Christopher Lemmer Webber is a user on octodon.social. You can follow them or interact with them if you have an account anywhere in the fediverse. If you don't, you can sign up here.
Nick Doty @npd

Would it be useful to do a broader privacy review of ActivityPub and Mastodon-federation?
/cc @cwebber @sandro
lists.w3.org/Archives/Public/p

Christopher Lemmer Webber @cwebber

@npd @sandro Seems like a good idea. (We did raise AP to the w3c security list much earlier, almost exactly a year ago on Wed 28 Sep 2016, but we didn't get a response then.)

· Web · 0 · 0
Christopher Lemmer Webber @cwebber

@sandro @npd BTW one thing that has not really possible to get normatively in the spec is the authentication section of the spec; two non-normative paths were laid out: OAuth 2.0 w/ bearer tokens, or a Linked Data Signatures + HTTP Signatures route. Mastodon has gone the latter, which I suspect will bring the rest of the network in that direction.

Christopher Lemmer Webber @cwebber

@npd @sandro That's non-normative, and will remain so in the spec, but maybe useful information to know.

octodon.social powered by Mastodon