search

w3c / activitypub

http://w3c.github.io/activitypub/
Other
1.17k stars 70 forks source link

Sections 7.1.1 + 7.1.2 lead to inconsistent behavior. #366

Open HelgeKrueger opened 1 year ago

HelgeKrueger commented 1 year ago

This concerns how to resolve collections when sending messages. The ActivityPub Specification specifies in 7.1.1 uses "owner by the actor", section "7.1.2" uses "owned by the server".

Example:

Alice (user) on Abel (server), Claire on Cantor (server) follows Bob. Bob sends a message "Building stuff" to his followers (Claire). Alice discovers Bob's message and replies to him and his followers "Me too". If Bob is on Banach, 7.1.2 implies that Banach should forward Alice's message to Claire. If Bob is on Abel, the combination of 7.1.1 and 7.1.2 implies that Claire doesn't get the message.

aschrijver commented 7 months ago

Cross-referencing to this conversation started by @dclements, and where @steve-bate suggests renaming the issue to "Why does ActivityPub not define a concept of ownership?".

nightpool commented 7 months ago

The spec doesn't say that Claire can't get the message, it just doesn't have a MUST that she should. Implementations are free to use their own judgement about whether/how to target and deliver these messages (although I agree that the explanatory text in 7.1.2 generally seems to assume that implementations SHOULD be targeting and delivering these messages if they would otherwise be doing so for remote servers, modulo spam filtering or similar)

evanp commented 3 months ago

So, i think the issue here is if you have collections that are owned by the actor, but not hosted on the server. An example:

{
  "@context": "https://www.w3.org/ns/activitystreams",
  "type": "Collection",
  "id": "https://collectionsbuilderapp.example/collection/175",
  "attributedTo": "https://banach.example/users/bob"
}

In this case, when Bob sends an activity to this collection via his outbox, Bob's server should deliver it. That may mean fetching the contents of the collection in order to do the delivery. That's kind of a hassle, but there it is.

If someone else, like Alice, addresses this collection in a reply to Bob, Bob's server is not required to deliver her activity to the addresses in this collection.

I don't see what that would be a useful distinction to make, and my guess is that this distinction is more due to less than rigorous editing that an intended distinction, however, I also don't think it's fundamentally paradoxical or self-contradictory.

I think a well-behaved server that implements inbox forwarding ought to deliver to the collection anyway, but that's not the way it's written.