Ariadne Conill

1. who sends the `Accept` messages? 2. if anyone can send the `Accept` messages how does forgery prevention work? since Pleroma use capability URIs extensively for forgery protection (and Mastodon...

so say Elaine sends a `Create` that Alice`Accept`s. it is addressed to Alice herself and Elaine's followers collection. how does Alice forward those messages to Elaine's followers collection without walking...

Pleroma always refetches any URI that is not local, to protect against forgery and enforce object integrity. It is one of the reasons we are opposed to inline signature schemes...

That is precisely what object capability enforcement is.

keep in mind that use of ld-sigs is untenable in Pleroma

> I'm tentatively in favor of this although I think we need a more rigorous definition of what a "fediverse participant"/"authenticated user" is. An as2 client? an actor? a `Person`...

To be absolutely clear, the purpose behind `as:Authenticated` is to make `as:Public` literally public again. The intent is to allow users to choose a default of `as:Authenticated` or their own...

I'm open to alternative solutions to the problem, but this is something that requires a mitigation. Bluntly, the `to` and `cc` fields are 100% "advisory policy," but they exist in...

my suggestion on the mastodon side would be to make a new scope and set that as the default for users. it is possible that some users may truly want...

> > why pretend that authentication is even involved? > > Isn't it already possible to require authentication as a server-side software policy? Sure, it's purely "advisory policy" if fetching...