Welcome Guest
Login
Magic Sign-On
Remote Authentication
Home
Channel
Magic Sign On
Apps
System Apps
Directory
Help
Language
Random Channel
Report Bug
Search
Thu, 25 Jan 2024 05:06:03 -0600
View Profile
FenTiger
fentiger@zotum.net
What are the use cases for signed HTTP requests in the #
Fediverse
?
I'm aware of two: #
ActivityPub
(including public key lookups) and the #
OpenWebAuth
/owa
endpoint.
Are they used for anything else?
#
FediDev
Link to Source
1 Like
Magic Sign On
Sun, 04 Feb 2024 06:04:39 -0600
View Profile
Helge
helge@mymath.rocks
Signed HTTP request allow you to verify, the authorship of an ActivityPub Request. So it is the mechanism for the push based Fediverse, i.e. using POST requests to the inbox, to prevent impersonation.
I think I like to use the term
impersonation resistance
for what HTTP Signatures do.
Link to Source
3 Likes
FenTiger
Scott M. Stolz
Magic Sign On
Mon, 05 Feb 2024 03:10:02 -0600
View Profile
FenTiger
fentiger@zotum.net
@
Helge
Yes, but in what contexts?
The two obvious ones are
Signed POST of activity to inbox
Signed GET of ActivityPub object
Recently I added a third:
Request to OpenWebAuth
/owa
endpoint
Is my list complete?
Link to Source
1 Like
Scott M. Stolz
Conversation Features
Loading...
Conversation Features
Loading...
Login
Magic Sign On
Local Login
Register
Login
Email or nickname
Password
Remember me
Login
Register
Password Reset
Sign On with Magic Sign On
Sign On with Hubzilla
Remote Authentication
Sorry, you have got no notifications at the moment
.
.
.
{2}
{4}
{2}
{10}