[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: oauth2 support for Emacs email clients
From: |
Thomas Fitzsimmons |
Subject: |
Re: oauth2 support for Emacs email clients |
Date: |
Tue, 10 Aug 2021 10:41:20 -0400 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/28.0.50 (gnu/linux) |
David Engster <deng@randomsample.de> writes:
>> It depends on the organization, I guess. My organization has IMAP
>> enabled. To use Thunderbird, I attempted to authenticate IMAP using
>> OAuth. The administrator received a request for access from
>> "Thunderbird" (identified by Thunderbird's Microsoft-assigned globally
>> unique identifier (GUID)), which they granted, after which I could use
>> Thunderbird with IMAP.
>
> You're lucky. :-)
Yes, I'm lucky in that my organization listened to me when I requested
that they leave IMAP and SMTP enabled during the transition to OAuth
(there was a proposal to disable IMAP and SMTP, and an apparent
perception that those protocols would only work with basic
authentication, which I helped correct).
I would recommend that others in organizations with Microsoft email
servers make similar requests to their administrators.
I suspect the request process would be easier for Emacs users if the
administrators saw "Emacs (<Emacs's official GUID>)" in the OAuth
message.
>> I haven't tried yet, but I suspect using Emacs in my organization would
>> be harder because, what GUID would I use?
>
> Well, you could just use Thunderbird's. It's all right here:
>
> https://github.com/mozilla/releases-comm-central/blob/master/mailnews/base/src/OAuth2Providers.jsm
>
> You shouldn't though, because that could get you in trouble.
>
> While all this stuff is essentially security theatre, good luck
> explaining that to your IT security department...
I explained to my IT administrator that I'd like to use Emacs for email.
Others should too. There's no shame in it. :-)
The FSF should do the legal legwork to figure out a best practice for
using Emacs and OAuth with Microsoft email servers, like Thunderbird
apparently has. Otherwise, how can we officially document how to
configure Emacs for such servers?
>From what you've found, it sounds like a viable approach would be for
the FSF to register Emacs with Microsoft as a public client application,
then we'd default a defcustom in oauth2.el to Emacs's Microsoft-assigned
GUID.
Thomas
- Re: oauth2 support for Emacs email clients, (continued)
- Re: oauth2 support for Emacs email clients, David Engster, 2021/08/08
- Re: oauth2 support for Emacs email clients, Thomas Fitzsimmons, 2021/08/08
- Re: oauth2 support for Emacs email clients, David Engster, 2021/08/08
- Re: oauth2 support for Emacs email clients, Thomas Fitzsimmons, 2021/08/08
- Re: oauth2 support for Emacs email clients, David Engster, 2021/08/08
- Re: oauth2 support for Emacs email clients, Roland Winkler, 2021/08/08
- Re: oauth2 support for Emacs email clients, Thomas Fitzsimmons, 2021/08/09
- Re: oauth2 support for Emacs email clients, David Engster, 2021/08/10
- Re: oauth2 support for Emacs email clients,
Thomas Fitzsimmons <=
- Re: oauth2 support for Emacs email clients, David Engster, 2021/08/10
- Re: oauth2 support for Emacs email clients, Alexandre Garreau, 2021/08/11
- Re: oauth2 support for Emacs email clients, Richard Stallman, 2021/08/10
- Re: oauth2 support for Emacs email clients, David Engster, 2021/08/11
- Re: oauth2 support for Emacs email clients, Richard Stallman, 2021/08/12
- Re: oauth2 support for Emacs email clients, Richard Stallman, 2021/08/10
- Re: oauth2 support for Emacs email clients, Thomas Fitzsimmons, 2021/08/14
- Re: oauth2 support for Emacs email clients, Gregory Heytings, 2021/08/14
- Re: oauth2 support for Emacs email clients, Tim Cross, 2021/08/08
- Re: oauth2 support for Emacs email clients, Eric S Fraga, 2021/08/09