R
We are implementing the final version of RFC9421 (HTTP Signatures) in Mastodon, and would like to test this with other ActivityPub implementations.
Do you know of any AP implementations supporting both incoming (verification) and outgoing (signing) RFC9421 signatures, and if possible with support for the double-knocking mechanism as described in https://swicg.github.io/activitypub-http-signature/ (section 3.5)?
I would advise not to outright open a PR to Mastodon, but reach out to us first and discuss what can be done, and what the plan for action should be.
We want to solve this problem of replies, but it has many complex impacts (how do we represent a conversation in Mastodon ? What about backward compat ? What is required on upgrading ?)
A contributor is working on improving reply fetching (https://github.com/mastodon/mastodon/pull/32615) and we are making slow progress, but I guess this is orthogonal to those other context-related RFCs.
I am not an ActivityPub expert and not the best person to discuss this, but we can have a call together and see what needs to be done to improve the situation in Mastodon.