This is exactly the sort of discussion I want to see in the middle of all the excitement. Let's air out the pieces of the system that are most troublesome, are glossed-over, etc., and ensure there's a solid foundation here to build upon. Hopefully Google will provide good answers for a lot of the concerns he raises.
The following quote is more of a minor note, but it was something I didn't think about until I read it:
While this "permanent memory" was there almost since the beginning of the Internet, it was never before real-time. How could we take back an information from a Wave? Imagine you have misplaced your password to the wave instead of password input box. It will always be visible. OK, I could change my password, but what about unfortunate copy&paste event with a credit card number?
I've played with Wave and the live editing feature has already bitten me a couple times. I haven't found the setting yet, but supposedly you'll be able to toggle that feature, so wavelet edits are only transmitted when you "commit" it.
I really hope Google turns it off by default, or at least gives you an account-wide setting to disable by default and let you enable it selectively.
It's also worth noting that I think this would be enabled/disabled at the client level rather than the protocol level, so alternative clients will certainly offer more control.
The following quote is more of a minor note, but it was something I didn't think about until I read it:
While this "permanent memory" was there almost since the beginning of the Internet, it was never before real-time. How could we take back an information from a Wave? Imagine you have misplaced your password to the wave instead of password input box. It will always be visible. OK, I could change my password, but what about unfortunate copy&paste event with a credit card number?