Hi Heikki,
Your proposal is a very good first step towards making account
configuration easy and understandable to the average
email user.
I agree entirely with your proposal and would like in fact to elaborate
further on how I see the Account setup process taking place.
When a user enters new account information they are presented with a
simple account setup wizard to enter the type of account (IMAP, POP,
SMTP) and the host, username, and password (The AccountDB proposal may
make it even easier).
Information such as port and SSL options are hidden from the user but
are accessible via an advanced menu.
When the user is about to complete the wizard the Mail Service performs
various tests on the account to see if it supports SSL or TLS and which
port to use (using default port logic i.e. imap is 143 imaps is 995).
The results of the Mail Service discovery are presented to the user on
the last page of the wizard ie.: This account supports secure
communication or This account does not support secure communication do
you wish to continue?.
This check is a more complex version of the current Mail Service test
account settings feature and will also report back any errors
in the actual account configuration (ie. bad host name or mis-typed
password).
If the user at a later date changes the hostname of the account the
automatic discovery process will need to be run again.
There is an issue if the isp changes its supported server
configuration. For example an isp may decide to disable direct SSL imap
connections on port 995 and instead force users to use a STARTTLS
command on port 143.
This change would cause a connection error in Chandler since the server
is no longer listening on port 995.
When the error displays to the user the GUI dialog should have an option
to rediscover settings for this account.
The user would either elect this option or not.
You also raised a good point about a growing trend in Cable and DSL
modem companies to allow insecure connections inside the network and
only secure connections outside its firewall.
Having multiple profiles per account which inherit from the default
account settings will make it much easier for user to check mail from
home and while roaming.
For example, for a given SMTP account your home profile could be:
port 25 unencrypted connection with no authentication
All other info (host, etc) inherited from the Account
Roaming:
port 587 encrypted connection with authentication
All other info (host, etc) inherited from the Account
When writing a message there would be a drop down menu which would allow you
to select which profile to use to send the message.
The profile setup could also be wrapped in an auto discovery process.
When the user creates a profile for a account
the Mail Service tries determine the best settings for the current
connection.
-Brian
Heikki Toivonen wrote:
During email security review we discussed how the email related security
settings are too hard for users. A while back I was also thinking about
this, and wrote a small proposal that would be easier for users:
http://wiki.osafoundation.org/bin/view/Journal/HeikkiToivonen20050512
--
Heikki Toivonen
------------------------------------------------------------------------
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
Open Source Applications Foundation "Dev" mailing list
http://lists.osafoundation.org/mailman/listinfo/dev
--
Brian Kirsch - Email Framework Engineer
Open Source Applications Foundation
543 Howard St. 5th Floor
San Francisco, CA 94105
(415) 946-3056
http://www.osafoundation.org
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
Open Source Applications Foundation "Dev" mailing list
http://lists.osafoundation.org/mailman/listinfo/dev
