@julian@fietkau.social
·
Apr 06, 2026
Julian Fietkau
@julian@fietkau.social
Human-computer interaction #HCI, computer science & programming, home server & self-hosting, games and other fun stuff. Fediverse tool builder: @encyclia, @canary, FediRoster, Pinhole, ... see https://fietkau.software/tag/fediverse for more. I also help out with @fedidevs. If you do HCI-related research, check out https://directory.hci.social. He/him. Posting mostly in English, but you might see the occasional German boost.
fietkau.social
RE: https://mastodon.social/@bagder/116359048796181736
Could be potentially nice for fediverse server testing, as more implementations make the jump to final RFC 9421 HTTP signatures.
On the flip side, ever more complex curl invocations (here: Accept header plus signature fields plus key file, presumably) suggest use of more specialized CLI tools, such as provided by @fedify@hollo.social, or at least scripts/aliases.
Speaking of RFC 9421, which notable fediverse implementations can't handle it yet? Anyone keeping track?
#ActivityPub #FediDev #RFC9421
4
11
9
@mradcliffe@nokoto.org
·
Apr 18, 2026
mradcliffe
@mradcliffe@nokoto.org
Matthew (he/him). I like contributing to open source software, open source contribution mentoring, haiku, Japanese, PostgreSQL, Drupal, board games, cooking for myself, Slackware linux, and beer among other things. I post random things sometimes. My fediverse presence is also my web presence and I respect privacy and private content.
nokoto.org
Re: any example of a software in node/javascript that uses the new signature standard
@gabboman@gabboman.xyz I decided to hack on this the past few nights, and came up with an experimental, backwards-compatible implementation that I created a draft pull request for @peertube/http-signature. I tried to follow the library’s coding style of the original as much as possible.
The idea of backwards-compatibility is that you can drop this into an existing application and nothing will break. There are deprecation messages that may surface in logs to guide changing from using the function exports to the cavage12Draft export (and the rfc9421 export).
I think the next step for anyone would be:
manual...
0
9
1
@mradcliffe@nokoto.org
·
May 18, 2026
mradcliffe
@mradcliffe@nokoto.org
Matthew (he/him). I like contributing to open source software, open source contribution mentoring, haiku, Japanese, PostgreSQL, Drupal, board games, cooking for myself, Slackware linux, and beer among other things. I post random things sometimes. My fediverse presence is also my web presence and I respect privacy and private content.
nokoto.org
Re: Re: any example of a software in node/javascript that uses the new signature standard
When last I left off, I made a pull request to peertube/http-signature library try to help the JavaScript ecosystem reach RFC 9421 parity while being backwards-compatible with cavage-12 draft implementations. There has not been any traction on this yet. Maybe because PeerTube has abandoned its own use of the library.
So our current ecosystem state is the following:
PeerTube uses misskey-dev/node-http-message-signatures library and owns the defacto unmaintained peertube/http-signature library.Misskey and the rest of the ‘keyverse use peertube/http-signature library and Misskey owns the defacto...
0
7
0
You've seen all posts