Another curious #ActivityPub / #MastodonAPI issue.

A Mastodon server is sending me a DELETE message.

The delete is because a user has been deleted.

My server tries to validate the HTTP Signature.

My server looks up the deleted user's main-key.

The user has been deleted so the public key 404s.

My server never acknowledges the delete, so the other server keeps sending me the same request.

So… How do I validate the signature of a deleted user?