Hi,
I am starting to design an ActivityPub service, and I was wondering:
1 - When I create private keys for my users, are they expected to be permanent, or can they be changed?
2- Or, in other words, when I store a public key of a remote user, is there any mechanism I should check for revocation? Should I attempt to fetch a new key in case decrypting didn’t work with the one I cached?
Best,
Francis
They can change, and they can change at any time (blind rotation). If a signature doesn’t validate with a cached key, you should refetch the profile in case the key changed.
You may receive an Update that rotates the keys, but this is not required.
This is only correct for actors you have rarely contact with. Actors, you talk to regularly, e.g. followers and following, should send you an Update when rotating keys.
Requiring the above behavior would ensure that the entity behind an actor stays the same. Here entity means as something controlling a cryptographic identity.
Unfortunately, how to do key rotation and the implications of http signatures have not been documented. I have some ambition to fill this hole.
may send an Update when rotating keys. There is a concept known as “blind key rotation” which provides deniability to any previously-delivered signed message. It works something like this:
If instead Alice sent a signed Update to Bob that was signed with key A1 and updated to key A2, the deniability would go away, because there is a clear lineage and history linking key A1 and A2 to the same controller.
As I said earlier: Without having somebody write a specification what we get out of using signatures, opinions will differ on what signatures mean, and what one can expect.