Skip to content

Enable RFC 9421 signature by default#2859

Open
obenland wants to merge 6 commits intotrunkfrom
update/rfc9421-default-on
Open

Enable RFC 9421 signature by default#2859
obenland wants to merge 6 commits intotrunkfrom
update/rfc9421-default-on

Conversation

@obenland
Copy link
Member

@obenland obenland commented Feb 2, 2026

Let's enable it by default. The option has been pretty hidden and we've not received any feedback on the feature so far.
It's been working on activitypub.blog (while it was on), so let's default it to true and see what breaks.

Proposed changes:

  • Enable RFC 9421 (HTTP Message Signatures) by default instead of requiring opt-in.

Other information:

  • Have you written new tests for your changes, if applicable?

The existing test coverage applies — this only changes the default value.

Testing instructions:

  • On a fresh install or with the option unset, verify that RFC 9421 signatures are used by default.
  • Confirm the toggle in Settings → ActivityPub → Advanced still works to disable RFC 9421 if needed.
  • Federation should continue working due to the automatic fallback to Draft Cavage on 4xx responses.

Changelog entry

  • Automatically create a changelog entry from the details below.
Changelog Entry Details

Significance

  • Patch

Type

  • Changed - for changes in existing functionality

Message

Enable RFC 9421 HTTP Message Signatures by default.

Change the default value of activitypub_rfc9421_signature from false to
true. The modern HTTP Message Signature standard (RFC 9421) is now used
by default instead of being opt-in.

This is safe because the plugin already has graceful fallback: if RFC
9421 fails (4xx response), it automatically retries with Draft Cavage
signature and caches incompatible hosts for one month.
Copilot AI review requested due to automatic review settings February 2, 2026 10:07
@obenland obenland self-assigned this Feb 2, 2026
@obenland obenland requested a review from a team February 2, 2026 10:07
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR enables RFC 9421 (HTTP Message Signatures) by default for ActivityPub federation, changing from an opt-in to an opt-out configuration. The change maintains backward compatibility through automatic fallback to Draft Cavage signatures on 4xx responses.

Changes:

  • Modified the default value for RFC-9421 signature setting from false to true
  • Added changelog entry documenting this configuration change

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated no comments.

File Description
includes/class-options.php Changed default value of RFC-9421 signature option to enable it by default
.github/changelog/2859-from-description Added changelog entry for the configuration change

The existing pattern uses string comparison with '1', so pass '1' as
the default to get_option() to ensure the setting is enabled when the
option doesn't exist in the database.
@obenland obenland marked this pull request as draft February 2, 2026 10:13
The test_verify_http_signature_with_digest test was designed for Draft
Cavage signatures. With RFC 9421 now enabled by default, explicitly
disable it for this test since it doesn't set the $_SERVER variables
needed for RFC 9421 verification.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants