Question about HTTP Signatures in #ActivityPub, IIUC the header is a digest of the HTTP body.
-
Question about HTTP Signatures in #ActivityPub, IIUC the header is a digest of the HTTP body. Given that JSON is not white-space sensitive, does that mean that storing the response must preserve the indentation used by the server?
-
Question about HTTP Signatures in #ActivityPub, IIUC the header is a digest of the HTTP body. Given that JSON is not white-space sensitive, does that mean that storing the response must preserve the indentation used by the server?
@PuercoPop Yes, but why do you want to store the response? HTTP signatures are not supposed to be re-used.
-
? Guest crossposted this topic to General Discussion
-
@PuercoPop Yes, but why do you want to store the response? HTTP signatures are not supposed to be re-used.
@silverpill Sorry for being imprecise, I meant the response as the response body, not the entire HTTP response. I'm wondering if having white-space sensitive JSON means one can't use JSONB to store the response.
What I'm trying to understand is if the HTTP signature is useful to provide a way for users/clients to verify the integrity of the activity, similar to how sha256.sum is used in software distribution.
-
@silverpill Sorry for being imprecise, I meant the response as the response body, not the entire HTTP response. I'm wondering if having white-space sensitive JSON means one can't use JSONB to store the response.
What I'm trying to understand is if the HTTP signature is useful to provide a way for users/clients to verify the integrity of the activity, similar to how sha256.sum is used in software distribution.
@PuercoPop I think HTTP signatures are not good for that, but you can put a signature inside an activity:
https://fediverse.codeberg.page/fep/fep/8b32/
"integrity proofs" proposed in this document use JSON Canonicalization Scheme, which is not whitespace-sensitive.
Hello! It looks like you're interested in this conversation, but you don't have an account yet.
Getting fed up of having to scroll through the same posts each visit? When you register for an account, you'll always come back to exactly where you were before, and choose to be notified of new replies (either via email, or push notification). You'll also be able to save bookmarks and upvote posts to show your appreciation to other community members.
With your input, this post could be even better 💗
Register Login