As already mentioned application actors are currently used by most Fediverse applications to fetch public keys.
I think this (and the referenced earlier information) would benefit from being more specific. I assume you mean the public keys of the Application actor specifically (vs public keys, in general).
My Mastodon instance can fetch the public keys for any actor without a signed request. I seem to be able to do the same with mastodon.social (based on testing with a few actors).
Mastodon uses
Servicefor bot accounts.
Mastodon considers Application actors to be bot accounts too.
def bot?
%w(Application Service).include? actor_type
end
It’s not clear to me that the referenced projects use an instance actor in the same way or in the way the FEP requires. I also wonder if the instance actor can be followed, blocked, implements an outbox (it must implement the endpoint, at least), can be mentioned in posts, etc. In other words, is it a regular actor other than never requiring signed fetches for the actor resource?
Also, until there’s more discussion about nodeinfo, I’m -1 for the reasons I stated previously.