Hi Albrecht,
Le 20-10-09 à 12 h 16, Albrecht Dreß a écrit :
Hi André!
Am 08.10.20 18:56 schrieb(en) andré via balsa-list:
Since Yahoo will very soon require OAuth2 (almost, they give
workarounds),
it would be nice if Balsa supports this standard, becoming more and
more common.
I'm working on that (see
<https://gitlab.gnome.org/GNOME/balsa/-/issues/40>), but it's very
complex with many pitfalls and points of failure, and as I had too much
“real life” (i.e. for €€€) work, everything has been delayed…
I'll try to speed up the implementation!
BTW, OAuth2 is *not* more secure than the traditional methods (when the
connection to the server is TLS encrypted, of course), and there has
been a lot of criticism about the whole concept (e.g. see this post by
one of the authors
<https://web.archive.org/web/20130116102852/http://hueniverse.com/2012/07/oauth-2-0-and-the-road-to-hell/>).
Best,
Albrecht.
That post reinforces a lot of comments I read recently about OAuth2
recently, having only seen the term before. I saw how it was made
complex by all the optional features.
Version 2.1, tries tries to simplify the standard, partly my making some
features non optional.
And there is a future version 3.0, which is a total rewrite of OAuth ...
Too bad the focus by some email service giants is not on simplicity in
security ...
Thanks for all the efforts you make to improve Balsa.
Regards,
André
_______________________________________________
balsa-list mailing list
balsa-list@gnome.org
https://mail.gnome.org/mailman/listinfo/balsa-list
