On 8/21/06, Mimi Yin <[EMAIL PROTECTED]> wrote:
+ However, we don't want users to pass around plain English URLs that would be dead simple for everyone to hack (e.g. osaf.us/bcm/work) + Machine-generated tickets are better used as a URL, something the user clicks on
just to clear up any confusion, the url for the collection is no more or less hackable whether or not the url contains a ticket, if the server also requires a password to be presented. a ticket serves two purposes: 1) to assert that the sharer used some out of band mechanism to validate the identity of the sharee and gave him the ticket upon success, and 2) to identify some privilege (read-only, read-write, or free-busy) on the resource. in the case where the collection has a password set, presentation of the password takes over responsibility #1, but the ticket still has responsibility #2. what if, instead of using both a machine-generated, unmemorable ticket AND a user-generated, memorable password, we simply let the sharer choose the ticket string if he wants, letting the server generate a random one as it does today if the sharer doesn't care? _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ Open Source Applications Foundation "Design" mailing list http://lists.osafoundation.org/mailman/listinfo/design
