From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.io!.POSTED.blaine.gmane.org!not-for-mail
From: David Engster <deng@randomsample.de>
Newsgroups: gmane.emacs.devel
Subject: Re: oauth2 support for Emacs email clients
Date: Sun, 08 Aug 2021 18:00:29 +0200
Message-ID: <87fsvk6i5e.fsf@randomsample>
References: <52589.36892.953561.24840@gargle.gargle.HOWL>
 <E1mB3zO-0001a6-0V@fencepost.gnu.org> <87pmuofpai.fsf@gnu.org>
 <87sfzk71xw.fsf@randomsample> <m3y29cc8yv.fsf@fitzsim.org>
 <87k0kw6liw.fsf@randomsample> <m3lf5cc5sg.fsf@fitzsim.org>
Mime-Version: 1.0
Content-Type: text/plain
Injection-Info: ciao.gmane.io; posting-host="blaine.gmane.org:116.202.254.214";
	logging-data="39339"; mail-complaints-to="usenet@ciao.gmane.io"
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.0.50 (gnu/linux)
Cc: emacs-devel@gnu.org, Roland Winkler <winkler@gnu.org>,
 Richard Stallman <rms@gnu.org>
To: Thomas Fitzsimmons <fitzsim@fitzsim.org>
Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org Sun Aug 08 18:04:37 2021
Return-path: <emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org>
Envelope-to: ged-emacs-devel@m.gmane-mx.org
Original-Received: from lists.gnu.org ([209.51.188.17])
	by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
	(Exim 4.92)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org>)
	id 1mClHx-000A4T-HX
	for ged-emacs-devel@m.gmane-mx.org; Sun, 08 Aug 2021 18:04:37 +0200
Original-Received: from localhost ([::1]:34228 helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org>)
	id 1mClHv-00044o-Uj
	for ged-emacs-devel@m.gmane-mx.org; Sun, 08 Aug 2021 12:04:35 -0400
Original-Received: from eggs.gnu.org ([2001:470:142:3::10]:40344)
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <deng@randomsample.de>)
 id 1mClE5-0006XV-M3
 for emacs-devel@gnu.org; Sun, 08 Aug 2021 12:00:38 -0400
Original-Received: from [2a03:4000:42:1a1:9400:eeff:feb4:c8a0] (port=40188
 helo=zplane.randomsample.de)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <deng@randomsample.de>)
 id 1mClE3-0004qh-Ug; Sun, 08 Aug 2021 12:00:37 -0400
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
 d=randomsample.de; s=a; h=Content-Type:MIME-Version:Message-ID:Date:
 References:In-Reply-To:Subject:Cc:To:From:Sender:Reply-To:
 Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:
 Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id:
 List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive;
 bh=TqN88lFYeIEgWUw1kRLNOViGgp6N/YNfsgqfN3Vz5gU=; b=Dh1XXrCCjfvTAj2z+d+l6Wupe
 rwN/u5eJbD8EDMyt2XzIIt7SwFYHamG97D2UkOeyowG35p8R1oRaeiJ3MZoDKZvpys+ag9CJv4UZg
 BDqFdVyJv9uj6ODiB6xjgtZAh+1Ym9W+i8NqpPQgIVeOYWhdp62volJ7ukywjm/MeDO+coDgSH+0J
 o/DL0ZUnDJ9VYNV1cURg6+Hmzm75Yr42B9pai/a8v78EWwhNXTKPUqW5NA5FXFS7bgUF1DcQ0oBn5
 YnNCUbAYjfIP73NmslbkDvXv15g/3Ruo5VOw5v7dkBdnMAiXDv8Dw90Vf3intvshcN8PwMJTSAP8e
 pryJWdLnQ==;
Original-Received: from ip5f5abab6.dynamic.kabel-deutschland.de ([95.90.186.182]
 helo=void) by zplane.randomsample.de with esmtpsa
 (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92)
 (envelope-from <deng@randomsample.de>)
 id 1mClDy-00040a-9P; Sun, 08 Aug 2021 18:00:30 +0200
In-Reply-To: <m3lf5cc5sg.fsf@fitzsim.org> (Thomas Fitzsimmons's message of
 "Sun, 08 Aug 2021 11:30:55 -0400")
X-Host-Lookup-Failed: Reverse DNS lookup failed for
 2a03:4000:42:1a1:9400:eeff:feb4:c8a0 (failed)
Received-SPF: pass client-ip=2a03:4000:42:1a1:9400:eeff:feb4:c8a0;
 envelope-from=deng@randomsample.de; helo=zplane.randomsample.de
X-Spam_score_int: -12
X-Spam_score: -1.3
X-Spam_bar: -
X-Spam_report: (-1.3 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RDNS_NONE=0.793,
 SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=no autolearn_force=no
X-Spam_action: no action
X-BeenThere: emacs-devel@gnu.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: "Emacs development discussions." <emacs-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/emacs-devel>,
 <mailto:emacs-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/emacs-devel>
List-Post: <mailto:emacs-devel@gnu.org>
List-Help: <mailto:emacs-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/emacs-devel>,
 <mailto:emacs-devel-request@gnu.org?subject=subscribe>
Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org
Original-Sender: "Emacs-devel"
 <emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org>
Xref: news.gmane.io gmane.emacs.devel:272206
Archived-At: <http://permalink.gmane.org/gmane.emacs.devel/272206>

>> As I've written: Public client applications are only allowed to access
>> web APIs, so no IMAP/SMTP.
>
> OK; I wasn't sure if by "web APIs" you meant only "OAuth-related web
> APIs".  Thanks for confirming.
>
> I wonder why Microsoft does not allow public client applications to use
> IMAP/SMTP.

Actually, after I've looked a bit into this, I think I'm mistaken and it
is possible to register a public client with IMAP access.

> Maybe the FSF could request that Emacs be registered as a public client
> application and also be allowed to use IMAP/SMTP.  That would solve the
> "embedding a secret in Free Software" part of the OAuth registration
> issue, at least for Microsoft servers.

In a company setting based on Microsoft services, the problem is not
really so much to get your client registered, but to get your IT
department to enable IMAP and to explicitly allow your application
access to your mailboxes.

-David