💾 Archived View for libreserver.org › blog › json-signatures-redux.gmi captured on 2024-12-17 at 09:38:53. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2021-12-03)
-=-=-=-=-=-=-
Since the last blog post I've figured out more about how the context field is used in ActivityPub posts, and support for more common context schemas has been added to Epicyon [1]. This should improve the signature checking, so that if you enable *"verify all signatures"* there should be a higher percentage of passes than was the case previously. But by default I'll leave json signature checking on incoming posts off. This also saves on processing power for single board computers, since it's the cryptography which comprises most of the computational cost of running the system.
In the process of making the signatures work I've also generally learned more about json-LD [2]. I'm not highly enthusiastic about it, because networks of schemas do potentially create brittleness and potential for *denial of service*, whereas what I'm trying to do is to increase autonomy at the individual server level and to try to make it as robust to failures as possible. For example, I can imagine situations in which the failure of a single server produces cascading failures in other servers who rely upon dereferencing remote schemas.
If you're not familiar with json-LD then there is some good information about it in this APconf talk [3].