FEP-db0e: Authentication mechanism for non-public groups

Hello!

This is a discussion thread for the proposed FEP-db0e: Authentication mechanism for non-public groups.
Please use this thread to discuss the proposed FEP and any potential problems
or improvements that can be addressed.

Summary

This proposal addresses the problem of authenticating access to the content of non-public groups. It is mostly intended to supplement [FEP-400e].

Only the server that hosts the Group actor knows for sure who can and can not access the content in the group. However, due to each object being hosted on the server of the actor that created it, it is not ordinarily possible for those other servers to restrict access to that object only to those actors who have the permission to see it.

This FEP defines an authentication mechanism, “actor tokens”, that allows an actor to issue tokens that serve as a temporary proof of group membership for other servers.

1 Like