> a "simple URL" isn't big enough to hold a full-entropy encryption key.
I don’t care about that most of the time. When I do I’m unlikely to trust some random web service anyway (how do I know the author didn’t turn rogue the day before and decided to send a copy of every file to their own server?).
The service could offer a choice, where picking the short link comes with a big red warning. That could even be hidden under some setting on the page, since it’s the sender who needs to understand the implications.
> the usability gains of the recipient not needing a CLI tool installed might be worth the tradeoff for some folks.
That’s exactly what I’m looking for. Whenever I need one of these services, there is 0% chance the person on the other side would know how (or have the patience) to install a command-line tool.
> I'm the author of magic-wormhole
Thank you for taking the time to expand so thoroughly from experience.
I don’t care about that most of the time. When I do I’m unlikely to trust some random web service anyway (how do I know the author didn’t turn rogue the day before and decided to send a copy of every file to their own server?).
The service could offer a choice, where picking the short link comes with a big red warning. That could even be hidden under some setting on the page, since it’s the sender who needs to understand the implications.
> the usability gains of the recipient not needing a CLI tool installed might be worth the tradeoff for some folks.
That’s exactly what I’m looking for. Whenever I need one of these services, there is 0% chance the person on the other side would know how (or have the patience) to install a command-line tool.
> I'm the author of magic-wormhole
Thank you for taking the time to expand so thoroughly from experience.