From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.io!.POSTED.blaine.gmane.org!not-for-mail
From: David Engster <deng@randomsample.de>
Newsgroups: gmane.emacs.devel
Subject: Re: oauth2 support for Emacs email clients
Date: Tue, 10 Aug 2021 17:56:58 +0200
Message-ID: <87o8a5e1it.fsf@randomsample>
References: <52589.36892.953561.24840@gargle.gargle.HOWL>
 <E1mB3zO-0001a6-0V@fencepost.gnu.org> <87pmuofpai.fsf@gnu.org>
 <87sfzk71xw.fsf@randomsample> <m3y29cc8yv.fsf@fitzsim.org>
 <87k0kw6liw.fsf@randomsample> <m3lf5cc5sg.fsf@fitzsim.org>
 <87fsvk6i5e.fsf@randomsample> <m31r72cb1n.fsf@fitzsim.org>
 <87sfzhekgv.fsf@randomsample> <m3r1f1bbvz.fsf@fitzsim.org>
Mime-Version: 1.0
Content-Type: text/plain
Injection-Info: ciao.gmane.io; posting-host="blaine.gmane.org:116.202.254.214";
	logging-data="27588"; mail-complaints-to="usenet@ciao.gmane.io"
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.0.50 (gnu/linux)
Cc: emacs-devel@gnu.org, Roland Winkler <winkler@gnu.org>,
 Richard Stallman <rms@gnu.org>
To: Thomas Fitzsimmons <fitzsim@fitzsim.org>
Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org Tue Aug 10 17:57:55 2021
Return-path: <emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org>
Envelope-to: ged-emacs-devel@m.gmane-mx.org
Original-Received: from lists.gnu.org ([209.51.188.17])
	by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
	(Exim 4.92)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org>)
	id 1mDU8X-0006or-T7
	for ged-emacs-devel@m.gmane-mx.org; Tue, 10 Aug 2021 17:57:53 +0200
Original-Received: from localhost ([::1]:44920 helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org>)
	id 1mDU8W-0001Am-P1
	for ged-emacs-devel@m.gmane-mx.org; Tue, 10 Aug 2021 11:57:52 -0400
Original-Received: from eggs.gnu.org ([2001:470:142:3::10]:49792)
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <deng@randomsample.de>)
 id 1mDU7n-0000UJ-2e
 for emacs-devel@gnu.org; Tue, 10 Aug 2021 11:57:07 -0400
Original-Received: from [2a03:4000:42:1a1:9400:eeff:feb4:c8a0] (port=45056
 helo=zplane.randomsample.de)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <deng@randomsample.de>)
 id 1mDU7l-0004Ik-Ba; Tue, 10 Aug 2021 11:57:06 -0400
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
 d=randomsample.de; s=a; h=Content-Type:MIME-Version:Message-ID:Date:
 References:In-Reply-To:Subject:Cc:To:From:Sender:Reply-To:
 Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:
 Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id:
 List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive;
 bh=DHXaGHwGMm3QBqOJzdkjo5nI7xaipfhXgbe4zj9EikI=; b=cs4D3+LN1FO+9n9KEl/HASGOH
 tbuNkHeH3wOqcj/hHHXt+BqWeus8OV/AChyEp15oUboD2lO9HYE85Z+x4kSciL3XoupVNFtTKNSOh
 Yoe79rZDO46kEaurWHVvVjGA8Gt76qWPW+lLzOC92Lr+ysuY8B6GYKjHYDPRbA0HWVTpVnDAVArIZ
 +/Qvy6zYi4c3W0yOaQ8f4lUqADBXGcExWOu26kbtgHedSgAwddR/TwO3c9RuyELUk/MBK0d4WBs2C
 dtcTffKLC3l1K+3eGNuWh1iqqeqCMPSTm8uBgZRytz7omBRqYHIPNoIaX+t/Z1I+dMb03CZnbL8Io
 SjaUIStDQ==;
Original-Received: from vpn23b.hotsplots.net ([176.74.57.164] helo=void)
 by zplane.randomsample.de with esmtpsa
 (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92)
 (envelope-from <deng@randomsample.de>)
 id 1mDU7f-0003ZN-Kt; Tue, 10 Aug 2021 17:57:00 +0200
In-Reply-To: <m3r1f1bbvz.fsf@fitzsim.org> (Thomas Fitzsimmons's message of
 "Tue, 10 Aug 2021 10:41:20 -0400")
X-Host-Lookup-Failed: Reverse DNS lookup failed for
 2a03:4000:42:1a1:9400:eeff:feb4:c8a0 (failed)
Received-SPF: pass client-ip=2a03:4000:42:1a1:9400:eeff:feb4:c8a0;
 envelope-from=deng@randomsample.de; helo=zplane.randomsample.de
X-Spam_score_int: -12
X-Spam_score: -1.3
X-Spam_bar: -
X-Spam_report: (-1.3 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RDNS_NONE=0.793,
 SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=no autolearn_force=no
X-Spam_action: no action
X-BeenThere: emacs-devel@gnu.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: "Emacs development discussions." <emacs-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/emacs-devel>,
 <mailto:emacs-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/emacs-devel>
List-Post: <mailto:emacs-devel@gnu.org>
List-Help: <mailto:emacs-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/emacs-devel>,
 <mailto:emacs-devel-request@gnu.org?subject=subscribe>
Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org
Original-Sender: "Emacs-devel"
 <emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org>
Xref: news.gmane.io gmane.emacs.devel:272289
Archived-At: <http://permalink.gmane.org/gmane.emacs.devel/272289>

>> Well, you could just use Thunderbird's. It's all right here:
>>
>> https://github.com/mozilla/releases-comm-central/blob/master/mailnews/base/src/OAuth2Providers.jsm
>>
>> You shouldn't though, because that could get you in trouble.
>>
>> While all this stuff is essentially security theatre, good luck
>> explaining that to your IT security department...
>
> I explained to my IT administrator that I'd like to use Emacs for email.
> Others should too.  There's no shame in it. :-)

That's not what I meant. Your administrators might think that they have
only allowed Thunderbird to access IMAP, while in reality they have
whitelisted everything, because you can trivially copy the client-ID and
-secret from Thunderbird's source. That's what I mean with "security
theatre" - everyone's just sticking to the script.

-David