Conversation

Notices

1. Embed this notice
   Raphael Lullis (raphael@mastodon.communick.com)'s status on Wednesday, 14-Jan-2026 22:39:47 JST Raphael Lullis

   • Evan Prodromou

   @evan no, but...

   - All public activities should be resolvable
   - All activities should be self-authenticating

   • Embed this notice
     Evan Prodromou (evan@cosocial.ca)'s status on Wednesday, 14-Jan-2026 22:39:46 JST Evan Prodromou

     in reply to

     @raphael what do you mean by "self authenticating"?

   • Embed this notice
     Evan Prodromou (evan@cosocial.ca)'s status on Thursday, 15-Jan-2026 06:31:48 JST Evan Prodromou

     in reply to

     • marius

     @mariusor @raphael you are correct! That's the whole point.

   • Embed this notice
     marius (mariusor@metalhead.club)'s status on Thursday, 15-Jan-2026 06:31:49 JST marius

     in reply to

     • Evan Prodromou

     @raphael I understand that, but in the model that ActivityPub follows, where you get the canonical representation of an object by fetching its IRI (which is what I thought you referenced with your first point in the grand parent), you don't really need a signature in my humble opinion, unless your threat vector is a malicious originating server, which frankly ActivityPub has no means to mitigate as things are.

     @evan

   • Embed this notice
     Raphael Lullis (raphael@mastodon.communick.com)'s status on Thursday, 15-Jan-2026 06:31:51 JST Raphael Lullis

     in reply to

     • marius
     • Evan Prodromou

     @mariusor @evan

     identifying != authenticating.

     Anyone can generate a document that looks like it came from your server, but if the document has a signature embedded in the document, we can verify its authenticity just by having your public key.

   • Embed this notice
     marius (mariusor@metalhead.club)'s status on Thursday, 15-Jan-2026 06:31:52 JST marius

     in reply to

     • Evan Prodromou

     @raphael I think that by default if the server is not around any more the activity is no longer resolvable. As far as I know there's no plans for dropping identifying ActivityPub objects strictly by their IRI. :)

     @evan

   • Embed this notice
     Raphael Lullis (raphael@mastodon.communick.com)'s status on Thursday, 15-Jan-2026 06:31:53 JST Raphael Lullis

     in reply to

     • Evan Prodromou

     @evan

     I mean "using something like Linked Data signatures, so that anyone can verify the authenticity of the message even if it server is not around anymore"

   • Embed this notice
     Evan Prodromou (evan@cosocial.ca)'s status on Thursday, 15-Jan-2026 07:39:03 JST Evan Prodromou

     in reply to

     • marius

     @raphael @mariusor I should have been clearer. The signature is useless if you abbreviate the object.

   • Embed this notice
     Raphael Lullis (raphael@mastodon.communick.com)'s status on Thursday, 15-Jan-2026 07:39:05 JST Raphael Lullis

     in reply to

     • marius
     • Evan Prodromou

     @evan

     > You can't use abbreviated versions of the object.

     Why not? I would expect the signature in a document only to authenticate the document, not as an intrument to validated the objects referenced in the document.

     @mariusor

     Depends on your definition of "malicious", but there are servers offering "community migration" that works by taking all the objects from one actor and rewriting as their own and changing the to/audience fields. Somehow this rubs me the wrong way.