Iceshrimp.NET/FEDERATION.md

Federation

Terminology

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC-2119.

This document MAY alias JSON-LD namespace IRIs to their well-known aliases. Specifically, the following aliases are used:

• as: - https://www.w3.org/ns/activitystreams#
• toot: - http://joinmastodon.org/ns#
• fedibird: - http://fedibird.com/ns#
• misskey: - https://misskey-hub.net/ns#
• litepub: - http://litepub.social/ns#

Supported federation protocols and standards

• ActivityPub (Server-to-Server)
  • We perform full JSON-LD processing.
  • Incoming activities (whether sent to the shared/actor inbox or fetched via federation requests) MUST carry a valid JSON-LD context for successful federation with Iceshrimp.NET instances.
  • Regardless, we attempt to make sense of activities carrying some known invalid LD contexts. Specifically:
    • We resolve the nonexistent http://joinmastodon.org/ns context (toot.json) for federation with GTS (which references it by link)
    • We resolve some unofficial ActivityStreams context extensions (as-extensions.json), since some implementors incorrectly reference it by link.
    • See here and here to see all preloaded LD contexts we ship.
  • Outgoing activities are compacted against our well-known LD context (iceshrimp.json).
    • For compatibility with implementors that are not doing full LD processing, we force some attributes to be an array:
      • tag, attachment, to, cc, bcc, bto (all in the https://www.w3.org/ns/activitystreams namespace)
    • For the same reason, we forcibly keep https://www.w3.org/ns/activitystreams#Public as the full IRI, instead of compacting it to as:Public.
    • We trim unused inline properties from the context. For technical reasons, unused namespace aliases are currently not trimmed, but this is subject to change.
• WebFinger
  • Any actors referenced in activities MUST be queryable via WebFinger for federation with Iceshrimp.NET instances.
  • Actor @id URIs SHOULD be directly queryable via WebFinger, but reverse discovery is performed as a fallback.
  • Split domain configurations are supported (for local and remote actors).
    • Implementors MUST NOT have multiple actors with the same preferredUsername on each web or account domain.
    • Mentions referencing a user by their non-canonical acct (@user@web.domain.tld) get canonicalized on note ingestion.
  • We support WebFinger over application/jrd+json as well as application/xrd+xml (both incoming and outgoing).
    • However, we do not ask for xrd+xml in our Accept header for outgoing WebFinger requests due to compatibility issues with Friendica.
    • Responses MUST have their Content-Type set to application/jrd+json, application/xrd+xml, application/json, or application/xml.
  • We support host-meta over application/jrd+json as well as application/xrd+xml (both incoming and outgoing).
    • The json representation is also accessible under /.well-known/host-meta.json.
    • Implementors SHOULD advertise the WebFinger Content-Type in the type attribute of the WebFinger template in the host-meta response.
      • However, since major implementors either omit the attribute, or incorrectly advertise jrd+json as xrd+xml, we presently ignore this property.
    • Implementors MUST return a link with the attributes rel='self' and type='application/activity+json' in the response.
      • application/ld+json; profile="https://www.w3.org/ns/activitystreams" is treated interchangably with application/activity+json.
• HTTP Signatures
  • Incoming activities sent to the shared inbox or actor inbox MUST carry a valid HTTP signature, unless LD Signatures are explicitly enabled in the configuration, and the activity carries a valid LD signature.
  • Incoming federation requests MUST carry a valid HTTP signature, unless authorized fetch is explicitly disabled in the configuration.
• LD Signatures
  • Both LD-signing outgoing activities and accepting LD signatures are disabled by default due to privacy concerns, but instance operators can choose to enable them.
  • as:Delete activities, which don't come with any of the privacy concerns mentioned above, are however accepted regardless of the configuration.
• NodeInfo (versions 2.0 and 2.1)

Supported FEPs

• FEP-f1d5: NodeInfo in Fediverse Software
• FEP-c0e0: Emoji reactions
  • litepub:EmojiReact activities are processed as emoji reactions.
  • as:Like activities with as:content or misskey:_misskey_reaction properties get canonicalized to litepub:EmojiReact.
  • Multiple emoji reactions are supported.
  • Remote custom emoji reactions are supported if two conditions are met:
    • The as:content property is set to :emoji@remoteinstance.tld: or emoji@remoteinstance.tld
    • The emoji emoji is already known from a post or reaction by a user on remoteinstance.tld
• FEP-e232: Object Links
  • Specifically, inline quotes with the following rel attributes are supported:
    • misskey:_misskey_quote
    • fedibird:quoteUri
    • as:quoteUrl
• FEP-67ff: FEDERATION.md
• FEP-2c59: Discovery of a Webfinger address from an ActivityPub actor
• FEP-9fde: Mechanism for servers to expose supported operations
• FEP-7888: Demystifying the context property
  • Specifically, we use it in a "conversational context" sense, where each note has an attached context, which maps to an internal "thread".
  • We currently do not use the context for anything other than grouping.
  • Our context collections contain objects, not activities.

FEPs we intend to support in the future

• FEP-8fcf: Followers collection synchronization across servers
• FEP-1b12: Group federation
• FEP-96ff: Explicit signalling of ActivityPub Semantics
• FEP-d556: Server-Level Actor Discovery Using WebFinger
• FEP-2677: Identifying the Application Actor

Supported non-FEP extensions

• Bite activities (as specified in mia:Bite)