You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Allowing an Application actor to sign & send Actor Delete activities, the sending server could potentially group deleted Actors in the object thereby reducing some of the chatter this activity causes.
The receiving server could verify that the Actor(s) has indeed been Deleted, resulting in 404 or 410.
One problem is that there is no indication that any given actor has the authority to delete another, different actor. You could get around this by saying that every actor is attributedTo the server (or some actor representing it), but on its own, a Delete is only valid if its object is owned by the actor.
@trwnh valid point, but shouldn't we bypass the signature verification of a deleted user then and rely on a Tombstone (410 (or maybe also 404 as fallback) status code)???
Pitch
Allow Actor Delete activities to be signed by an Instance actor
https://swicg.github.io/activitypub-http-signature/#handling-deletes-of-actors
Motivation
Allowing an
Application
actor to sign & send ActorDelete
activities, the sending server could potentially group deleted Actors in the object thereby reducing some of the chatter this activity causes.The receiving server could verify that the Actor(s) has indeed been Deleted, resulting in 404 or 410.
See:
The text was updated successfully, but these errors were encountered: