Re: Proposed agenda items for 5 Apr 2024 meeting

Hi all! Late notice, but I'm hoping to take a minute on tomorrow's call to
announce the first draft of the ActivityPub and HTTP Signatures report
<https://swicg.github.io/activitypub-http-signature/> and request review
and feedback. I'm happy to hear comments on the call, if we have time, or
you're welcome to file them in a GitHub issue
<https://github.com/swicg/activitypub-http-signature/issues>.

See you all tomorrow!

On Wed, Mar 27, 2024 at 10:47 AM Evan Prodromou <evan@prodromou.name> wrote:

> For the chairs and everyone else: I have three proposed agenda items for
> the 5 Apr 2024 meeting.
>
>    1. *Advance ActivityPub-Webfinger profile to a draft report*. a has
>    done a great draft here, and there's been a lot of issue development and
>    guidance. If a thinks it's ready, I believe we should release this report
>    as a CG-DRAFT for wider review.
>    2. *Integrate the Security namespace into the Activity Streams 2.0
>    context document*. Web Security 1.0 is a widely-implemented context
>    used for HTTP Signature properties in ActivityPub. It would make a good
>    test case for the extensions process
>    <https://swicg.github.io/extensions-policy/>.
>    3. *Consider an OAuth 2.0 profile for ActivityPub*. One discussion
>    that has come up during issue triage is aligning the different OAuth 2.0
>    profiles for AP. FEP-d8c2
>    <https://codeberg.org/fediverse/fep/src/branch/main/fep/d8c2/fep-d8c2.md>
>    lays one out; there are also suggestions to use OIDC's discovery
>    mechanisms. Because we already have several profiles for using other
>    standards with AP, and because OAuth 2.0 is the primary way for client
>    applications to access API servers, I think it may be good for developers
>    to have a report on current best practices for OAuth 2.0.
>
> Evan
>
>
>

-- 
https://snarfed.org/