|
|
EDIT: If this is only a beta limit, fine, but my concerns are still relevant given Google has already indicated their intent to end support for what they call "less secure apps", which really aren't.
Zeon:
Internet moving from standards towards proprietary technologies?
Yes, and no. Microsoft and Google are pushing people towards OAuth authentication. There are RFCs which cover the use of OAuth with SASL (RFC 7628) but they are poorly defined and fail to address the elephant in the room - OAuth requires a mechanism for exchanging tokens. The discovery of the resource owner, authorization server endpoints, and client registration are outside the scope of this specification.
Currently, this means your SMTP/IMAP/POP connections would require HTTP for token renewal and user interaction to configure. Simply removing support for it and forcing people to use a proprietary interface is probably simpler. More below.
JaseNZ:
This is indeed very concerning. It's all about controlling your information and access to it IMO.
As a developer, if I want my software to work with GMail or other OAuth services, I have to create an application ID for each and every service or instruct users on how to set up their own and make my software work with it, meaning my software which is designed to robustly send notification e-mails via open standards, is at the mercy of a third party. If they decide my application isn't safe, doesn't meet their arbitrary standards or is making too many calls to their API, the software will break.
|
|
|
