[TRACKING] FEP-d556: Server-Level Actor Discovery Using WebFinger #243
Labels
No labels
bug
contribution welcome
duplicate
enhancement
FEP Draft
FEP Final
FEP Withdrawn
final comments
good first issue
help wanted
invalid
meta
question
syntax fix
upstream
No milestone
No project
No assignees
4 participants
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference
fediverse/fep#243
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
The proposal has been received. Thank you!
This issue tracks discussions and updates to the proposal during the
DRAFTperiod.Please post links to relevant discussions as comment to this issue.
dateReceived: 2024-01-20If no further actions are taken, the proposal may be set by editors to
WITHDRAWNon 2025-01-19 (in 1 year).Discussion: https://socialhub.activitypub.rocks/t/fep-ceee-instance-level-actor-discovery-using-webfinger/3861
FEP updated via #247
[TRACKING] FEP-ceee: Instance-Level Actor Discovery using WebFingerto [TRACKING] FEP-d556: Server-Level Actor Discovery Using WebFingerFEP updated via #251
FEP updated via #377
FEP updated via #429
FEP updated via #506
Finalized: #522
The general idea seems to help in our case get-public-key as sketched out here:
meissa/forgejo#18/files
But I request to make this spec more precise for following questions:
httpssupported (e.g.GET /.well-known/webfinger?resource=http://server.example/) ?GET ...?resource=http://server.example/vs.GET ...?resource=http://server.example)GET /.well-known/webfinger?resource=Https://Server.example) ? Normalization is not part of webfinger spec ...Application(as implemented in Mastodon) orService(as implemented in GTS) - having just one spec conform type would be a cool improvement :-)Pinging the author of this proposal: @steve-bate
It has the
FINALstatus, but FEP process permits minor changes as long as they don't affect existing implementations.Hello @jerger, I reviewed the changelist and the WebFinger usage wasn't clear to me. However, I can still address some of your comments and questions.
For the first group of questions, this is covered by the WebFinger and URI specifications. The
resourcequery parameter is a URI rfc3986. Based on the URI specification: ports are allowed, non-https schemes are allowed (e.g., 'http', 'acct:', 'did:', 'urn:', ...), a trailing slash is a different URI than one without the slash (different number of path segments), and the hostname component of a URI (if any) is case-insensitive (but lowercase is recommended).For the second group of comments, this sounds like an excellent candidate for a short use case-specific FEP based on the general FEP-d556 proposal.
(As a side note: I self-host a forgejo instance and I'm a big fan of the project. Thanks for your work on it.)
I'm looking at the FEP and there is something that is unclear to me, specifically as it affects setups that use a split-domain:
domain.tldsub.domain.tldIn this case, the Server Actor account URI is (typically)
acct:sub.domain.tld@domain.tldwith an actor URL along the lines ofhttps://sub.domain.tld/sub.domain.tld.When trying to request the instance actor, which of the two domains should the request be expected for? Since typically you'd request
acct:local@domain.tld, it stands to reason it should behttps://domain.tld/. But if a request were to come in forhttps://sub.domain.tld/, should that elicit the same response?There's one other thing I'm not eniterly clear on. The spec states:
However, it's also possible for the document to return multiple server level actors, as it shows later on in the spec. In that case, the recommendation of using the Actor URI seems like it wouldn't work, as there can be multiple. Since this is about discovering server-level actors, shouldn't the
subjectalways be the instance/server domain?