Huzzah!! After about a little less than one month I have managed to deploy the new versions of the #GoActivityPub libraries containing RFC9421 for both outbound request signing and inbound verification, to both #FedBOX and #ONI.
During this tme we contributed to another Go module during this time, in order for it to support our use cases, then we ended up replacing it all together with another one having a simpler API.
In the process I managed to simplify the go-ap/auth module to contain only the verifiers for OAuth and HTTP-Signatures (in both draft and RFC compatible flavours).
This post is in fact, the first one that uses them for remote dissemination, and if you see it on your timeline it doesn’t neccessarily mean that your instance supports this signature type, but rather that the “double knocking” mechanism of retrying with the old draft version is functional. Here’s to hoping it won’t be needed for much longer. 🥂
