undefined | Better HN

0 pointssuperkuh4y ago0 comments

If an email provider does not offer standard pop3 or imap it is not an email provider. It's just some web shit.

0 comments

5 comments · 2 top-level

md_4y ago· 3 in thread

IMAP with OAuth is standard. What am I missing?

It is not, in fact, a standard. It's a proprietary complicating thing that megacorps do and everyone else assumes is standard.

https://datatracker.ietf.org/doc/html/rfc6749 "The OAuth 2.0 Authorization Framework"

>This specification is designed for use with HTTP ([RFC2616]). The use of OAuth over any protocol other than HTTP is out of scope.

So now you have HTTP protocol being used for IMAP, or worse and more common, not-OAuth over IMAP and you call that standard? These are Microsoft, Google, etc announcements of proprietary things. Not standards. And every single megacorp requires a different custom solution to interact with.

tialaramex4y ago

> It is not, in fact, a standard. It's a proprietary complicating thing

Nope, it's a standard. Standards you don't like aren't proprietary, they're just standards which superkuh doesn't like.

1 more reply

Spivak4y ago

Why is it an issue that getting a token for use with IMAP requires an out-of-band HTTP request? How do you think SSO works for anything other than web services?

0xCMP4y ago

they offer both. they simply require more secure authentication. something which doesn't require the app to know the username or password. it's that simple.

j / k navigate · click thread line to collapse