[cap-talk] Re: (was: What's in a name) Secret URL, SURL - "Web key"?

Jed at Webstart donnelley1 at Webstart.Com
Thu Dec 8 22:10:03 EST 2005 

At 03:51 PM 12/8/2005, Sam Coleman wrote:
>At 11:58 AM 12/8/2005, you wrote:
>>What do others think about this "Secret URL" and SURL proposal?
>>I'm with Ping and it seems Sandro in liking this choice.  Can we agree
>>on this name and abbreviation?  Dissent?
>
>Yeah, I'll dissent

Thanks!

>If you want this to become widespread, then the 
>average person needs to understand it. URL is 
>probably not understood now, so SURL will be worse.

OK.  I still think an abbreviation term like 
"URL" is useful at some point, but let's focus on the higher level term.

What about "Secret link" as later came up on the list?

>(Both are fine for the tech community.) It's 
>also not secret--people can pass them around 
>without divulging the secret beyond what the pointer allows.

No, this is exactly the point.  If people do 
"pass them around" as you say, they are sharing 
permissions.  They are giving something that 
might be important away - very much like 
"divulging" a password.  It may be true that we 
can protect the raw data in some encrypted form, 
but all that does is to put a layer of protection 
against inadvertent disclosure.  The important 
thing from a user perspective is that this 
"thing" does represent the right (permission) to access some resource/object.

>I think that "Secure" is a better prefix. People 
>are sort of used to using "secure" sites, and 
>that is really what you are providing.

I don't think so.  What's "secure" about:

https://wideword.net/doc/i%2Bej6NZzbDWtc2k444Nk%2FQ%3D%3D

(even if I had encryption protecting it's 
representation)?  Once I put it into an email or 
into a Web page or any other shared container my 
intention is to deliberately give whatever 
permission it conveys to whoever has access to 
that new container.  There is no inherent 
"security" in that act.  Care must be 
taken.  Matches and children and all that.

>So, what term is the public most used to using? 
>"Bookmark" seems to be one. I don't understand 
>your objection. You use a bookmark to mark a 
>place in a book. A web bookmark marks the place 
>on the web. "Pointer" might be another possibility, but less intuitive.

I'm content to accept that if that's what people 
really think.  Remember, though, that this 
particular sort of "bookmark" isn't just telling 
you where you are, it is actually a key that 
unlocks something.  That's why others have suggested the key metaphor.

What do you think about Web key?

>On the other hand, if you want a term to be used 
>only by developers, then SURL is fine.

I think it will be helpful to have a separate 
term for the representation.  Even people in the 
street use the term URL, far more I think than 
the term "bookmark".  I never hear that term when 
referring to what one copies off a billboard or 
pulls out of an email or ...  It's always a 
URL.  Do others have a different experience?

>They will, of course, coin a new term for 
>whatever the application user sees. Too bad it can't be the same.

I believe it is what a user sees/hears/user 
(transcending specific applications) that's 
important for this level of discussion.  We have 
to have demonstrations and words to use when 
selling this stuff.  As I mentioned in my previous message:

For me the power comes when I as, say, a manager or
a salesman or ... can create a new sharing structure out
of whole cloth:

https://wideword.net/doc/i%2Bej6NZzbDWtc2k444Nk%2FQ%3D%3D

, put some "stuff" (other sharings) in it, and then send it to you
in an email and be confident that you got exactly the permissions
that I wanted to convey.  Also that we can use those permissions
to facilitate further cooperative work on what is now our common
project.  That sort of bootstrapping without needing any damn
system administrator (I am one of those ;-) or the like to set up
a "group" or set up passwords or accounts or ........

I believe that is a very empowering technology.

It's a little like the power of a wiki, but:

1.  It transcends specific systems and "accounts",

2.  It isn't just about text or images, but more general
resources that can be things like bank accounts, the
permission to change a schedule or exercise a reservation,
a shared project file, etc., etc.

<off topic>
I actually think an important aspect of such empowerment
is the ability to effectively manage financial transactions.  Maybe
I'll tickle Ian's interest with this, but we may find agreement in
considering the current situation where we transfer what amounts
to a password to access our account (credit card number,
expiration date , etc.) to every vendor as BROKEN.

To me a much better approach (closer to the German
"Überweisung" or money transfer) is to go to the vendor
and basically get a signed agreement to sell/buy.  I take
that to my account (where I do use a "capability" for access,
not something that I give to the vendor certainly) and say,
"pay this".  This can all be done with one drag and drop
through a Web interface.  I get an acknowledgement for the
amount.  I'm in control and I know what happened.  It's not
the sort of thing where the vendor can charge anything
he wants and my only recourse is to take it up with my
credit card company.  What nonsense!

I guess that's another topic, but it's something that
really sticks in my craw.  We do have a long ways to go
on this stuff.
</off topic>

More information about the cap-talk mailing list