1
0
Fork 0
mirror of https://code.sup39.dev/repos/Wqawg synced 2024-12-27 19:44:50 +09:00
vervis/config
fr33domlover e325175a9c Publish 2 rotating instance-scope keys instead of the one-implicitly-shared-key
Before, there was a single key used as a personal key for all actors. Now,
things work like this:

- There are 2 keys, each time one is rotated, this way the old key remains
  valid and we can freely rotate without a risk of race conditions on other
  servers and end up with our posts being rejected
- The keys are explicitly instance-scope keys, all actors refer to them
- We add the ActivityPub-Actor header to all activity POSTs we send, to declare
  for which specific actor our signature applies. Activities and otherwise
  different payloads may have varying ways to specify attribution; using this
  header will be a standard uniform way to specify the actor, regardless of
  payload format. Of course, servers should make sure the actual activity is
  attributed to the same actor we specified in the header. (This is important
  with instance-scope keys; for personal keys it's not critical)
2019-02-07 10:34:33 +00:00
..
favicon.ico Bring Yesod scaffolding 2016-02-13 03:35:30 +00:00
keter.yml Bring Yesod scaffolding 2016-02-13 03:35:30 +00:00
models Publish 2 rotating instance-scope keys instead of the one-implicitly-shared-key 2019-02-07 10:34:33 +00:00
robots.txt Bring Yesod scaffolding 2016-02-13 03:35:30 +00:00
routes Publish 2 rotating instance-scope keys instead of the one-implicitly-shared-key 2019-02-07 10:34:33 +00:00
settings-default.yaml Hold a persistent server key for ocap signatures 2019-01-30 03:12:42 +00:00
test-settings.yml Move some files around, tweak the generated code a bit 2016-02-14 09:10:21 +00:00