Do you view 'a HN reader' as a reasonable representation of someone skilled in the art [of creating and serving websites]?
Unless I'm missing something, the only conclusion that I can see following this line of reasoning is that skill in the art is inversely proportional to a person's 'reasonableness' in this matter.
If a quorum of experts are coherently proposing that certain actions are reasonable, even if you find them distasteful, at what point is 'reasonable' no longer reasonable?
For what it's worth, despite sounding like a rhetorical question, I am truly interested to know your thoughts on that last matter.
People on HN are not representative, because they know about computer security and HTTP access codes. We don’t live in a world where those people get to make the rules. We live in a world where the rules are set by reference to ordinary people. My mom gets to set the rules for what’s “reasonable” (what are the social norms everyone has to follow). Not you or me.
My point is that a reasonable layman would assume that if a document was not linked or indexed from a public portion of the site, it was not meant to be accessed. That makes sense, because if the document was meant to be accessed, it would be made accessible in a way a reasonable lay person would know how to access it.
And others point out that editing a URL to increment an ID which is obviously sequential is absolutely a reasonable way of browsing the web. That doesn't mean a lay person has to know how to do it, but that they wouldn't think anything criminal was happening if they watched someone else do it.