Evan Prodromou
Evan Prodromou
This is a great idea!
@lgloege what do we need to do to close this?
@jernst I don't think anyone expects servers to always deliver every incoming activity. Obviously, some filtering will occur due to blocks, spam filters, or other needs. [Section B.6](https://www.w3.org/TR/activitypub/#security-spam) says: >...
I think this is covered. @jernst please let us know if you think this is insufficient.
This makes sense; if people as well-versed in ActiivtyPub as @trwnh can find the requirements here confusing, we should add some clarification to point out this requirement. In particular, that...
I think it makes sense to leave this open until a FEP exists that provides the necessary functionality. Using `Accept` and `Reject` would probably work probably work equally well.
So, I don't believe the `oauthRegistrationEndpoint` term is part of the AS2 context nor in the document, so I don't think this is a case for a PR. I think...
Another option is to create a FEP for encouraging the use of RFC 8414.
https://codeberg.org/fediverse/fep/src/branch/main/fep/d8c2/fep-d8c2.md also has a flow without registration -- the ID is just an URL of an Application document and no client secret.
I agree that this is an important topic that balances out users' expectations against the implementation details. I think the state of the art today is that "to": "Public" means...