On a related note, there's a group working on an OAuth2 binding for IMAP (and other SASL based protocols) here:
http://tech.groups.yahoo.com/group/sasl_oauth/ Currently, we're trying to figure out how Mail clients are supposed to discover what scopes they need. Also, most Mail clients would probably want more than just "IMAP" scope, they probably also want to access other related services, including SMTP, CalDAV, LDAP, Portable Contacts, etc. Allen On 5/3/10 6:57 AM, "Manger, James H" <james.h.man...@team.telstra.com> wrote: > > [I am not sure that IMAP is a great example as I assume it isn't an HTTP > protocol, but ignoring that] > I hope that if an IMAP service says "I support OAuth2", and a client app says > "I understand IMAP and OAuth2" then they can interoperate with minimal config. > The app may need an app-id/secret, it may need an URI to start at (perhaps > even a complicated one), but I hope it doesn't also need a table of > service-specific permission labels against every possible IMAP operation. > _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth