@mariusor In the case of Fedify and Hollo, the original author signs with Object Integrity Proofs and the forwarder signs with HTTP Signatures. This way, the recipient can identify both the original author and the forwarder. (Isn't that what you want?)

@hongminhee yes, I guess. However why did you consider the recipient as the right entity to do the signing?

In my mind, this action means that they "vetted" the received activity and decided to forward it, when in actuality it's the server that does both of those things. Ie, in my opinion, the server - through its instance actor - is the entity that assumes the burden of attestating the validity of the forwarded Activity.

I think that servers operating activities on behalf of actors, without these actors explicitly performing an action is a breach of trust between the two.