Re: gmail+imap+smtp (oauth2)

[Tim Cross]

Uwe Brauer <oub@mat.ucm.es> writes:

> [[S/MIME Signed Part:Undecided]]
>>>> "SM" == Stefan Monnier <monnier@iro.umontreal.ca> writes:
>
>>> authentication uses the TOTP protocol, for which there are several Free
>>> Software implementations readily available.
>
>> Including one in ELisp
>
>>     https://github.com/juergenhoetzel/emacs-totp
>
>> which we could add to GNU ELPA, I believe.
>
> Now I am bit confused, as Robert confirmed it would be enough to have
>
> ,----
> | 
> | 
> |  (setq gnus-select-method (list 'nnnil "")) 
> |  (setq gnus-secondary-select-methods nil)
> |  (setq gnus-secondary-select-methods
> |        '(
> |     (nnimap "UCMgmail"
> |             (nnimap-address "imap.gmail.com")
> |             (nnimap-server-port 993)
> |                  ;; (nnimap-authinfo-file "~/.authinfo.gpg")
> |             (nnimap-authinfo-file "~/.authinfo")
> |             (nnimap-stream ssl)
> |                  ;;(nnimap-stream starttls)
> |                  (nnimap-fetch-partial-articles "text/")
> |             (nnir-search-engine imap))))
> | 
> |  And put in authinfo my app password instead my «normal» one?
> |
> | Robert> yes
> `----
>
> So where is emacs-totp needed in this workflow?
>

It isn't - at least not directly. 

The TOTP protocol is what authentication apps use to generate unique one
time passwords. You can use such a technique with some 2FA setups for
the 2nd factor. You only use the 2FA authentication to login to your
google account to generate the application passwords. The suggestion is
that you could use the emacs implementation instead of Google
Authenticator or Facebook authenticator etc.