I do not, ActivityPub uses HTTP signatures to make sure messages and requests from other servers are legit,
Essentially, it adds a “signature” header which contains a link to a users public key, a list of headers in the message and a signed hash of all the headers and the request.
A delicated bot to scrape ActivityPub posts is possible, but generic bots shouldn’t work. If a delicated bot is made, people can block its keys or server anyway.
I doubt they’re crawling stuff over AP, you usually need a HTTP signature for that, and no bot is going to bother with those.
Most crawling would just be spamming the web interface.
If by HTTP signature you mean an SSL certificate signed by an authority, those do not present a burden for bots to obtain any longer.
I do not, ActivityPub uses HTTP signatures to make sure messages and requests from other servers are legit,
Essentially, it adds a “signature” header which contains a link to a users public key, a list of headers in the message and a signed hash of all the headers and the request.
There’s a better explaination here: https://docs.joinmastodon.org/spec/security/
A delicated bot to scrape ActivityPub posts is possible, but generic bots shouldn’t work. If a delicated bot is made, people can block its keys or server anyway.
Signatures are only used to deliver activities to inboxes. The Activitypub json data of posts is usually available without any auth.
A lot of servers require signatures on GET requests as well, for private posts and to block specific people/servers.
Sorry, forgot to whom I was speaking.