Re: [art] Auto-configuring Email Clients via WebFinger

[Steffen Nurpmeso <steffen@sdaoden.eu>]

I did not want to be unfriendly by not responding to you!

John Levine wrote in <20190718051756.130D5510A29@ary.local>:
 |In article <20190717223114.cO5Om%steffen@sdaoden.eu> you write:
 |>|>> Plan A: if the server needs the user name and password, it sends back
 |>|>> a 401 response and the MUA sends them via RFC 7617 basic
 |>|>> authentication.  That seems largely backward compatible and invents a
 |>|>> minimum of new stuff.
 |>
 |>Just yesterday i (currently implementing OAUTHBEARER for a BSD
 |>Mail clone) thought how easy it would be if the OAUTHBEARER
 |>request would have additional fields, like refresh-token etc.
 |
 |I believe you, but as I may have said once or twice before, my
 |proposal is intended to be a compatible extension of the autoconfig
 |that the most popular open source MUA already has.

The pages which describe the feature seem to have been patched
together wildly over the years.  As they are now they do not put
confidence in what should really be done (to an extend).

 |>|One of the reasons Mozilla checks https://autoconfig.<domain>/ is \
 |>|exactly \
 |>|this:
 |>|it lets the mail department run a small special purpose web server \
 |>|separate from the main web servers.
 |>
 |>I will never understand where the benefit of turning mail clients
 |>into fully blown browsers actually is.
 |
 |I don't see how this follows.  In both of these proposals, the MUA makes
 |a few HTTP requests and then gets a blob of XML or JSON.  That skips \
 |the 95%
 |of browsers that render HTML.  (We'll ignore the detail that modern \
 |MUAs all
 |have that 95% anyway to render HTML mail.)

Ok, yes, simply talking a minimal set of HTTP in order to get
automatic configuration would really be easy to do; parsing the
answers could require an additional library, for the MUA
i maintain.  I personally would prefer seeing this in the DNS, but
since everything seems to move into .well-known, this is a target
as valid as everything else.

 |>Are you trying to enforce code reuse of anyway linked-in web kits,
 |>otherwise i do not know.
 |
 |No, I'm trying to make it backward compatible with existing MUAs.
 |
 |>In the end i will have to implement actions aka "clickable" URLs
 |>for a text-mode mail reader.
 |
 |I don't understand that at all.  Why would you need to do that?

You are of course right, this does not follow at all.
And, for one i definitely need to find a solution for such anyway;
and second the ConfigFileFormat Wiki indeed mentions form input
fields, except that this is declared "not yet supported" in an
accompanying comment.  (But the latter could simply be prompts in
a console based UI, of course.)

--steffen
|
|Der Kragenbaer,                The moon bear,
|der holt sich munter           he cheerfully and one by one
|einen nach dem anderen runter  wa.ks himself off
|(By Robert Gernhardt)