[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Making GNUS continue to work with Gmail

From: Lars Ingebrigtsen
Subject: Re: Making GNUS continue to work with Gmail
Date: Fri, 14 Aug 2020 12:13:23 +0200
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/28.0.50 (gnu/linux)

David De La Harpe Golden <david@harpegolden.net> writes:

> Anyway, decided to write it up and share it in case it's useful.
> Sorry for wall of text, tried to structure it somewhat:

Thank you; it's the most cogent article I've read on this subject.  :-)
Just some short comments:

> And IIUC a near-mandatory protocol extension (pkce rfc7636,
> https://oauth.net/2/pkce/ ) means core security properties are not or
> no longer strongly linked to these particular "secrets" being secret.

Yeah, they're not secret secrets, but just a way to make a specific
entity take responsibility for a class of API usage, which enables
easier tracking (and later billing).

> *2. What Thunderbird does data point, and not just a google problem:
> Google, Yahoo, Mail.ru, Yandex, Aol and Microsoft
> https://searchfox.org/comm-central/source/mailnews/base/src/OAuth2Providers.jsm#51

I guess it would be rude for Emacs to just use those credentials.  :-)

> *3. End-User supply of and/or override of client id and secret:
> https://www.chromium.org/developers/how-tos/api-keys
> I believe e.g. debian doesn't or didn't build their chromium with
> them, but still allows users to supply their own if they want by that
> mechanism.
> Also to note Julien Danjou appears to have already written an emacs
> oauth2 package:
> https://elpa.gnu.org/packages/oauth2.html

Yeah, we could just use that and tell the users to "just" register their
own developer accounts at Google and then put the keys somewhere.  It's
a really really horrid experience to go through, though, and Google will
sic an API compliancy review at the users at random.

(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no

reply via email to

[Prev in Thread] Current Thread [Next in Thread]