Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Unable to verify signature for remote actor 'Delete' activity #10286

Closed
FongWan opened this issue Mar 15, 2019 · 2 comments
Closed

Unable to verify signature for remote actor 'Delete' activity #10286

FongWan opened this issue Mar 15, 2019 · 2 comments

Comments

@FongWan
Copy link

FongWan commented Mar 15, 2019

Expected behaviour

It is expected that Mastodon's actor Public Key is available to be retrieved for Signature header calculation when the Mastodon's server send to another server (server-server interaction) the 'Delete' activity for an actor.

Actual behaviour

My own ActivityPub server inbox receive a lot of 'Delete' activities for actors, but when my server try to fetch the actor Public Key from the keyId provided URL from Signature header, Mastodon server return 410 Gone HTTP status code with empty body without being able to retrieve the publicKeyPem, so my server could not be able to calculate the signature, thus is not possible to verify the actor.

Steps to reproduce the problem

  1. Receive {"type":"Delete"} from inbox.
  2. Get Signature header, extract keyId value from Signature header.
  3. Try to fetch publicKey from keyId, get 410 Gone HTTP status code with empty body.

Specifications

Mastodon 2.7.4

Recommendation

Maintain actor publicKey available for a specific period of time (e.g.: 5 minutes) before removing it.

@Gargron
Copy link
Member

Gargron commented Mar 15, 2019

This is understandably confusing, but it's not a bug or a problem. You receive deletes of accounts your server does not know about. Since the account is deleted, the key cannot even be retrieved. But your server does not store the account, so there is nothing to delete anyway.

This is because we propagate deletes to all known inboxes, to ensure the widest possible application of the delete.

@Gargron Gargron closed this as completed Mar 15, 2019
@FongWan
Copy link
Author

FongWan commented Mar 15, 2019

@Gargron Actually, my server does store the accounts for the purpose of caching, but it is always retrieves the RSA public key for the verification of the signature, since there is always the possibility that someone with their own ActivityPub server change their public key at any time and this would cause failure in the verification of Signature. That's why I recommend keeping the publicKey while the other data (inbox, outbox, etc) could be hidden.

I understand that this is not a priority bug, since all Mastodon instances would work as expected, but due the sense of righteousness, I think the behavior should be changed in the future.

Sorry for my English.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants