Google and OAuth 2.0

Onno Ekker o.e.ekker at
Fri May 2 14:19:50 UTC 2014

On Wed, Apr 30, 2014 at 8:47 PM, Joshua Cranmer 🐧 <Pidgeot18 at>wrote:

> On 4/25/2014 10:52 AM, Gervase Markham wrote:
>> security-measures-will-affect-older.html
>> Is this relevant to Thunderbird accessing Gmail?
> This was brought up in the status meeting, and we resolved to reach out to
> Gmail to clarify some questions. Here's the status of as right now:
> 1. The clarification from GMail IMAP folks is:
>> The bottom line is that GMail would really like Thunderbird to use OAuth2
>> for imap/smtp/pop access. If it doesn't, there's an increased possibility
>> that GMail will suspect the login attempt is unauthorized. If you keep
>> using the same IP address, or have two factor auth turned on, you'll most
>> likely be OK. Otherwise, the users run the risk of having to jump through
>> some hoops to get imap access again (I don't know the exact details of
>> that...)
> 2. I've made a post to the IMAP-protocol list about this topic (it felt
> more relevant there than the Kitten working group): <http://mailman13.u.
>>. From
> responses in the past 12 hours, it does seem like there is agreement by
> client implementers that some of these issues need to be resolved.
> 3. I've been told by both Bienvenu and Brandon that the OAuth people have
> been brought into the discussion, although they haven't responded publicly
> yet.
> It looks to me that it will be possible to see many of the concerns I have
> about OAuth discussed and addressed.
> As a side note, it also looks like other IMAP servers are planning on
> supporting OAuth 2.0. recently rolled out support for it as
> well, and I think there was another server the name of which I don't recall
> right now.
> --
> Joshua Cranmer
> Thunderbird and DXR developer
> Source code archæologist
> _______________________________________________
> tb-planning mailing list
> tb-planning at
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the tb-planning mailing list