A container is a directory on the filesystem.
If the container is serving, a base URL must be specified. It is therefore possible to have an NFS mount from a different server and serve directly from that server. The base URL can use any protocol, e.g. HTTP / FTP.
Not secure - URLs can be reused by anyone, even for non-serving and 'enforce access control' containers. This will be fixed for non-serving containers with .htaccess files.
Not dynamic - files with filenames in a serving container will not have deduplication.
A URL will be reused if a file is removed and then another file with the same name is added. Therefore, there is no aggressive client side caching.