I'm adding support for multiple public keys per actor in Smithereen for future-proofing purposes.
-
I'm adding support for multiple public keys per actor in Smithereen for future-proofing purposes. Are there any signature algorithms other than RSA currently in use on the fediverse? ECDSA maybe?
-
I'm adding support for multiple public keys per actor in Smithereen for future-proofing purposes. Are there any signature algorithms other than RSA currently in use on the fediverse? ECDSA maybe?
@grishka The most popular alternative is EdDSA, supported by some servers (especially go-based ones). Nobody emits anything but RSA though because mastodon doesn't support anything else. Motherfuckers hold us all back
-
I'm adding support for multiple public keys per actor in Smithereen for future-proofing purposes. Are there any signature algorithms other than RSA currently in use on the fediverse? ECDSA maybe?
@grishka EdDSA.
Maybe ML-DSA-44 in the future.
-
? [[global:guest]] crossposted this topic to General Discussion
-
I'm adding support for multiple public keys per actor in Smithereen for future-proofing purposes. Are there any signature algorithms other than RSA currently in use on the fediverse? ECDSA maybe?
@grishka yeah, ed25519 for some of my actors supported by GoActivityPub. (Well, it could be anything that the Go crypto library supports, but only ed25519 is in some use)
-
@grishka yeah, ed25519 for some of my actors supported by GoActivityPub. (Well, it could be anything that the Go crypto library supports, but only ed25519 is in some use)
@mariusor do you have any examples of actors that have a ed25519 key?
-
@mariusor do you have any examples of actors that have a ed25519 key?
@grishka active ones, no.
Inactive: https://federated.id/actors/7795b462-d883-48dc-adbb-5169270f5638
PS. I can create you one if you want to test.
-
@grishka active ones, no.
Inactive: https://federated.id/actors/7795b462-d883-48dc-adbb-5169270f5638
PS. I can create you one if you want to test.
@grishka ah, here's an active one: https://federated.id/actors/a1517c06-7131-4437-84b0-025837e9da39/
-
@grishka ah, here's an active one: https://federated.id/actors/a1517c06-7131-4437-84b0-025837e9da39/
@grishka sent an activity to your friends.grishka.me account:
https://federated.id/activities/f8691286-d2a3-47dc-9060-d93a50930154
-
@grishka sent an activity to your friends.grishka.me account:
https://federated.id/activities/f8691286-d2a3-47dc-9060-d93a50930154
@mariusor predictably, that didn't work.
Another thing I didn't realize is that the type of the key isn't specified next to it... That's gonna be quite a nuisance.
-
@mariusor do you have any examples of actors that have a ed25519 key?
-
@silverpill @mariusor ohh so that's how backwards compatibility is going to work. I thought `publicKey` would just become an array since the spec permits that iirc
-
@mariusor predictably, that didn't work.
Another thing I didn't realize is that the type of the key isn't specified next to it... That's gonna be quite a nuisance.
@grishka yeah, you need to let the crypto library autodetect the type of key. OpenSSL manages to do it:
curl -s https://federated.id/actors/a1517c06-7131-4437-84b0-025837e9da39 | jq -r .publicKey.publicKeyPem | openssl pkey -pubin -text
-
@silverpill are we allowing Mastodon guide ActivityPub development again, when alternatives exist?
-
@grishka yeah, you need to let the crypto library autodetect the type of key. OpenSSL manages to do it:
curl -s https://federated.id/actors/a1517c06-7131-4437-84b0-025837e9da39 | jq -r .publicKey.publicKeyPem | openssl pkey -pubin -text
@mariusor Java's built-in crypto API can't do that unfortunately as far as I know. I guess I'll have to try every supported type on every key until I find one that works
-
@silverpill are we allowing Mastodon guide ActivityPub development again, when alternatives exist?
-
@silverpill yep. Your bane, more JSON-LD bullshit.

@grishka -
@silverpill yep. Your bane, more JSON-LD bullshit.

@grishka@mariusor @silverpill Smithereen is one of the few ActivityPub implementations that actually uses JSON-LD contexts not just for LD signatures but also when parsing data, so not a problem for me in particular
-
@mariusor Java's built-in crypto API can't do that unfortunately as far as I know. I guess I'll have to try every supported type on every key until I find one that works
@grishka it should be. The ASN package that gets encoded to PEM should have the algorithm value set:
curl -s https://federated.id/actors/a1517c06-7131-4437-84b0-025837e9da39 | jq -r .publicKey.publicKeyPem | openssl asn1parse
-
@silverpill yep. Your bane, more JSON-LD bullshit.

@grishka -
@mariusor @grishka For example,
assertionMethodspecifies keys for signing,keyAgreementfor encryption https://www.w3.org/TR/cid/#verification-relationships
Hello! It looks like you're interested in this conversation, but you don't have an account yet.
Getting fed up of having to scroll through the same posts each visit? When you register for an account, you'll always come back to exactly where you were before, and choose to be notified of new replies (either via email, or push notification). You'll also be able to save bookmarks and upvote posts to show your appreciation to other community members.
With your input, this post could be even better 💗
Register Login