From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.io!.POSTED.blaine.gmane.org!not-for-mail From: David Engster Newsgroups: gmane.emacs.devel Subject: Re: oauth2 support for Emacs email clients Date: Sun, 08 Aug 2021 16:47:35 +0200 Message-ID: <87k0kw6liw.fsf@randomsample> References: <52589.36892.953561.24840@gargle.gargle.HOWL> <87pmuofpai.fsf@gnu.org> <87sfzk71xw.fsf@randomsample> Mime-Version: 1.0 Content-Type: text/plain Injection-Info: ciao.gmane.io; posting-host="blaine.gmane.org:116.202.254.214"; logging-data="23827"; mail-complaints-to="usenet@ciao.gmane.io" User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.0.50 (gnu/linux) Cc: emacs-devel@gnu.org, Roland Winkler , Richard Stallman To: Thomas Fitzsimmons Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org Sun Aug 08 16:48:46 2021 Return-path: Envelope-to: ged-emacs-devel@m.gmane-mx.org Original-Received: from lists.gnu.org ([209.51.188.17]) by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1mCk6Y-0005z9-BA for ged-emacs-devel@m.gmane-mx.org; Sun, 08 Aug 2021 16:48:46 +0200 Original-Received: from localhost ([::1]:37052 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1mCk6W-0007O5-5y for ged-emacs-devel@m.gmane-mx.org; Sun, 08 Aug 2021 10:48:44 -0400 Original-Received: from eggs.gnu.org ([2001:470:142:3::10]:58130) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mCk5X-0006UB-3L for emacs-devel@gnu.org; Sun, 08 Aug 2021 10:47:43 -0400 Original-Received: from [2a03:4000:42:1a1:9400:eeff:feb4:c8a0] (port=39758 helo=zplane.randomsample.de) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mCk5U-0005xs-RD; Sun, 08 Aug 2021 10:47:42 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=randomsample.de; s=a; h=Content-Type:MIME-Version:Message-ID:Date: References:In-Reply-To:Subject:Cc:To:From:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=ysFo8pXBjhBASZwfpvKIkydqgVjB3jsKR/sxyGQXDAU=; b=aJg0/RLJaKpGf/y/dHu/KSElL PK6lX4fLRcCUGa8UURRdlb8QwsX/KBvhKgoD+lET0d+TyeY9daIzIInqIyO8MGaqXBWOLcORTElsP 11KdRfjTcSXkxaibg2L/e6HpJ+K0aWdAWSNEorXc73NAI2TdxM0amddPbKAICjZm9Xz5oCPtr+N/a CsgMNRzdOw37FA/qF8Y87r6ref9XFrqFxEoA23oaVnG/lTlzKeFBkK4rGvlesnidWey2QhYROYK/l 4/wObgpNju91t1j+si9bFjtT5uv8YczWEZDL0uadc+lm/sm5y4V8nFwrDLU9p91b2Ms3OxNqXYSkH xwvoMgK5A==; Original-Received: from ip5f5abab6.dynamic.kabel-deutschland.de ([95.90.186.182] helo=void) by zplane.randomsample.de with esmtpsa (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1mCk5Q-0003tC-JN; Sun, 08 Aug 2021 16:47:36 +0200 In-Reply-To: (Thomas Fitzsimmons's message of "Sun, 08 Aug 2021 10:22:16 -0400") X-Host-Lookup-Failed: Reverse DNS lookup failed for 2a03:4000:42:1a1:9400:eeff:feb4:c8a0 (failed) Received-SPF: pass client-ip=2a03:4000:42:1a1:9400:eeff:feb4:c8a0; envelope-from=deng@randomsample.de; helo=zplane.randomsample.de X-Spam_score_int: 1 X-Spam_score: 0.1 X-Spam_bar: / X-Spam_report: (0.1 / 5.0 requ) BAYES_05=-0.5, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RDNS_NONE=0.793, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=no autolearn_force=no X-Spam_action: no action X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org Original-Sender: "Emacs-devel" Xref: news.gmane.io gmane.emacs.devel:272202 Archived-At: > David Engster writes: > >>> Others have mentioned "officially" registering Emacs as IMAP/SMTP >>> clients for Office365 (and possibly Gmail), similar to what seems >>> to be the case for Thunderbird. I am wondering how davmail is >>> doing this. >> >> Microsoft has actually recognized that it does not make sense for >> desktop applications to embed secrets into their code, so they >> distinguish between "public" and "confidential" client applications: >> >> https://docs.microsoft.com/en-us/azure/active-directory/develop/msal-client-applications >> >> Public client applications do not have a client secret but only an ID >> which can simply be embedded into the application, which is how DavMail >> does it. Public client applications are only allowed to access web APIs >> on behalf of the user, but this is usually enough. > > Interesting, but are public client applications allowed to use > IMAP/SMTP? Or must public client applications use WebDAV to communicate > with Microsoft servers, like DavMail does? As I've written: Public client applications are only allowed to access web APIs, so no IMAP/SMTP. I usually use DavMail to get my mail downloaded to a locally running IMAP server. So yes, simply registering Gnus as a public client is not enough, one would also need a new backend specifically for Exchange. > It seems like Thunderbird could act as a public client application, > however I believe it is currently acting as a confidential client > application. I wonder why. Because they want to use IMAP/SMTP. -David