I don't know what you're talking about at the end, but you're definitely applying an inconsistent (double) standard at at least one point in your comment. The status quo is one where the reference is either completely unresolvable, or the referent accessible only after some effort that would have been better avoided. Forward-declared identifiers don't exacerbate any of these issues. Meanwhile, the set of things ameliorated by them is non-empty.
Basically I'd rather be using cryptographic hashes of the page instead of URLs so that if I trust the hash then I have an obvious mechanism for determining if I should trust the payload that the hash refers to.
Stability like that would severely limit the places that a malicious payload could hide, and it would enable users to compare notes about what is or is not trustworthy.
If the identifier can exist before its referent, then any such verify-the-payload-given-the-id activity becomes much more complicated because we now have to wonder if we're getting different versions of the page for the same identifier (e.g. like when airlines present different prices based on which browser you've used even though you used the same link in each. I'm trying to dream up a web where that's not possible).
Hashes are not memorable. I can’t give my gramma a hash, but I can give her example.com/recipe123. If she trusts example.com, or me, she should be able to trust the content. If she does neither, a hash will not save her because she needs to have seen the content first to make a decision to trust it.
It's fairly common to create "link" objects which have both a human readable component and a URL component. Not much would be lost if the URL got less readable, we'd just have to be more diligent about associating a human readable string with the link. This could be done automatically if the content happens to provide its own "name" field. Otherwise you'd just have to give your link a name.
Links which are displaying an ad-hoc name can show up in one color. Links which display whatever the content names itself can show up in another color. We can have different fonts for whether people you trust have flagged the content as trustworthy or whether the've flagged it as malicious. Nobody needs to see the hash itself. But none of that works if a link might resolve to different content at different times.
As far as needing to see the content before you know you can trust it... There's no harm in fetching malicious data and taking a peek at it. Just don't act on it.
If we train people to not even look at the threats then they're not going to have a feel for what threats actually look like.
I think that is too much infrastructure for just a link. I think links are fine the way they are today. There are other problems with the web, but it's not links. Also, simetimes taking a look is the same as acting on it. Clicking on an link in outlook is often acting on it, if it's some script or whatever it is that people do on outlook.
If it's content addressed you can gossip content between users, so I'd say it's far less infrastructure because you don't need servers.
But I know what you mean, it's a lot for the user to manage. I'm just looking for something drastic to change because the web as it is makes me feel like a rat in a maze. I'm trying to figure out how to leave notes on the walls for the other rats.
