Hot take: It is bad that #ActivityPub software implements #AUTHORIZED_FETCH, also known as secure mode, because, contrary to its name, it does not actually contribute to security and instead gives a false sense of security.
swicg.github.io/activitypub-ht…
https://fosstodon.org/@hongminhee/113541511749436082
https://swicg.github.io/activitypub-http-signature/#authorized-fetch
Posts tagged #authorized_fetch
2024-11-25 hongminhee ┃ 1🔗 2#️
As proof, #ActivityPub objects that require #AUTHORIZED_FETCH can be easily looked up with the `fedify lookup -a` command.
fedify.dev/cli#a-authorized-fe…
2024-11-25 hongminhee ┃ 1🔗 2#️ 2💬
所信發言: #ActivityPub 소프트웨어들이 #AUTHORIZED_FETCH, 이른바 시큐어 모드(secure mode)를 갖추는 것은 이름과 달리 정말로 시큐리티가 나아지게 하지 않으며, 오히려 安全하다는 錯覺(false sense of security)을 주기 때문에 나쁘다고 […]
────
────