Wall-to-wall posts are federated like any other posts. The signatures are those of the wall owner (sender in this case). Some platforms will refuse these because neither the LD signature or HTTP signature is that of the original actor (the signing keys are unavailable to the person hosting the wall), but hear me out…
The end viewer typically has a relationship with the sender, not the actor. It doesn’t matter if the actor validates the message, because this could be a total stranger to the viewer. The only person the viewer has a trust relationship with and who needs to be validated “to them” is the sender. The sender in turn has a relationship with the actor and need to verify them before being allowed to post on their wall. So this verification does happen but is not visible to the end viewer.
Can this “chain of trust” be abused? Certainly. Anything can be abused. But the situation solves itself, because breaching the trust between the viewer and sender will break that relationship. It will also break any trust between the actor and the sender. And it is very easily discovered.
In any event, this mechanism is undergoing revision due to the work on private groups mentioned elsewhere. For group wall-to-wall posts the actor’s post is now HTML embedded into the body of a new post created by the sender. This will allow federation over any platform. I expect the regular wall-to-wall mechanism to be updated to the same mechanism in due course. There’s really no difference in trust - it’s just a different presentation which federates easier.
A detailed description of commentPolicy has been added to FEDERATION.md.
Post owners (and also site admins) can delete wall-to-wall posts. Any conversation owner can also delete any comments in their own conversation. Twitter-like platforms will probably reject the deletion. Facbook-like platforms will accept it. This is an unresolvable conflict between implementations (just like mention disparities), however it doesn’t matter because the wall owner always gets to decide what goes on their wall and the site owner always gets to decide what goes on their site. Period. If such deleted posts and comments end up visible on other software, it’s a fact of life.
I actually don’t care if developers on other platforms disagree with any of these mechanisms. As long as it is compliant with specifications (which I’ve found most projects ignore when it suits them), they can do whatever they want. It’s the fediverse way. Everything I do strives to be multi-protocol compliant, as I typically support more than one.