[MlMt] MailMate passed the CASA tier 2 security assessment (hurrah?)

[Bill Cole]

On 2024-06-08 at 06:21:14 UTC-0400 (Sat, 08 Jun 2024 12:21:14 +0200)
Benny Kjær Nielsen <mailmate at lists.freron.com>
is rumored to have said:

[...]
> Before going into what this means, I should tell you that I've completed the assessment and MailMate went into the “verified” state a week ago. This should make the MailMate/Gmail combination fairly safe for the next year. To be more precise, the verification expires May 7th 2025.
>
> Going forward, I will have to do this every year. This means that every year there is a potential risk of MailMate no longer being able to access Gmail accounts. Google might decide that some feature/language/library used by MailMate is no longer considered safe, or they might come up with some other requirement that I cannot easily satisfy. This is a risk that I somehow need to make sure that users are aware of before buying a license key. I'm still considering how to best solve this problem.

Thank you for doing this tedious yet disturbing task.

It is a very sad state of affairs that we've reached where service providers feel the need to vet every client application which they will allow to use their authentication systems. It is good that there is an open-ish process/standard (CASA) that hopefully will be common to all providers who demand this sort of thing, but the whole concept remains at odds with traditional core principles of the Internet.

-- 
Bill Cole