I am in the process of creating a web app. Since I admire the directness of Twitter's URL scheme for user pages, I'm trying to emulate them. I'd like my users' profile pages to be available at http://myapp.com/user_chosen_identifier. Right now I have some basic code for ensuring RFC3305 compliance with what I put in a URL, but I'm more worried about what words I should reserve. There was a question a year ago that almost, but not quite, addressed this problem. I'm using Routes, so it's pretty trivial to implement - but I'm not sure what to implement.
I've done a brainstorming session to think of some identifiers to prohibit (default.anything, about, admin, and so on), but that's obviously not all the work that could be done, so I'm asking the community to tell me about best practices and consensus.
What are some words that I should prohibit users from using in their identifiers if I use an http://myapp.com/user_chosen_identifier URL scheme ? Is there a list of recommendations that I can start from?
Alternatively, is this a fundamentally intractable problem like the clbuttic error and curseword filtering in general? *