Home | Notifications | New Note | Local | Federated | Search | Logout

Note Detail

Reply to @silverpill@mitra.social
julian@julian@activitypub.space (2026-05-21 05:36:09)
@silverpill@mitra.social said:


In some cases, FEP-fe34 recommends same-actor policy as an additional protection against implementation bugs and against implementations that don't enforce actor boundaries on purpose. Update/Delete authorization is one of those cases (admittedly, the wording is a bit confusing in that paragraph...)



Does this mean NodeBB is wrong is allowing different actors on the same origin to publish Updates and Deletes? I do not know of a way to reconcile this with the ability to have moderators carry out their actions.
---Reply---
silverpill@silverpill@mitra.social (2026-05-21 06:18:00)
No, it's not wrong.

I think the good of group moderation currently outweighs the theoretical bad of same-origin impersonation.

---Replies---

silverpill@silverpill@mitra.social (2026-05-24 18:39:56)
@julian I've done a review on FEP-fe34 and here's a more nuanced answer.

The same-origin assumption is necessary for authentication, because it is not possible to not trust the server of origin.

But it is not necessary for authorization. It is desirable, because that makes authorization procedures aligned with authentication procedures. But we can shift the burden of permission checks to the recipient.

We might even have to do this, if we discover that servers accepting arbitrary payloads (C2S, FEP-ae97) can't reliably enforce the isolation of actors.

But for time being, you can accept same-origin admin deletions.