From fa710057c8ff234d76b75c0bddad6130ae20a779 Mon Sep 17 00:00:00 2001
From: tobi <31960611+tsmethurst@users.noreply.github.com>
Date: Tue, 25 Jun 2024 12:04:45 +0200
Subject: [docs] restructure federation section (#3038)

---
 docs/federation/access_control.md | 11 +++++++++++
 1 file changed, 11 insertions(+)
 create mode 100644 docs/federation/access_control.md

(limited to 'docs/federation/access_control.md')

diff --git a/docs/federation/access_control.md b/docs/federation/access_control.md
new file mode 100644
index 000000000..29a5afbea
--- /dev/null
+++ b/docs/federation/access_control.md
@@ -0,0 +1,11 @@
+# Access Control
+
+GoToSocial uses access control restrictions to protect users and resources from unwanted interactions with remote accounts and instances.
+
+As shown in the [HTTP Signatures](#http-signatures) section, GoToSocial requires all incoming `GET` and `POST` requests from remote servers to be signed. Unsigned requests will be denied with http code `401 Unauthorized`.
+
+Access control restrictions are implemented by checking the `keyId` of the signature (who owns the public/private key pair making the request).
+
+First, the host value of the `keyId` uri is checked against the GoToSocial instance's list of blocked (defederated) domains. If the host is recognized as a blocked domain, then the http request will immediately be aborted with http code `403 Forbidden`.
+
+Next, GoToSocial will check for the existence of a block (in either direction) between the owner of the public key making the http request, and the owner of the resource that the request is targeting. If the GoToSocial user blocks the remote account making the request, then the request will be aborted with http code `403 Forbidden`.
-- 
cgit v1.2.3