From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.io!.POSTED.blaine.gmane.org!not-for-mail From: Thomas Fitzsimmons Newsgroups: gmane.emacs.devel Subject: Re: oauth2 support for Emacs email clients Date: Sat, 14 Aug 2021 11:00:58 -0400 Message-ID: References: <52589.36892.953561.24840@gargle.gargle.HOWL> <87pmuofpai.fsf@gnu.org> <87sfzk71xw.fsf@randomsample> <87k0kw6liw.fsf@randomsample> <87fsvk6i5e.fsf@randomsample> Mime-Version: 1.0 Content-Type: text/plain Injection-Info: ciao.gmane.io; posting-host="blaine.gmane.org:116.202.254.214"; logging-data="27677"; mail-complaints-to="usenet@ciao.gmane.io" User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.0.50 (gnu/linux) Cc: winkler@gnu.org, deng@randomsample.de, emacs-devel@gnu.org To: Richard Stallman Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org Sat Aug 14 17:01:50 2021 Return-path: Envelope-to: ged-emacs-devel@m.gmane-mx.org Original-Received: from lists.gnu.org ([209.51.188.17]) by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1mEvAU-00072M-5z for ged-emacs-devel@m.gmane-mx.org; Sat, 14 Aug 2021 17:01:50 +0200 Original-Received: from localhost ([::1]:35504 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1mEvAR-0000Y3-U9 for ged-emacs-devel@m.gmane-mx.org; Sat, 14 Aug 2021 11:01:47 -0400 Original-Received: from eggs.gnu.org ([2001:470:142:3::10]:56300) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mEv9n-0008IP-Gi for emacs-devel@gnu.org; Sat, 14 Aug 2021 11:01:07 -0400 Original-Received: from mail-qv1-xf2e.google.com ([2607:f8b0:4864:20::f2e]:43839) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1mEv9j-0008Ks-KJ for emacs-devel@gnu.org; Sat, 14 Aug 2021 11:01:07 -0400 Original-Received: by mail-qv1-xf2e.google.com with SMTP id db14so6878958qvb.10 for ; Sat, 14 Aug 2021 08:01:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fitzsim-org.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:references:date:in-reply-to:message-id :user-agent:mime-version; bh=KsNEmjcVND0pD2QH7qnLpbr7vdg8BwqQaIc1eRWIK/8=; b=Zf4x306mieHxpLdm2fWfNHF4LlxZRzMIQb+XAzyj9a0QZ18Tvq2enQN1JxC4OFg/wl rnmbBIPVl7vvGrW9pGELqLepCZ6n4We0pGskQ2yOLFVOwxNMCZqsODWrO05XJwXQ3ErJ ODht5YCaBc2HkBhrqifiFlZrxsxZPyu08N6WeEv3FOaXJ6zE+bsWdq+e3SCuB01RdGQ/ S1SyYc2qkHy73kdbRr0dVyQpz2GitLZ0ebZITNp54Pwa2HGjrn8QAlB+V0u06brkqyCR YMRmq6vz8L/fBcDwtYFguVPrIXyxE0pN0VqP6n9oWkwZX2IoprVChzpvoZQgYZBn/suH r0Nw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:references:date:in-reply-to :message-id:user-agent:mime-version; bh=KsNEmjcVND0pD2QH7qnLpbr7vdg8BwqQaIc1eRWIK/8=; b=Nlc69U18BxWx54PVP0Xc79M1rCUGn/x4NHDgTuvdGjHpLMYkeWvh8R7TH2GpFlwHdJ 6t56KxLzu5HRt745pAxpqEjath225mdqoyNExExNQ9GsezckSJNrPgkRHD19yy0bJUbx Vvm1CMHZMxvsSKr6pJytgQDCBCZts+nIbgioW3HNTjTq6QZjBiFlQbJBbuNmrsYmRW+J 0qGyVHNOQAyJzkprSB7Vv39SMMOLp1pZEsLYm4APWIBF6fRaTNGfcYc8kyBG/H2FMAkG Dcv+7oChmxafAGFP93tXAhPbs7gMEuiTivRmlNwl370VvfrWF9KAE+n4juCXr0GQO7h4 uVaA== X-Gm-Message-State: AOAM532LsOBQTqmaJseyGpY4WWnhh4kak/mq+NuHQOnDkg5KmLaZvMPt g6YSbVN5OSwDOQ550f10pnom/FbImPNp0w== X-Google-Smtp-Source: ABdhPJx84XrS2Mn5PMlpFnDyJdw7n3hh8GbBMuxVm0X49OV3uwFRN4pPcwOCfoZvqS6UmdOHtLIroQ== X-Received: by 2002:a0c:9122:: with SMTP id q31mr7843680qvq.10.1628953260324; Sat, 14 Aug 2021 08:01:00 -0700 (PDT) Original-Received: from localhost.localdomain (69-165-165-189.dsl.teksavvy.com. [69.165.165.189]) by smtp.gmail.com with ESMTPSA id n14sm2393033qti.47.2021.08.14.08.00.59 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Sat, 14 Aug 2021 08:00:59 -0700 (PDT) In-Reply-To: (Richard Stallman's message of "Tue, 10 Aug 2021 22:55:39 -0400") Received-SPF: none client-ip=2607:f8b0:4864:20::f2e; envelope-from=fitzsim@fitzsim.org; helo=mail-qv1-xf2e.google.com X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org Original-Sender: "Emacs-devel" Xref: news.gmane.io gmane.emacs.devel:272388 Archived-At: Richard Stallman writes: > [[[ To any NSA and FBI agents reading my email: please consider ]]] > [[[ whether defending the US Constitution against all enemies, ]]] > [[[ foreign or domestic, requires you to follow Snowden's example. ]]] > > > > I haven't tried yet, but I suspect using Emacs in my organization would > > be harder because, what GUID would I use? > > > I think it's worth the FSF getting such a globally unique identifier > > assigned for GNU Emacs, so that the permission-granting workflow would > > be as easy for Emacs as it is for Thunderbird. > > Can someone please find out _precisely_ what we would have to do? The official overview is on this web page: https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-register-app > And _precisely_ what we would have to agree to? Someone attempting this procedure will be presented with the required legal agreements as they go through the steps. I looked but I couldn't find a simple web page with all the terms of service. > In discussion months ago, previous reports said we would have > to apply to get a certain kind of code, and promise to keep it secret. > We would not be able to keep it secret. That discussion, in bug #41386, was about some of Google's email services. This discussion is about Microsoft's email services. > Does "GUID" refer to that same code? No. GUID here refers to a Microsoft-assigned public identifier. > Is this the same option or is it a different option? Microsoft's implementation of OAuth2 provides an application identification option that is different from the one that Google provides. It is the "public client application" option that was identified by David and discussed in this thread. With this option, there is no secret code, only the Microsoft-assigned public identifier that identifies Emacs. In principle it would be possible for Emacs source code to include that public identifier since it is not meant to be kept secret. Thomas