From: David Engster <deng@randomsample.de>
To: Florian Weimer <fw@deneb.enyo.de>
Cc: Lars Ingebrigtsen <larsi@gnus.org>,
Robert Pluim <rpluim@gmail.com>,
Bob Newell <bobnewell@bobnewell.net>,
ding@gnus.org
Subject: Re: oauth to be required for gmail
Date: Mon, 23 Dec 2019 13:09:40 +0100 [thread overview]
Message-ID: <87lfr3fdkr.fsf@randomsample> (raw)
In-Reply-To: <878sn3qpco.fsf@mid.deneb.enyo.de> (Florian Weimer's message of "Mon, 23 Dec 2019 11:59:51 +0100")
> My point is that it is pretty much impossible to complete that
> sequence without a complete, Javascript-enabled web browser. But that
> mode, while ridiculously complex, still isn't as pointless as the
> approach with static password that is not actually secret and thus
> does not serve any purpose at all.
The real solution would be if Google supported RFC 7591 and RFC
7628. This is also what the comment above the hard-coded credentials in
Thunderbird says. I predict this will never happen because the providers
are actually quite happy with the current situation. It allows them to
control which applications may access their services, and it pushes more
users away from using third-party desktop mail client. Remember that
Google wants you to use the web while being logged in, since this makes
it much easier for them to track you.
I think the "solution" is to tell users they need to set those
credentials themselves. There are no widespred OAuth credentials which
we could simply use without being shady. The real solution of course is
that users simply stop using Google Mail and choose a proper mail
provider.
-David
next prev parent reply other threads:[~2019-12-23 12:09 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-12-16 19:48 Bob Newell
2019-12-16 20:49 ` Florian Weimer
2019-12-16 22:45 ` Bob Newell
2019-12-17 0:17 ` Jude DaShiell
2019-12-17 5:40 ` Pankaj Jangid
2019-12-18 5:52 ` 황병희
2019-12-21 10:26 ` Florian Weimer
2019-12-21 10:50 ` 황병희
2019-12-16 22:46 ` Bob Newell
2019-12-17 8:03 ` Robert Pluim
2019-12-17 17:11 ` Lars Ingebrigtsen
2019-12-17 17:41 ` David Engster
2019-12-18 5:31 ` Bob Newell
2019-12-23 10:50 ` Florian Weimer
2019-12-18 7:07 ` David Engster
2019-12-23 10:59 ` Florian Weimer
2019-12-23 12:09 ` David Engster [this message]
2019-12-24 5:16 ` Bob Newell
2019-12-24 16:53 ` Lars Ingebrigtsen
2019-12-26 7:03 ` Steinar Bang
2019-12-28 20:43 ` Jouni K. Seppänen
2019-12-26 10:04 ` David Engster
2020-01-07 17:07 ` Jorge A. Alfaro-Murillo
2020-01-07 18:44 ` Eric Abrahamsen
2020-01-07 19:52 ` David Engster
2020-01-08 3:24 ` Pankaj Jangid
2020-01-08 3:28 ` Pankaj Jangid
2019-12-17 17:33 ` David Engster
2020-08-03 3:19 ` just ping (Was: Re: oauth to be required for gmail) 황병희
2020-08-06 12:35 ` just ping 황병희
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87lfr3fdkr.fsf@randomsample \
--to=deng@randomsample.de \
--cc=bobnewell@bobnewell.net \
--cc=ding@gnus.org \
--cc=fw@deneb.enyo.de \
--cc=larsi@gnus.org \
--cc=rpluim@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).