Hi, Ævar Arnfjörð Bjarmason wrote: > It's been a while but I set this up at some point, why would git or > distros need to make/register a private key? Last I checked you can take > software like git-send-email or whatever, and just register a new > "jonathan's e-mail sending script" with Google's OAuth thingy. Yes, that's what I do. [...] > That seems like a much better approach than some centralized solution, > since as you note doing that will require some authority to manage keys > etc, and presumably if "jonathan's e-mail sending script" inadvertently > starts using git-send-email.perl to send spam, that would currently not > result in ban on "ævar's e-mail sending script", but if the two were > registered as the same application Google might overzelously ban those > as two tenticles of the same misbehaving "app". I agree that it wouldn't be worth "git send-email" registering for its own API key, mostly because registering for API keys with every email provider would be a distraction from what git send-email tries to do. On the other hand, I would mind a perl library or a commandline tool that git send-email calls having _its_ own API key. That would be helpful to other programs that want to send email as well, and it would help users who are not as patient as we are in trudging through the multi-step process required. For example, it's nice that KMail, Apple's Mail.app, and so on have their own API keys instead of every user of those programs having to generate their own. Of course, that's a broader topic than Git; it's not something that we on the Git list are uniquely positioned to do ourselves. I only mention it in case someone in this thread wants to write it. Then git send-email could use such a library or point to such a tool in its documentation. Thanks, Jonathan
