Re: "ActivityPub and Webfinger" CG Note, First Draft from Erin Shepherd on 2024-03-25 (public-swicg@w3.org from March 2024)

From: Erin Shepherd <erin.shepherd@e43.eu>
Date: Mon, 25 Mar 2024 16:08:37 +0100
To: a <a@trwnh.com>, "Manton Reece" <manton@micro.blog>
Cc: public-swicg@w3.org
Message-Id: <3d56ce63-25d4-4e13-b1e2-8432f6fc8497@app.fastmail.com>

Back when I was first writing the early AP drafts (before Webfinger got chopped out), the suggestion was to normalise the entered ID as per OpenID Connect Discovery

If we revisit that, it suggests that a bare domain be translated to 'https://(domain)/' prior to WebFinger

- Erin

On Mon, 25 Mar 2024, at 15:01, a wrote:
> > Would it be appropriate to formalize this in the report?
> 
> I think it makes sense to mention it as an idea, but not specify an exact mechanism at this time.
> 
> > I believe WebFinger is fine with leaving the username off
> 
> This would be technically noncompliant, as RFC7565 has ABNF which requires at least one character for the userpart. We could do the underscore thing like Nostr, but that starts to get into the above point about specifying exact mechanisms. I think, just like FEP-25c9 for an explicit "webfinger" property, there should be a FEP proposing some mechanism for DNS names. Off the top of my head, it could be done in several different ways -- https: URIs probably make sense here. Or using the DNS name as the userpart.
> 
> 
> 
> On Mon, Mar 25, 2024, 08:14 Manton Reece <manton@micro.blog> wrote:
>> __
>> This looks really good to me on my first quick reading. Another idea for the "Future Enhancements" section… There has been discussion in the past about better support for single-user servers. For example, instead of the redundant @user@user.com, clients should be able to reference a user with just @user.com. This would also encourage people to own their identity with their own domain name.
>> 
>> Would it be appropriate to formalize this in the report? It could go through the FEP process too, but this report is going to be something that everyone reads about WebFinger.
>> 
>> Nostr (NIP-5) has a convention of using underscores: _@user.com is displayed as just @user.com. Bluesky also uses hostnames for @-mentions. I believe WebFinger is fine with leaving the username off, for example /.well-known/webfinger?resource=acct:@user.com <mailto:acct%3A@user.com>.
>> 
>> — Manton

Received on Monday, 25 March 2024 15:09:03 UTC