Add (#17029)

Some ActivityPub projects have a which is used to describe the
various extensions they use.

Everything here is also documented elsewhere, but it's a concise starting point
with links to that documentation.
This commit is contained in:
Claire 2021-11-23 00:15:31 +01:00 committed by GitHub
parent db32835338
commit 9c44cf205f
No known key found for this signature in database

30 Normal file
View File

@ -0,0 +1,30 @@
## ActivityPub federation in Mastodon
Mastodon largely follows the ActivityPub server-to-server specification but it makes uses of some non-standard extensions, some of which are required for interacting with Mastodon at all.
Supported vocabulary:
### Required extensions
#### Webfinger
In Mastodon, users are identified by a `username` and `domain` pair (e.g., ``).
This is used both for discovery and for unambiguously mentioning users across the fediverse. Furthermore, this is part of Mastodon's database design from its very beginnings.
As a result, Mastodon requires that each ActivityPub actor uniquely maps back to an `acct:` URI that can be resolved via WebFinger.
More information and examples are available at:
#### HTTP Signatures
In order to authenticate activities, Mastodon relies on HTTP Signatures, signing every `POST` and `GET` request to other ActivityPub implementations on behalf of the user authoring an activity (for `POST` requests) or an actor representing the Mastodon server itself (for most `GET` requests).
Mastodon requires all `POST` requests to be signed, and MAY require `GET` requests to be signed, depending on the configuration of the Mastodon server.
More information on HTTP Signatures, as well as examples, can be found here:
### Optional extensions
- Linked-Data Signatures:
- Bearcaps:
- Followers collection synchronization: