1 files changed, 65 insertions, 0 deletions
diff --git a/FEDERATION.md b/FEDERATION.md
new file mode 100644
index 0000000..4ee11ad
--- /dev/null
+++ b/FEDERATION.md
@@ -0,0 +1,65 @@
+# Federation
+## Protocols and standards
+- [ActivityPub](https://www.w3.org/TR/activitypub/) (S2S)
+- [WebFinger](https://webfinger.net/)
+- [HTTP Signatures](https://datatracker.ietf.org/doc/html/draft-cavage-http-signatures).
+  - Outgoing requests are RSA-SHA256 signed; incoming requests must verify, including optional `(created)` and `(expires)` components.
+- [NodeInfo](https://nodeinfo.diaspora.software/)
+  - 2.0 and 2.1.
+- [Webmention](https://www.w3.org/TR/webmention/)
+  - Receive-only. `/webmention-hook` accepts notifications and records them for relevant timelines.
+## FEP support
+- [FEP-f1d5: NodeInfo in Fediverse Software](https://codeberg.org/fediverse/fep/src/branch/main/fep/f1d5/fep-f1d5.md)
+- [FEP-67ff: FEDERATION.md](https://codeberg.org/fediverse/fep/src/branch/main/fep/67ff/fep-67ff.md)
+## ActivityPub details
+### Actor discovery
+- Local actor IDs match `https://<domain>/<user>` and the same URL is persisted as the canonical identifier.
+- WebFinger exposes `acct:<user>@<domain>` entries using the host-meta template.
+- `/authorize_interaction` and `/share` endpoints are available.
+### Collections and endpoints
+- `GET /<user>` returns the actor document (`application/ld+json`) including inbox/outbox/followers/following/featured collection URLs and the actor's public key.
+- `GET /<user>/outbox` exposes most recent public posts in `orderedItems`.
+- `GET /<user>/featured` publishes user's pinned posts collection.
+- `GET /<user>/followers` and `/following` return empty collections unless the user enables `show_contact_metrics`, in which case only totals are shared.
+- Individual public objects are available via `/p/<id>`, and their replies collections under `/r/<id>`, with optional paging.
+- `POST /<user>/inbox` and `/shared-inbox` accept signed JSON objects; shared inbox traffic is queued for the appropriate local recipients.
+### Supported activities and objects
+- **Inbound**: `Follow`, `Accept`, `Create`, `Update`, `Delete`, `Announce`, `Like`, `EmojiReact`, `Undo` (for Follow/Like/Announce), and `Move` covering `Note`, `Question`, `Page`, `Article`, `Event`, and `Video`.
+- **Outbound**: the same set, except for `EmojiReact` (normalised into `Like` internally) and `Create` currently emits `Note` and `Question` objects.
+- Ordered collections: outboxes present the latest entries; follower/following collections hide membership by default.
+### Delivery and moderation
+- Outbound requests are signed over `(request-target) host digest date`; inbound signatures must validate or message is dropped.
+- `Digest` headers on inbound POSTs are checked; mismatches receive HTTP 400.
+- Deliveries use a retry queue with parameters `queue_retry_max`, `queue_retry_minutes`, `queue_timeout`, and `queue_timeout_2` in `server.json`.
+- Messages are rejected if they originate from muted or limited actors, blocked hashtags, or blocked servers.
+### Audience and account features
+- Visibility modes include Public, Unlisted, Followers-only, and Direct (addressed only to mentioned accounts). Direct replies retain the mention list.
+- Users may require follow approvals, hide follower counts, mark accounts as bots, and adjust other publishing preferences.
+- Account migration emits ActivityPub `Move` messages to followers and follows the new identity when a compliant `Move` is received.
+### Shared inbox handling
+- `/shared-inbox` receives the same signature verification, queuing, and moderation treatment as user inboxes.
+## Additional documentation
+- Full documentation: <https://comam.es/snac-doc/>
+  - User manual: `doc/snac.1`
+  - Data formats: `doc/snac.5`
+  - Administrator manual: `doc/snac.8`
+- Release history and other notes: `RELEASE_NOTES.md`

diff --git a/FEDERATION.md b/FEDERATION.md new file mode 100644 index 0000000..4ee11ad --- /dev/null +++ b/FEDERATION.md
@@ -0,0 +1,65 @@
	1	# Federation
	2
	3	## Protocols and standards
	4
	5	- [ActivityPub](https://www.w3.org/TR/activitypub/) (S2S)
	6	- [WebFinger](https://webfinger.net/)
	7	- [HTTP Signatures](https://datatracker.ietf.org/doc/html/draft-cavage-http-signatures).
	8	- Outgoing requests are RSA-SHA256 signed; incoming requests must verify, including optional `(created)` and `(expires)` components.
	9	- [NodeInfo](https://nodeinfo.diaspora.software/)
	10	- 2.0 and 2.1.
	11	- [Webmention](https://www.w3.org/TR/webmention/)
	12	- Receive-only. `/webmention-hook` accepts notifications and records them for relevant timelines.
	13
	14	## FEP support
	15
	16	- [FEP-f1d5: NodeInfo in Fediverse Software](https://codeberg.org/fediverse/fep/src/branch/main/fep/f1d5/fep-f1d5.md)
	17	- [FEP-67ff: FEDERATION.md](https://codeberg.org/fediverse/fep/src/branch/main/fep/67ff/fep-67ff.md)
	18
	19	## ActivityPub details
	20
	21	### Actor discovery
	22
	23	- Local actor IDs match `https://<domain>/<user>` and the same URL is persisted as the canonical identifier.
	24	- WebFinger exposes `acct:<user>@<domain>` entries using the host-meta template.
	25	- `/authorize_interaction` and `/share` endpoints are available.
	26
	27	### Collections and endpoints
	28
	29	- `GET /<user>` returns the actor document (`application/ld+json`) including inbox/outbox/followers/following/featured collection URLs and the actor's public key.
	30	- `GET /<user>/outbox` exposes most recent public posts in `orderedItems`.
	31	- `GET /<user>/featured` publishes user's pinned posts collection.
	32	- `GET /<user>/followers` and `/following` return empty collections unless the user enables `show_contact_metrics`, in which case only totals are shared.
	33	- Individual public objects are available via `/p/<id>`, and their replies collections under `/r/<id>`, with optional paging.
	34	- `POST /<user>/inbox` and `/shared-inbox` accept signed JSON objects; shared inbox traffic is queued for the appropriate local recipients.
	35
	36	### Supported activities and objects
	37
	38	- Inbound: `Follow`, `Accept`, `Create`, `Update`, `Delete`, `Announce`, `Like`, `EmojiReact`, `Undo` (for Follow/Like/Announce), and `Move` covering `Note`, `Question`, `Page`, `Article`, `Event`, and `Video`.
	39	- Outbound: the same set, except for `EmojiReact` (normalised into `Like` internally) and `Create` currently emits `Note` and `Question` objects.
	40	- Ordered collections: outboxes present the latest entries; follower/following collections hide membership by default.
	41
	42	### Delivery and moderation
	43
	44	- Outbound requests are signed over `(request-target) host digest date`; inbound signatures must validate or message is dropped.
	45	- `Digest` headers on inbound POSTs are checked; mismatches receive HTTP 400.
	46	- Deliveries use a retry queue with parameters `queue_retry_max`, `queue_retry_minutes`, `queue_timeout`, and `queue_timeout_2` in `server.json`.
	47	- Messages are rejected if they originate from muted or limited actors, blocked hashtags, or blocked servers.
	48
	49	### Audience and account features
	50
	51	- Visibility modes include Public, Unlisted, Followers-only, and Direct (addressed only to mentioned accounts). Direct replies retain the mention list.
	52	- Users may require follow approvals, hide follower counts, mark accounts as bots, and adjust other publishing preferences.
	53	- Account migration emits ActivityPub `Move` messages to followers and follows the new identity when a compliant `Move` is received.
	54
	55	### Shared inbox handling
	56
	57	- `/shared-inbox` receives the same signature verification, queuing, and moderation treatment as user inboxes.
	58
	59	## Additional documentation
	60
	61	- Full documentation: <https://comam.es/snac-doc/>
	62	- User manual: `doc/snac.1`
	63	- Data formats: `doc/snac.5`
	64	- Administrator manual: `doc/snac.8`
	65	- Release history and other notes: `RELEASE_NOTES.md`