[Cryptography] How should we encrypt external mail attachments

[John Levine]

It appears that Phillip Hallam-Baker <phill at hallambaker.com> said:
>I make an extensive proposal here (see EARL section), basically it is a URI
>that combines a locator and decryption key so that the EARL is a bearer
>token for the content.

I don't understand what the advantage is over a plain URL that is long enough
to be hard to guess.  Either way, if you have the URL you can get the file.

R's,
John