Re: Google Wants to Kill the URL

I guess the problem, succinctly stated, might be this:

1. Website owners want it to be difficult for their identity to be forged - they want their customers to be coming to them, and not an imposter. The URL is part of their brand identity. Attackers frequently (and successfully) imitate legitimate sites by imitating their URLs.

2. Ordinary users want to be sure they are visiting the correct store; when you hand over either money or other valuable data, you don’t want to be giving it to an attacker. It is increasingly difficult for an ordinary person to tell that they are being attacked, due to having to parse complicated-looking URLs in order to verify their own security.

The relationship between URL and identity has been fraught since the Web began, and the TAG has attempted to address this question before. Having a better relationship between technical identity, and the intuitive ("brand”) identity of a site may be helpful in improving Web security.

- johnk

> On Sep 5, 2018, at 1:24 PM, Daniel Appelquist <dan@torgo.com> wrote:
> 
> Ever since there has been a URL people have been proclaiming its imminent demise. However, from what I can tell, the article is about how the URL is surfaced in a specific browser UI. This feels out of scope for the TAG.
> 
> Dan
> 
> On Wed, 5 Sep 2018 at 17:55 Melvin Carvalho <melvincarvalho@gmail.com <mailto:melvincarvalho@gmail.com>> wrote:
> Bit of a click-baity title, but this article, which is about the URL in the browser, may be of interest to the TAG
> 
> https://www.wired.com/story/google-wants-to-kill-the-url/ <https://www.wired.com/story/google-wants-to-kill-the-url/>
> 
> I posted this here because there was a request from Adrienne Porter Felt (chrome) for feedback 
> 
> https://twitter.com/__apf__/status/1037057268510912512 <https://twitter.com/__apf__/status/1037057268510912512>
> 
> "If you're an academic researcher doing work in this space, I would LOVE to hear from you!"
>