undefined | Better HN

0 pointsvel0city2y ago0 comments

There's one big functional difference. People don't normally have their username and password or API key directly in the URL.

Example 1:

Alice wants Bob to see CoolDocument. Alice generates a URL that has the snowflake in the URL and gives it to Bob. Eve manages to see the chat, and can now access the document.

Example 2:

Alice wants Bob to see CoolDocument. Alice clicks "Share with Bob" in the app, grabs the URL to the document with no authentication encoded within and sends it to Bob. Bob clicks the link, is prompted to login, Bob sees the document. Eve manages to see the chat, follows the link, but is unable to login and thus cannot see the document.

Later, Alice wants to revoke Bob's access to the document. Lots of platforms don't offer great tools to revoke individual generated share URLs, so it can be challenging to revoke Bob's access without potentially cutting off other people's access in Example 1, as that link might have been shared with multiple people. In example 2, Alice just removes Bob's access to the doucment and now his login doesn't have permissions to see it. Granted, better link management tools could sovle this, but it often seems like these snowflake systems don't really expose a lot of control over multiple share links.

0 comments

Dylan168072y ago

Example 2 sounds like a pretty big pain if I can't go directly from Bob's chat account to his document account. Which is the case the vast majority of the time.

vel0cityOP2y ago

And yet somehow you managed to log in to this site to post this comment here despite needing to log in. Crazy huh, I would have thought it would have been a pretty big pain.

Or are you saying its a pain for you, Eve, not being able to see Bob's documents so easily?

Dylan168072y ago

The problem isn't logging in. It's trying to figure out what account to share access to. For a pretty straightforward analogy, I have never had to figure out somebody's steam handle in order to reply to them on HN.

And when I'm replying to someone on HN, I never have to worry "do they have an HN account already?".

j / k navigate · click thread line to collapse

0 pointsvel0city2y ago0 comments

There's one big functional difference. People don't normally have their username and password or API key directly in the URL.

Example 1:

Alice wants Bob to see CoolDocument. Alice generates a URL that has the snowflake in the URL and gives it to Bob. Eve manages to see the chat, and can now access the document.

Example 2:

0 comments

Dylan168072y ago

Example 2 sounds like a pretty big pain if I can't go directly from Bob's chat account to his document account. Which is the case the vast majority of the time.

vel0cityOP2y ago

And yet somehow you managed to log in to this site to post this comment here despite needing to log in. Crazy huh, I would have thought it would have been a pretty big pain.

Or are you saying its a pain for you, Eve, not being able to see Bob's documents so easily?

Dylan168072y ago

And when I'm replying to someone on HN, I never have to worry "do they have an HN account already?".

j / k navigate · click thread line to collapse