Cryptpad is
the zero knowledge realtime collaborative editor. Encryption carried out in your web browser protects the data from the server, the cloud, and the NSA. The secret encryption key is stored in the URL fragment identifier which is never sent to the server but is available to javascript so by sharing the URL, you give authorization to others who want to participate.
So if I understand this correctly, I created a CryptPad document and receive a URL like this:
https://beta.cryptpad.fr/pad/#/1/edit/gWm4wTGvo+xUFi6Kuf2LUg/YnXDQ9wPBuert6CxdATVEdp+
The text I type into the document is encrypted on the server. The identifier in the URL is the encryption key, but is never stored on the server. The only way to decrypt the text is with the URL which, of course, is sent over SSL so that there’s no way to easily intercept it.
Very clever.