[cap-talk] Webkeys vs. the web

[Raoul Duke]

> A webkey will have a random-looking object ID that the user would have to
> assume might be specific to their account.

from a usability+security standpoint, i don't feel it is OK to require
that users parse URLs to decide if they are something they shouldn't
copy-and-paste to another person, and to figure out precisely what
another person would then see if they followed it.

sincerely.