Fun fact, looks like our admin registration is going to use the same http auth mechanisms.
Here's how it looks:
Keep list of admins in webmention format in the DB
Admins talk to the API using signed HTTP requests
API verifies requests by verifying the signatures
Cool side effects? No need for storing a password or issuing tokens or actual admin account data. We can also use wildcards in the list like @*@hypha.coop to allow any account from a given domain to have access.
@thisismissem I think there is risk in folks adding fake actors if they can add arbitrary files to a site, but I'm hoping that querying the webfinger endpoint to verify would help there.
Spoofing https certs and DNS might be a risk though? 🤷
@mauve that is to say I'm doubtful that DNS and HTTPS would be particularly weak points, especially given signing and pinning of public keys (there is a process for announcements of key rotation too)
Add comment