Terence Eden on Nostr: It is rather frustrating that there's no way to verify #HTTP signatures online if ...
It is rather frustrating that there's no way to verify #HTTP signatures online if they contain "(request-target)".
The #Mastodon #ActivityPub server is responding to my server's "Accept" POST with "Verification failed".
As far as I can tell, my signature is valid. It uses the same generation code as other servers as far as I can tell.
This might be a 3-drink problem!
Published at
2024-01-27 23:25:33Event JSON
{
"id": "0230484b883d389b6b144d37b01812f8e96c7f554b4b9479398c39439e18b868",
"pubkey": "fddf487eea9db57a6e320f80e5cb63de50bedf539695a41c0d447be6c23643e1",
"created_at": 1706397933,
"kind": 1,
"tags": [
[
"e",
"4a7adaf61baac2f71a69e52c6b94fe9510c0ed38af669e74b655826cc6ced3c6",
"wss://relay.mostr.pub",
"reply"
],
[
"t",
"http"
],
[
"t",
"mastodon"
],
[
"t",
"activitypub"
],
[
"proxy",
"https://mastodon.social/users/Edent/statuses/111830494994186617",
"activitypub"
]
],
"content": "It is rather frustrating that there's no way to verify #HTTP signatures online if they contain \"(request-target)\".\n\nThe #Mastodon #ActivityPub server is responding to my server's \"Accept\" POST with \"Verification failed\".\n\nAs far as I can tell, my signature is valid. It uses the same generation code as other servers as far as I can tell.\n\nThis might be a 3-drink problem!\n\nhttps://files.mastodon.social/media_attachments/files/111/830/478/594/055/898/original/bb958156f4cbab5b.png",
"sig": "854696fce275a632aae290eab4d9ce16bd4659f94c386d588aa0b3f11295de66cccf649b46e3f745dcc57f4b5ae163fe11d1fb7368c665bae68cb5f268e081e7"
}
