Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • World
  • Users
  • Groups
Skins
  • Light
  • Brite
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor

  • Default (No Skin)
  • No Skin
Collapse

NodeBB

  1. Home
  2. Technical Discussion
  3. I'm adding support for multiple public keys per actor in Smithereen for future-proofing purposes.

I'm adding support for multiple public keys per actor in Smithereen for future-proofing purposes.

Scheduled Pinned Locked Moved Technical Discussion
activitypubmastodev
1 Cross-posts 22 Posts 4 Posters 0 Views
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • silverpill@mitra.socialS silverpill@mitra.social

    @grishka @mariusor My actor has an ed25519 key. Check out FEP-521a - that's what Mastodon is implementing.

    mariusor@metalhead.clubM This user is from outside of this forum
    mariusor@metalhead.clubM This user is from outside of this forum
    mariusor@metalhead.club
    wrote last edited by
    #13

    @silverpill are we allowing Mastodon guide ActivityPub development again, when alternatives exist?

    @grishka

    silverpill@mitra.socialS 1 Reply Last reply
    0
    • mariusor@metalhead.clubM mariusor@metalhead.club

      @grishka yeah, you need to let the crypto library autodetect the type of key. OpenSSL manages to do it:

      curl -s https://federated.id/actors/a1517c06-7131-4437-84b0-025837e9da39 | jq -r .publicKey.publicKeyPem | openssl pkey -pubin -text

      grishka@mastodon.socialG This user is from outside of this forum
      grishka@mastodon.socialG This user is from outside of this forum
      grishka@mastodon.social
      wrote last edited by
      #14

      @mariusor Java's built-in crypto API can't do that unfortunately as far as I know. I guess I'll have to try every supported type on every key until I find one that works

      mariusor@metalhead.clubM 1 Reply Last reply
      0
      • mariusor@metalhead.clubM mariusor@metalhead.club

        @silverpill are we allowing Mastodon guide ActivityPub development again, when alternatives exist?

        @grishka

        silverpill@mitra.socialS This user is from outside of this forum
        silverpill@mitra.socialS This user is from outside of this forum
        silverpill@mitra.social
        wrote last edited by
        #15

        @mariusor @grishka This time it's the other way around. I wrote the FEP, and 3 years later they implemented it.

        The alternative is publicKey array I guess?

        mariusor@metalhead.clubM 1 Reply Last reply
        0
        • silverpill@mitra.socialS silverpill@mitra.social

          @mariusor @grishka This time it's the other way around. I wrote the FEP, and 3 years later they implemented it.

          The alternative is publicKey array I guess?

          mariusor@metalhead.clubM This user is from outside of this forum
          mariusor@metalhead.clubM This user is from outside of this forum
          mariusor@metalhead.club
          wrote last edited by
          #16

          @silverpill yep. Your bane, more JSON-LD bullshit. 😄

          @grishka

          grishka@mastodon.socialG silverpill@mitra.socialS 2 Replies Last reply
          0
          • mariusor@metalhead.clubM mariusor@metalhead.club

            @silverpill yep. Your bane, more JSON-LD bullshit. 😄

            @grishka

            grishka@mastodon.socialG This user is from outside of this forum
            grishka@mastodon.socialG This user is from outside of this forum
            grishka@mastodon.social
            wrote last edited by
            #17

            @mariusor @silverpill Smithereen is one of the few ActivityPub implementations that actually uses JSON-LD contexts not just for LD signatures but also when parsing data, so not a problem for me in particular

            1 Reply Last reply
            0
            • grishka@mastodon.socialG grishka@mastodon.social

              @mariusor Java's built-in crypto API can't do that unfortunately as far as I know. I guess I'll have to try every supported type on every key until I find one that works

              mariusor@metalhead.clubM This user is from outside of this forum
              mariusor@metalhead.clubM This user is from outside of this forum
              mariusor@metalhead.club
              wrote last edited by
              #18

              @grishka it should be. The ASN package that gets encoded to PEM should have the algorithm value set:

              curl -s https://federated.id/actors/a1517c06-7131-4437-84b0-025837e9da39 | jq -r .publicKey.publicKeyPem | openssl asn1parse

              1 Reply Last reply
              0
              • mariusor@metalhead.clubM mariusor@metalhead.club

                @silverpill yep. Your bane, more JSON-LD bullshit. 😄

                @grishka

                silverpill@mitra.socialS This user is from outside of this forum
                silverpill@mitra.socialS This user is from outside of this forum
                silverpill@mitra.social
                wrote last edited by
                #19

                @mariusor @grishka Lol, true. But this is not the only reason for writing FEP-521a.

                publicKey was marked as deprecated upstream and now more fine-grained properties are recommended

                silverpill@mitra.socialS mariusor@metalhead.clubM 2 Replies Last reply
                0
                • silverpill@mitra.socialS silverpill@mitra.social

                  @mariusor @grishka Lol, true. But this is not the only reason for writing FEP-521a.

                  publicKey was marked as deprecated upstream and now more fine-grained properties are recommended

                  silverpill@mitra.socialS This user is from outside of this forum
                  silverpill@mitra.socialS This user is from outside of this forum
                  silverpill@mitra.social
                  wrote last edited by
                  #20

                  @mariusor @grishka For example, assertionMethod specifies keys for signing, keyAgreement for encryption https://www.w3.org/TR/cid/#verification-relationships

                  1 Reply Last reply
                  0
                  • silverpill@mitra.socialS silverpill@mitra.social

                    @mariusor @grishka Lol, true. But this is not the only reason for writing FEP-521a.

                    publicKey was marked as deprecated upstream and now more fine-grained properties are recommended

                    mariusor@metalhead.clubM This user is from outside of this forum
                    mariusor@metalhead.clubM This user is from outside of this forum
                    mariusor@metalhead.club
                    wrote last edited by
                    #21

                    @silverpill I see... Got a link to that, I should update my stuff...

                    @grishka

                    mariusor@metalhead.clubM 1 Reply Last reply
                    0
                    • mariusor@metalhead.clubM mariusor@metalhead.club

                      @silverpill I see... Got a link to that, I should update my stuff...

                      @grishka

                      mariusor@metalhead.clubM This user is from outside of this forum
                      mariusor@metalhead.clubM This user is from outside of this forum
                      mariusor@metalhead.club
                      wrote last edited by
                      #22

                      @silverpill nevermind, I found it in the FEP.

                      @grishka

                      1 Reply Last reply
                      0

                      Hello! It looks like you're interested in this conversation, but you don't have an account yet.

                      Getting fed up of having to scroll through the same posts each visit? When you register for an account, you'll always come back to exactly where you were before, and choose to be notified of new replies (either via email, or push notification). You'll also be able to save bookmarks and upvote posts to show your appreciation to other community members.

                      With your input, this post could be even better 💗

                      Register Login
                      Reply
                      • Reply as topic
                      Log in to reply
                      • Oldest to Newest
                      • Newest to Oldest
                      • Most Votes


                      • Login

                      • Don't have an account? Register

                      • Login or register to search.
                      Powered by NodeBB Contributors
                      • First post
                        Last post
                      0
                      • Categories
                      • Recent
                      • Tags
                      • Popular
                      • World
                      • Users
                      • Groups