-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathmls.html
635 lines (618 loc) · 27.2 KB
/
mls.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8" />
<title>Messaging Layer Security over ActivityPub</title>
<script src="https://www.w3.org/Tools/respec/respec-w3c" class="remove" defer></script>
<script class="remove">
// All config options at https://respec.org/docs/
var respecConfig = {
specStatus: "CG-DRAFT",
editors: [{ name: "Evan Prodromou", url: "https://socialwebfoundation.org/@evanp" }],
github: "swicg/activitypub-e2ee",
shortName: "apmls",
xref: ["web-platform", "activitystreams-vocabulary", "activitystreams-core", "activitypub"],
group: "socialcg",
};
</script>
<style>
table td,
table td * {
vertical-align: top;
}
</style>
</head>
<body>
<section id="abstract">
<p>
This specification documents the use of Messaging Layer Security (MLS) over the ActivityPub protocol. MLS is a protocol for end-to-end encryption of group messaging. ActivityPub is a federated social networking protocol. This specification describes how to use MLS to encrypt messages sent over ActivityPub.
</p>
</section>
<section id="sotd">
<p>This is required.</p>
</section>
<section class="informative">
<h2>Introduction</h2>
<p>ActivityPub supports a number of different addressing modes for content that an actor publishes -- either public content addressed to the <code>mls:Public</code> collection, or semi-private content addressed to a collection such as the actor's followers. Content can also be addressed to other actors specifically; this provides a <em>direct messaging</em> feature in the protocol.</p>
<aside class="example">
<p>A <code>Note</code> object addressed from one actor to another.</p>
<pre class="json">
{
"@context":"https://www.w3.org/ns/activitystreams",
"id": "https://example.com/notes/1d310f1d",
"attributedTo": {
"id": "https://example.com/users/886b6cc4",
"type": "Person",
"name": "Evan Prodromou"
},
"to": {
"id": "https://social.example/users/421a67ae",
"type": "Person",
"name": "Alyssa P. Hacker",
"url": "https://social.example/profiles/421a67ae.html"
},
"type": "Note",
"content": "Hello <a href='https://social.example/profiles/421a67ae.html'>@alyssa</a>!",
"published": "2024-11-22T12:34:56Z",
"tag": [
{
"type": "Mention",
"mediaType": "text/html",
"href": "https://social.example/profiles/421a67ae.html",
"name": "@alyssa"
}
]
}
</pre>
</aside>
<p>
User expectations are that direct messages are only readable by the addressed actor(s). The topology of the ActivityPub network, however, introduces several intermediate entities between the sender and the receiver. In particular, the sender's ActivityPub server and the receiver's ActivityPub server receive and store copies of the content. If these servers are operated by entities other than the actor, those entities can inspect the contents of the direct messages, pursuant to the privacy agreement between the user and their server operator.
</p>
<p>
The goals of this specification are to provide an additional level of privacy for the sender and receiver of the direct message, such that intermediaries cannot inspect the contents of the message. Called <dfn>end-to-end encrypted</dfn> or <dfn>E2EE</dfn> messaging, this pattern uses <dfn>public-key encryption</dfn> so that encrypted messages can be sent between actors using publicly-available keys, and decrypted with a corresponding private key available only to the actor. The message is encrypted on the sender's ActivityPub client, and decrypted on the receiver's ActivityPub client. No intermediary has access to the recipient's private key.
</p>
<section>
<h3>User stories</h3>
<p>These are the motivating user stories for this specification.</p>
<ul>
<li><strong>As an ActivityPub user, I can send an encrypted DM to another user without anyone else being able to read it, so that our conversation is private.</strong> (Private messages)</li>
<li><strong>As an ActivityPub user, I can send an encrypted message to 2 or more people, so that we can have private group conversations.</strong> (Group messages)</li>
<li><strong>As an ActivityPub user, I can read my conversation history with another user, so that I can be reminded of what we said before.</strong> (Message history)</li>
<li><strong>As an ActivityPub user, I can attach an encrypted image, video or audio file to my encrypted DM, so that we can communicate privately with different media.</strong> (Attachments)</li>
<li><strong>As an ActivityPub user, I can start a conversation on my desktop computer and move over to my mobile device, so that I can have ubiquitous conversations.</strong> (Multiple clients)</li>
<li><strong>As an ActivityPub user, I can send an encrypted DM to someone using a different platform, so I don’t have to maintain different accounts for different platforms.</strong> (Cross-platform)</li>
<li><strong>As an ActivityPub user, I can block an encrypted DM from someone I don’t know, so I don’t get unsolicited messages.</strong> (DM only from people I know)</li>
<li><strong>As an ActivityPub user, I can send encrypted DMs to someone just by their Webfinger ID (username@domain), so I don’t need extra addressing to send DMs.</strong> (No external identity)</li>
<li><strong>As an ActivityPub user, I can send encrypted messages through a bridge to users on siloed social networks, so that we can communicate across protocols.</strong> (Bridgeable)</li>
<li><strong>As an ActivityPub user, I can delete an encrypted DM, so that I can take back something I wish I hadn’t said.</strong> (Deletable)</li>
<li><strong>As an ActivityPub user, I can confirm that the conversation I’m in is truly end-to-end encrypted and that no intermediate man-in-the-middle has access to the contents, so I and my correspondent can use untrusted servers.</strong> (Verifiable)</li>
<li><strong>As an ActivityPub user, I can move my DMs to another server, so I can maintain data portability.</strong> (Message portability)</li>
<li><strong>As an ActivityPub user, I can create an encrypted DM with a third-party client, so that I don’t have to depend on the server provider, and so that I know that the server provider isn’t snooping.</strong> (Third-party clients)</li>
<li><strong>As an ActivityPub user, I can revoke a device or client from my account, so I can stop any further DMs being viewable on the client if it has fallen into the wrong hands or if I decide they are not trustworthy.</strong> (Revoke a client)</li>
<li><strong>As an ActivityPub user, I want to use a web-based client, so that I don't have to install any software to send messages.</strong> (Web client)</li>
<li><strong>As an ActivityPub user, I don't want to be responsible for managing my encryption keys, because I don't have to do that with other E2EE messaging systems, and it's so easy to make mistakes.</strong> (no manual key management)</li>
</ul>
</section>
<section>
<h3>Non-goals</h3>
<p>For clarity, these goals are explicitly excluded from this specification. Implementers MAY use other techniques to ensure these goals.</p>
<ul>
<li>
<strong>Encrypted metadata</strong>. Addressing, identity, and typing metadata are required for delivery through the ActivityPub network.
</li>
<li>
<strong>Server-side content filtering</strong>. Because the contents are encrypted, servers cannot filter activities or objects based on their content. Clients may filter content after decryption.
</li>
<li>
<strong>Disappearing messages.</strong>. Some end-to-end encrypted messaging systems allow messages to be automatically deleted after a certain time. This is not implemented in the current specification, but the specification is not incompatible with such a feature.
</li>
<li>
<strong>Easy implementation</strong>. The specification used here is based on the MLS protocol, which is a complex protocol with many moving parts. Implementers should consider using libraries or platforms that support MLS to ensure proper implementation.
</li>
<li>
<strong>E2EE for arbitrary activities.</strong> This specification is targeted primarily to text-based messaging with or without attachments. Other activities, such as "Like" or "Follow", are not covered by this specification.
</li>
<li>
<strong>E2EE broadcast</strong>. This specification is targeted primarily to one-to-one or one-to-many messaging. Broadcast distribution, as is common on social networks, is not covered by this specification.
</li>
<li>
<strong>Push API.</strong> ActivityPub does not provide an API structure to push activities or content objects from the server to a connected client. Clients must poll the server for new content. Although push notifications are very useful for real-time messaging, this specification does not extend the ActivityPub API to provide them.
</li>
</ul>
</section>
<section>
<h3>Architecture</h3>
<p>
There are several models for integrating E2EE messaging into ActivityPub. Several were considered by the SocialCG, as detailed in the <a href="https://swicg.github.io/activitypub-e2ee/integration-models">Integration Models</a> document. The model chosen uses an abstract E2EE messaging protocol layered over ActivityPub using the ActivityPub API (client-to-server) and ActivityPub protocol (server-to-server) as the transport.
</p>
<p>
Multiple abstract E2EE messaging protocols were considered, as detailed in the <a href="https://swicg.github.io/activitypub-e2ee/abstract-protocols">Abstract Protocols</a> document. The protocol that most closely matched the technical and intellectual property requirements of the SocialCG was the <a href="https://datatracker.ietf.org/doc/draft-ietf-mls-protocol/">Messaging Layer Security (MLS) protocol</a>. MLS is a protocol for end-to-end encryption of group messaging, and is designed to be secure, efficient, and scalable.
</p>
<p>
To implement the MLS protocol over ActivityPub, this specification provides the following extensions to the ActivityPub and Activity Streams 2.0 vocabulary:
</p>
<ul>
<li>A property of the actor to allow discovering all the public keys of all of the actor's clients.
</li>
<li>A property of the actor to allow reading all of the actor's incoming and outgoing messages that have been created with this protocol.
</li>
<li>A set of object types and properties that map directly to the data types defined by the MLS protocol.
</li>
</ul>
<p>
This document does not specify the details of the MLS protocol, which are defined in <a href="https://datatracker.ietf.org/doc/rfc9420/">RFC 9420</a>. Implementers should refer to that document for the details of the protocol.
</p>
</section>
</section>
<section id="context">
<h2>Context</h2>
<p>
The terms in this document are defined in a context document that can be used in [[JSON-LD]] documents. The
context document is available at <a
href="https://purl.archive.org/socialweb/mls">https://purl.archive.org/socialweb/mls</a>.
</p>
<p>To use these terms, documents should include this context URL in the
<code>@context</code> property of the JSON-LD document.
</p>
<aside class="example">
<p>Example usage of the context.</p>
<pre class="json">
{
"@context": [
"https://www.w3.org/ns/activitystreams",
"https://purl.archive.org/socialweb/mls"
],
"id": "https://example.com/users/evan",
"type": "Person",
"name": "Evan Prodromou",
"mlsKey": [
"https://example.com/keys/evan/client1",
"https://example.com/keys/evan/client2"
]
}
</pre>
</aside>
<p>The context document defines a namespace prefix <code>mls</code> defined as <code>https://purl.archive.org/socialweb/mls#</code>.</p>
<section>
<h3>Version-stamped URLs</h3>
<p>To ease the use of
this context for implementers with strict versioning requirements,
additional URL aliases are provided with versions included. A <a href="https://semver.org/">semantic versioning</a>
strategy is used to convey the guarantees of the version number.
</p>
<table>
<tbody>
<tr>
<th>Version</th>
<th>URL</th>
<th>Notes</th>
</tr>
<tr>
<td>(latest)</td>
<td><a href="https://purl.archive.org/socialweb/mls">https://purl.archive.org/socialweb/mls</a>
</td>
<td>The latest version of the context is always available at this URL. Most implementers can use this URL.</td>
</tr>
<tr>
<td>1.0.0</td>
<td><a
href="https://purl.archive.org/socialweb/mls/1.0.0">https://purl.archive.org/socialweb/mls/1.0.0</a>
</td>
<td>The exact version of the context document. The resource at this URL should be immutable. This URL is useful
for implementers that
need an exact, byte-wise replicable version of the document.
</td>
</tr>
<tr>
<td>1.0.x</td>
<td><a
href="https://purl.archive.org/socialweb/mls/1.0">https://purl.archive.org/socialweb/mls/1.0</a>
</td>
<td>Backwards-compatible fixes are possible, but no additional types or properties are defined. This is useful
for implementers
that use multiple extensions and want to ensure that no
conflicting terms are added.
</td>
</tr>
<tr>
<td>1.x.x</td>
<td><a
href="https://purl.archive.org/socialweb/mls/1">https://purl.archive.org/socialweb/mls/1</a>
</td>
<td>Backwards-compatible fixes, additional types and properties are possible. This is useful for implementers
that want to ensure
that the properties and types they use are stable and will not change, but do not need to avoid term
conflicts.
</td>
</tr>
</tbody>
</table>
<p>Using the version-stamped context URLs is similar to the unstamped URL.</p>
<aside class="example">
<p>Example usage of a version-stamped context URL.</p>
<pre class="json">
{
"@context": [
"https://www.w3.org/ns/activitystreams",
"https://purl.archive.org/socialweb/mls/1.0"
],
"id": "https://example.com/users/evan",
"type": "Person",
"name": "Evan Prodromou",
"mlsKey": [
"https://example.com/keys/evan/client1",
"https://example.com/keys/evan/client2"
]
}
</pre>
</aside>
<p>If backwards-incompatible changes to this context are made in the future, a new major version (2.x.x) would be added and the existing 1.x.x URLs would continue to be provided.</p>
</section>
</section>
<section id="types">
<h2>Types</h2>
<p>This extension includes the object types define by MLS.</p>
<section id="KeyPackage" data-dfn-for="KeyPackage">
<h3>KeyPackage</h3>
<table>
<tbody>
<tr>
<td width="10%">
URI:
</td>
<td>
<code>https://purl.archive.org/socialweb/mls#KeyPackage</code><br>
<code>mls:KeyPackage</code><br>
<code>KeyPackage</code>
</td>
</tr>
<tr>
<td>
Notes:
</td>
<td>
<p>
TBD
</p>
</td>
</tr>
<tr>
<td>Extends:</td>
<td><code><a href="https://www.w3.org/TR/activitystreams-core/#object">Object</a></code></td>
</tr>
<tr>
<td>Properties:</td>
<td>Inherits all properties from <code><a href="https://www.w3.org/TR/activitystreams-core/#object">Object</a></code>.</td>
</tr>
</tbody>
</table>
<aside class="example">
<p>TBD</p>
<pre class="json">
{
"@context": [
"https://www.w3.org/ns/activitystreams",
"https://purl.archive.org/socialweb/mls"
],
"id": "https://example.com/kp/1",
"type": "KeyPackage"
}
</aside>
</section>
<section id="Proposal" data-dfn-for="Proposal">
<h3>Proposal</h3>
<table>
<tbody>
<tr>
<td width="10%">
URI:
</td>
<td>
<code>https://purl.archive.org/socialweb/mls#Proposal</code><br>
<code>mls:Proposal</code><br>
<code>Proposal</code>
</td>
</tr>
<tr>
<td>
Notes:
</td>
<td>
<p>
TBD
</p>
</td>
</tr>
<tr>
<td>Extends:</td>
<td><code><a href="https://www.w3.org/TR/activitystreams-core/#object">Object</a></code></td>
</tr>
<tr>
<td>Properties:</td>
<td>Inherits all properties from <code><a href="https://www.w3.org/TR/activitystreams-core/#object">Object</a></code>.</td>
</tr>
</tbody>
</table>
<aside class="example">
<p>TBD</p>
<pre class="json">
{
"@context": [
"https://www.w3.org/ns/activitystreams",
"https://purl.archive.org/socialweb/mls"
],
"id": "https://example.com/prop/1",
"type": "Proposal"
}
</aside>
</section>
<section id="Commit" data-dfn-for="Commit">
<h3>Commit</h3>
<table>
<tbody>
<tr>
<td width="10%">
URI:
</td>
<td>
<code>https://purl.archive.org/socialweb/mls#Commit</code><br>
<code>mls:Commit</code><br>
<code>Commit</code>
</td>
</tr>
<tr>
<td>
Notes:
</td>
<td>
<p>
TBD
</p>
</td>
</tr>
<tr>
<td>Extends:</td>
<td><code><a href="https://www.w3.org/TR/activitystreams-core/#object">Object</a></code></td>
</tr>
<tr>
<td>Properties:</td>
<td>Inherits all properties from <code><a href="https://www.w3.org/TR/activitystreams-core/#object">Object</a></code>.</td>
</tr>
</tbody>
</table>
<aside class="example">
<p>TBD</p>
<pre class="json">
{
"@context": [
"https://www.w3.org/ns/activitystreams",
"https://purl.archive.org/socialweb/mls"
],
"id": "https://example.com/prop/1",
"type": "Commit"
}
</aside>
</section>
<section id="Welcome" data-dfn-for="Welcome">
<h3>Welcome</h3>
<table>
<tbody>
<tr>
<td width="10%">
URI:
</td>
<td>
<code>https://purl.archive.org/socialweb/mls#Welcome</code><br>
<code>mls:Welcome</code><br>
<code>Welcome</code>
</td>
</tr>
<tr>
<td>
Notes:
</td>
<td>
<p>
TBD
</p>
</td>
</tr>
<tr>
<td>Extends:</td>
<td><code><a href="https://www.w3.org/TR/activitystreams-core/#object">Object</a></code></td>
</tr>
<tr>
<td>Properties:</td>
<td>Inherits all properties from <code><a href="https://www.w3.org/TR/activitystreams-core/#object">Object</a></code>.</td>
</tr>
</tbody>
</table>
<aside class="example">
<p>TBD</p>
<pre class="json">
{
"@context": [
"https://www.w3.org/ns/activitystreams",
"https://purl.archive.org/socialweb/mls"
],
"id": "https://example.com/prop/1",
"type": "Welcome"
}
</aside>
</section>
<section id="GroupInfo" data-dfn-for="GroupInfo">
<h3>GroupInfo</h3>
<table>
<tbody>
<tr>
<td width="10%">
URI:
</td>
<td>
<code>https://purl.archive.org/socialweb/mls#GroupInfo</code><br>
<code>mls:GroupInfo</code><br>
<code>GroupInfo</code>
</td>
</tr>
<tr>
<td>
Notes:
</td>
<td>
<p>
TBD
</p>
</td>
</tr>
<tr>
<td>Extends:</td>
<td><code><a href="https://www.w3.org/TR/activitystreams-core/#object">Object</a></code></td>
</tr>
<tr>
<td>Properties:</td>
<td>Inherits all properties from <code><a href="https://www.w3.org/TR/activitystreams-core/#object">Object</a></code>.</td>
</tr>
</tbody>
</table>
<aside class="example">
<p>TBD</p>
<pre class="json">
{
"@context": [
"https://www.w3.org/ns/activitystreams",
"https://purl.archive.org/socialweb/mls"
],
"id": "https://example.com/prop/1",
"type": "GroupInfo"
}
</aside>
</section>
</section>
<section id="properties">
<h2>Properties</h2>
<section id="mlsKey" data-dfn-for="mlsKey">
<h3>mlsKey</h3>
<table>
<tbody>
<tr>
<td width="10%">
URI:
</td>
<td>
<code>https://purl.archive.org/socialweb/mls#mlsKey</code><br>
<code>mls:mlsKey</code><br>
<code>mlsKey</code>
</td>
</tr>
<tr>
<td>
Notes:
</td>
<td>
<p>
The <code>mlsKey</code> property represents the client keys for an actor. As with other JSON-LD <code>@id</code> properties, its value can be a string for the URL of the key, a JSON object with the properties of the key itself, or an array of strings and/or objects.
</p>
</td>
</tr>
<tr>
<td>Domain:</td>
<td><code>Object</code> (an ActivityPub <a href="https://www.w3.org/TR/activitypub/#actors">Actor</a>)</td>
</tr>
<tr>
<td>Range:</td>
<td><code>Key</code></td>
</tr>
<tr>
<td>Functional:</td>
<td><code>false</code></td>
</tr>
</tbody>
</table>
<aside class="example">
<p>An ActivityPub actor with an <code>mlsKey</code> property.</p>
<pre class="json">
{
"@context": [
"https://www.w3.org/ns/activitystreams",
"https://purl.archive.org/socialweb/mls"
],
"id": "https://example.com/users/alyssa",
"type": "Person",
"name": "Alyssa P. Hacker",
"inbox": "https://example.com/users/alyssa/inbox",
"outbox": "https://example.com/users/alyssa/outbox",
"followers": "https://example.com/users/alyssa/followers",
"following": "https://example.com/users/alyssa/following",
"liked": "https://example.com/users/alyssa/liked",
"mlsKey": "https://example.com/users/alyssa/key"
}
</pre>
</aside>
</section>
<section id="mlsKey" data-dfn-for="mlsKey">
<h3>mlsConversations</h3>
<table>
<tbody>
<tr>
<td width="10%">
URI:
</td>
<td>
<code>https://purl.archive.org/socialweb/mls#mlsConversations</code><br>
<code>mls:mlsConversations</code><br>
<code>mlsConversations</code>
</td>
</tr>
<tr>
<td>
Notes:
</td>
<td>
<p>
The <code>mlsConversations</code> property represents the secure conversations the actor has participated in. It is an <code>OrderedCollection</code> of <code>OrderedCollection</code> objects. Each ordered collection represents the messages in a conversation. The conversations are ordered in reverse chronological order by the most recently initiated conversation. The messages in each conversation are ordered in reverse chronological order. A conversation with more recent messages may be ordered later in the <code>mlsConversations</code> collection than one with older messages that was initiated later.
</p>
</td>
</tr>
<tr>
<td>Domain:</td>
<td><code>Object</code> (an ActivityPub <a href="https://www.w3.org/TR/activitypub/#actors">Actor</a>)</td>
</tr>
<tr>
<td>Range:</td>
<td><code>OrderedCollection</code></td>
</tr>
<tr>
<td>Functional:</td>
<td><code>true</code></td>
</tr>
</tbody>
</table>
<aside class="example">
<p>An ActivityPub actor with an <code>mlsKey</code> property.</p>
<pre class="json">
{
"@context": [
"https://www.w3.org/ns/activitystreams",
"https://purl.archive.org/socialweb/mls"
],
"id": "https://example.com/users/alyssa",
"type": "Person",
"name": "Alyssa P. Hacker",
"inbox": "https://example.com/users/alyssa/inbox",
"outbox": "https://example.com/users/alyssa/outbox",
"followers": "https://example.com/users/alyssa/followers",
"following": "https://example.com/users/alyssa/following",
"liked": "https://example.com/users/alyssa/liked",
"mlsConversations": "https://example.com/users/alyssa/mlsConversations"
}
</pre>
</aside>
</section>
</section>
<section id="conformance">
<p>
This is required for specifications that contain normative material.
</p>
</section>
</body>
</html>