Implementing a Keyoxide/DOIP API
I will soon be working on an API for headless operation (implemented primarily in the doip library to make sure everyone can use it and adapt it).
Regarding functionality, it should primarily do what any Keyoxide client currently does: fetch a key and verify the claims. Any other functions it should have?
I think this is also a good moment to revisit and reconsider the implications of having a "reverse search" API. Not that I have fundamentally changed my stance on this issue, but I am open to hearing good arguments.
The beauty of JSON-LD is that you can consider it "just JSON". The Fediverse works on exactly that premise, where devs juggle JSON and add a
@context property for good measure, because ActivityStreams / ActivityPub is a Linked Data standard (JSON-LD).
The only difference to inventing your own API-specific JSON format is that it is beneficial to search for well-known and used or even standardized vocabulary formats. This way, while you develop your own app independently of others, you keep open many opportunities for others to interoperate with you and vice versa.
Some examples of JSON-LD in the wild. HTML metadata you add for reasons of doing SEO (Google stuff). This is based on https://schema.org which gives you Person and Organization definitions. Wikidata is keeping their stuff as Linked Data. But there are a bunch of other standard ontologies / vocabularies to consider, like vcard, foaf.
If need be you can mix'n match properties from different ontologies to create your desired format (see for instance how Mastodon is doing that).
This issue is blocking adding Keyoxide as an "identity provider" in Mastodon: https://github.com/tootsuite/mastodon/issues/13670#issuecomment-832623793
If we had an API that can be queried from Mastodon then Keyoxide could be a first-class citizen (just like Keybase now is).
Deleting a branch is permanent. It CANNOT be undone. Continue?