Not a lawyer ofc, but I would not expect that line of reasoning to hold up in court as I wouldn't expect "the door was unlocked, your honor" to excuse trespassing.
So every URL is a trespass unless you have explicit permission?
If you say the protocol determines authorization, then the Fizz protocol granted them authorization. I don't have a clear answer here because it is messy.
Its not all or nothing. The law is literally decided on a case by case basis.
Going to the home page of a public website is clearly authorized access. Creating admin users for yourself on someone else's server without permission is clearly unauthorized access. Any judge or jury would agree.
