upvote

points

by pojntfx5 hours ago |
comments
upvoteby dang2 hours ago|
next
[-]
Currently discussed here: 2,100 Swiss municipalities showing which provider handles their official email - https://news.ycombinator.com/item?id=47828420
reply
upvoteby gnabgib2 hours ago|
parent|
[-]
A post from the same account, no less :|
reply
upvoteby dethos3 hours ago|
prev|
next
[-]
Nice. I wonder how hard it would be to take the open-source code of the project and adapt it to other countries.
reply
upvoteby doener3 hours ago|
prev|
next
[-]
Actually it's only the eMail handling which is probably the easiest one to replace.
reply
upvoteby 1over1374 hours ago|
prev|
next
[-]
Cool map! MX as in mail exchanger. For something as easy (for IT pros at least) as email, that map should be all green!
reply
upvoteby arcza4 hours ago|
parent|
[-]
Not easy at all.

Think about integrating calendars, corporate contacts (from AD), handling RSVP replies said mx server receives and updating the calendar server, securely deal with modern auth (+ legacy krb5 auth, yuk). It's a huge hassle and everything except Exchange only handles 80% of this.

Modern expectations now want: web clients (OWA), todo lists, integrated storage (SP/OneDrive), and push notifications to any phone from any vendor.

So yeah, the only on prem solution is still Exchange.

reply
upvoteby prmoustache3 hours ago|
parent|
next
[-]
I don't think these things are as important as you think.

RSVP for example. Nobody read or cares who and what people reply. In the last 4 companies I worked for (including one in Switzerland), nobody cared if I accepted or confirmed my attendance to the meeting and would try to call me/force me into a meeting even when my status showed I was on another shsring my screen. And nobody seems to respond nowadays nor check calendars for availability and avoiding conflicts.

reply
upvoteby arcza2 hours ago|
parent|
[-]
But what about push notifications to mobile? I'm not aware of anything that handles this as well as Exchange ActiveSync. it's reasonable that you get an email within sub 1 minute latency, not 15 min polling.
reply
upvoteby pheggs3 hours ago|
parent|
prev|
[-]
if you dont mind asking, what dont you like about kerberos? I personally like it quite with certs / hardware token

to be honest, most things you list can be setup with some research. The only one I am not sure about is integrated storage, but then I am also not entirely sure what that even is supposed to mean exactly

reply
upvoteby arcza2 hours ago|
parent|
[-]
The user experience between a phone, tablet and computer should be symbiotic. Krb is not a first class thing in the mobile world. So users now hav great Krb experience with Outlook.exe but are typing passwords into Safari at owa.example.com (anywhere you type an AD password that isn't lsass or ADFS is really not good posture)

So, passwords are bad and the password is a key component of krb. Moving away from passwords is a step in the right direction eg OIDC.

reply
upvoteby pheggs2 hours ago|
parent|
[-]
right given the product names I assume you are on windows. with kerberos people shouldnt have to type their passwords into apps at all, and if you use pkinit there are no passwords at all?

i give you the mobile part, I dont know how well it is supported - iOS claims to have support though, and android through third parties I believe. Never tried that. Its just that I personally have a preference for auth methods that dont require opening a browser for desktop apps

reply
upvoteby aaron6953 hours ago|
prev|
[-]
[dead]
reply