trwnh.com/wiki.hugo/content/tech/spec/activitypub/extensions/http-signatures.md

draft 8 cavage

even in the updated HTTP Message Signatures which supercedes the old HTTP Signatures, the `keyId` resolution to get the actual key material is unspecced, it's up to app logic

so you need to clearly specify somewhere such rules. like "keyId must point to a json-ld object with type sec:Key and must have sec:owner pointing to an activitypub actor" or something like that
consolidate offshoot projects into main domain 2024-09-26 22:54:41 +00:00			`draft 8 cavage`

			even in the updated HTTP Message Signatures which supercedes the old HTTP Signatures, the `keyId` resolution to get the actual key material is unspecced, it's up to app logic

			`so you need to clearly specify somewhere such rules. like "keyId must point to a json-ld object with type sec:Key and must have sec:owner pointing to an activitypub actor" or something like that`