date , etc.) to every vendor as BROKEN.
To me a much better approach (closer to the German
"Überweisung" or money transfer) is to go to the vendor
and basically get a signed agreement to sell/buy. I take
that to my account (where I do use a "capability" for access,
not something that I give to the vendor certainly) and say,
"pay this". This can all be done with one drag and drop
through a Web interface. I get an acknowledgement for the
amount. I'm in control and I know what happened. It's not
the sort of thing where the vendor can charge anything
he wants and my only recourse is to take it up with my
credit card company. What nonsense!
I guess that's another topic, but it's something that
really sticks in my craw. We do have a long ways to go
on this stuff.
More information about the cap-talk