FEP-9091: Export Actor Service Endpoint

Warning

このFEPはまだ翻訳されていません。

ここから翻訳に協力することができます。

Summary

This FEP defines an API endpoint used to initiate the "Export Actor" operation. The output and semantics of the result of the export operation is out of scope, and left to subsequent FEPs. The endpoint only specifies how to start the operation, and by extension, how to tell if a given Actor's server supports this operation.

Data Model: Export Service Endpoint

Conforming ActivityPub Actor profiles MUST specify their export API endpoints using the service descriptor property (inspired by the DID Core Services section, and used in other FEPs such as FEP-e3e9: Actor Relative URLs):

  • The expanded type of the service descriptor object MUST be https://w3id.org/fep/9091#Export (see example below).
  • The service property MUST NOT contain more than one node with the #Export type.
    • If a client encounters multiple service descriptor objects with type ending in #Export, the client SHOULD just use the first entry.

Example Actor Profile with Export Service Endpoint

{
  "@context": [
    "https://www.w3.org/ns/activitystreams",
    "https://www.w3.org/ns/did/v1"
  ],
  "id": "https://alice-personal-site.example/actor",
  "type": "Person",
  "name": "Alice",
  "service": [{
    "id": "https://alice-personal-site.example/actor#export",
    "type": "https://w3id.org/fep/9091#Export",
    "serviceEndpoint": "https://alice-personal-site.example/actor/accountExport"
  }]
}

Protocol: Initiating the Export Actor Operation

If a client conforming to this FEP wishes to start the 'Export Actor' process, such as to create a backup of the Actor profile, its private key material, and all content associated with this actor, the client MUST perform the following steps:

  1. Fetch the Actor profile object.
  2. Locate the service description object with the expanded type equal to https://w3id.org/fep/9091#Export.
  3. Locate the corresponding serviceEndpoint URL, in that description object.

    • If no such service description item exists, this means that the server hosting the Actor's profile does not support this operation.
  4. The client makes an HTTP POST to the URL in the serviceEndpoint to initiate the export operation.

    • The client MUST include appropriate authorization credentials that indicate that it is authorized to perform this operation (that it's authorized to receive the highly private result of account export). The exact format of these authorization credentials is out of scope of this FEP.

Example Request and Response

Example synchronous request (with an empty body) and response:

POST /actor/accountExport HTTP/1.1
Host: alice-personal-site.example
Authorization: Bearer ....
Accept: application/x-tar
Content-Length: 0
HTTP/1.1 200 OK
Content-type: application/x-tar
Transfer-Encoding: chunked

<binary data of the resulting .tar file>

参考文献

CC0 1.0 Universal (CC0 1.0) Public Domain Dedication

To the extent possible under law, the authors of this Fediverse Enhancement Proposal have waived all copyright and related or neighboring rights to this work.