Define/document how blocking works in S2S

[ThisIsMissEm]

Currently ActivityPub only really describes blocking in the context of Client to Server, and details for Server to Server are all but omitted (the only line is that Block along with several other activities must have an object property)

Whilst some software does send Block activities, these have previously been used by abusive server operators as something of a badge of honour (Look I got the person I was trolling to Block me!).

For instance, defederation in Mastodon does not generate Block activities, but instead just does Undo's for all Accept(Follow) activities.

Blocks are also sometimes bypassed due to forwarding or including complete objects inline in Announce activities, however, we may want to consider this a separate issue & require a recommendation against inlining objects in Announce activities.

[trwnh]

one consideration: the current recommendation is that Blocks are not to be federated.

the way a Block should work is that incoming activities are dropped, and their side effects are not processed.

it is possible that if two actors mutually block each other, then federating this information makes it impossible for one of them to fully unblock the other first -- the first Undo Block to be sent will be dropped by the recipient, leading to a state desync where the first actor is no longer blocking the second actor, but the second actor thinks they are still blocked.

similarly, if one actor blocks another actor, then the second actor may block the first actor in return, but the first actor will not be aware of this because the Block gets dropped. you end up in another desync.

taken together, it makes the following flow possible:

• A Block B.
  • State_A = A blocks B, B not blocking A
  • State_B = A blocks B, B not blocking A
• B Block A.
  • State_A = A blocks B, B not blocking A (because the Block got dropped on A's side)
  • State_B = A blocks B, B blocks A
• A Undo(Block) B.
  • State_A = A not blocking B, B not blocking A (because the Block got dropped on A's side)
  • State_B = A blocks B (because the Undo Block got dropped on B's side), B blocks A

so A and B now believe completely opposite things!

this might be avoidable if you define S2S Block as a "moderation activity" that should be sent to some endpoints.moderationInbox or similar, but it can only be expected to take effect if the remote server is enforcing these blocks.

[evanp]

Just adding it here, but I think @trwnh covered it well: Block is defined as a SHOULD NOT for delivery.

https://www.w3.org/TR/activitypub/#block-activity-outbox