From 378408226b5e8968313058de4862b9916d08d6e0 Mon Sep 17 00:00:00 2001
From: Hazel K <acomputerdog@gmail.com>
Date: Fri, 26 Jul 2024 22:45:07 -0400
Subject: [PATCH] tweak wording

---
 .config/ci.yml                                             | 3 +++
 .config/docker_example.yml                                 | 3 +++
 .config/example.yml                                        | 3 +++
 chart/files/default.yml                                    | 3 +++
 packages/backend/src/core/activitypub/ApRendererService.ts | 5 +++--
 5 files changed, 15 insertions(+), 2 deletions(-)

diff --git a/.config/ci.yml b/.config/ci.yml
index 02081e5971..44092d3662 100644
--- a/.config/ci.yml
+++ b/.config/ci.yml
@@ -201,6 +201,9 @@ proxyRemoteFiles: true
 # Sign outgoing ActivityPub GET request (default: true)
 signToActivityPubGet: true
 # Sign outgoing ActivityPub Activities (default: true)
+# Linked Data signatures are cryptographic signatures attached to each activity to provide proof of authenticity.
+# When using authorized fetch, this is often undesired as any signed activity can be forwarded to a blocked instance by relays and other instances.
+# This setting allows admins to disable LD signatures for increased privacy, at the expense of fewer relayed activities and additional inbound fetch (GET) requests.
 attachLdSignatureForRelays: true
 # check that inbound ActivityPub GET requests are signed ("authorized fetch")
 checkActivityPubGetSignature: false
diff --git a/.config/docker_example.yml b/.config/docker_example.yml
index 375753e79f..f4645d672d 100644
--- a/.config/docker_example.yml
+++ b/.config/docker_example.yml
@@ -273,6 +273,9 @@ proxyRemoteFiles: true
 # Sign outgoing ActivityPub GET request (default: true)
 signToActivityPubGet: true
 # Sign outgoing ActivityPub Activities (default: true)
+# Linked Data signatures are cryptographic signatures attached to each activity to provide proof of authenticity.
+# When using authorized fetch, this is often undesired as any signed activity can be forwarded to a blocked instance by relays and other instances.
+# This setting allows admins to disable LD signatures for increased privacy, at the expense of fewer relayed activities and additional inbound fetch (GET) requests.
 attachLdSignatureForRelays: true
 # check that inbound ActivityPub GET requests are signed ("authorized fetch")
 checkActivityPubGetSignature: false
diff --git a/.config/example.yml b/.config/example.yml
index 4b6aaae63b..21e85b7b89 100644
--- a/.config/example.yml
+++ b/.config/example.yml
@@ -288,6 +288,9 @@ proxyRemoteFiles: true
 # Sign outgoing ActivityPub GET request (default: true)
 signToActivityPubGet: true
 # Sign outgoing ActivityPub Activities (default: true)
+# Linked Data signatures are cryptographic signatures attached to each activity to provide proof of authenticity.
+# When using authorized fetch, this is often undesired as any signed activity can be forwarded to a blocked instance by relays and other instances.
+# This setting allows admins to disable LD signatures for increased privacy, at the expense of fewer relayed activities and additional inbound fetch (GET) requests.
 attachLdSignatureForRelays: true
 # check that inbound ActivityPub GET requests are signed ("authorized fetch")
 checkActivityPubGetSignature: false
diff --git a/chart/files/default.yml b/chart/files/default.yml
index 7c94bcbea3..aab7ed6ce1 100644
--- a/chart/files/default.yml
+++ b/chart/files/default.yml
@@ -211,6 +211,9 @@ id: "aidx"
 # Sign outgoing ActivityPub GET request (default: true)
 signToActivityPubGet: true
 # Sign outgoing ActivityPub Activities (default: true)
+# Linked Data signatures are cryptographic signatures attached to each activity to provide proof of authenticity.
+# When using authorized fetch, this is often undesired as any signed activity can be forwarded to a blocked instance by relays and other instances.
+# This setting allows admins to disable LD signatures for increased privacy, at the expense of fewer relayed activities and additional inbound fetch (GET) requests.
 attachLdSignatureForRelays: true
 # check that inbound ActivityPub GET requests are signed ("authorized fetch")
 checkActivityPubGetSignature: false
diff --git a/packages/backend/src/core/activitypub/ApRendererService.ts b/packages/backend/src/core/activitypub/ApRendererService.ts
index 8db9199e5d..98fc647a83 100644
--- a/packages/backend/src/core/activitypub/ApRendererService.ts
+++ b/packages/backend/src/core/activitypub/ApRendererService.ts
@@ -793,8 +793,9 @@ export class ApRendererService {
 
 	@bindThis
 	public async attachLdSignature(activity: any, user: { id: MiUser['id']; host: null; }): Promise<IActivity> {
-		// When using authorized fetch, Linked Data signatures are often undesired (as it can allow blocked instances to bypass the check).
-		// We allow admins to disable LD signatures for increased privacy, at the expense of increased incoming fetch (GET) requests.
+		// Linked Data signatures are cryptographic signatures attached to each activity to provide proof of authenticity.
+		// When using authorized fetch, this is often undesired as any signed activity can be forwarded to a blocked instance by relays and other instances.
+		// This setting allows admins to disable LD signatures for increased privacy, at the expense of fewer relayed activities and additional inbound fetch (GET) requests.
 		if (!this.config.attachLdSignatureForRelays) {
 			return activity;
 		}