I think FEP-ae97 with server-independent IDs is the best way to make identities and data portable in #ActivityPub world.
FEP-c390 + Move activity makes identity portable but not data, and requires wide adoption to provide meaningful benefits. So far there haven't been much interest from developers.
FEP-ae97 with server-independent IDs makes data portable as well, and while it is not compatible with existing software, the server can support both AP flavors at the same time, so it is not worse than FEP-c390 + Move. I also found a way to make it work with Mastodon API, that makes it a clear winner.
There is still a couple of things that need to be figured out, of course:
- What it the best way to specify a list of hosts where data is stored? I'm not entirely satisfied with ?hosts=server1.example,server2.example solution.
- How to encrypt data? It's harder to maintain confidentiality of private messages when they are stored on multiple servers, therefore they should be encrypted.