diff --git a/.gitignore b/.gitignore
index bf175b1f9..0f2c8b645 100755
--- a/.gitignore
+++ b/.gitignore
@@ -49,12 +49,15 @@ view/theme/*
 view/theme/redbasic/schema/default.php
 # Doxygen API documentation, run 'doxygen util/Doxyfile' to generate it
 doc/html/
-# zotsh configuration files
-.zotshrc
+# nsh configuration files
+.nshrc
 # external repositories for themes/addons
 extend/
 # files generated by phpunit
+.phpunit.result.cache
 tests/results/
+tests/.phpunit.result.cache
+tests/.phpunit.cache
 
 ## exclude IDE files
 # config files and folders from Eclipse
@@ -69,10 +72,6 @@ nbproject/
 *.kdev4
 # PHPStorm
 .idea/
-.phpunit.result.cache
-tests/.phpunit.result.cache
-tests/.phpunit.cache
-
 
 ## composer
 # locally installed composer binary
diff --git a/Code/Lib/Activity.php b/Code/Lib/Activity.php
index 3e4830024..c37c9e3a9 100644
--- a/Code/Lib/Activity.php
+++ b/Code/Lib/Activity.php
@@ -1679,6 +1679,7 @@ class Activity
                 $ret['outbox'] = z_root() . '/outbox/' . $c['channel_address'];
                 $ret['followers'] = z_root() . '/followers/' . $c['channel_address'];
                 $ret['following'] = z_root() . '/following/' . $c['channel_address'];
+                $ret['webfinger'] = 'acct:' . $c['channel_address'] . '@' . App::get_hostname();
                 $ret['wall'] = z_root() . '/outbox/' . $c['channel_address'];
 
                 $ret['endpoints'] = [
@@ -4862,7 +4863,8 @@ class Activity
             'https://w3id.org/security/v1',
             'https://www.w3.org/ns/did/v1',
             'https://w3id.org/security/multikey/v1',
-        //    'https://w3id.org/security/data-integrity/v1',
+            'https://w3id.org/security/data-integrity/v1',
+            'https://purl.archive.org/socialweb/webfinger',
             self::ap_schema($contextType)
         ]];
     }
diff --git a/Code/Module/Inbox.php b/Code/Module/Inbox.php
index 372a85b13..6a72d5c8e 100644
--- a/Code/Module/Inbox.php
+++ b/Code/Module/Inbox.php
@@ -68,11 +68,15 @@ class Inbox extends Controller
         // By convention, fediverse server-to-server communications require a valid HTTP Signature
         // which includes a signed digest header.
 
-        if (!($hsig['header_signed'] && $hsig['header_valid'] && $hsig['content_signed'] && $hsig['content_valid'])) {
-            http_status_exit(403, 'Permission denied');
-        }
 
         $AS = new ActivityStreams($data, portable_id: $hsig['portable_id']);
+        // FEP-8b32 valid object signatures take priority over HTTP-Signatures
+        if (!$AS->sigok) {
+            if (!($hsig['header_signed'] && $hsig['header_valid'] && $hsig['content_signed'] && $hsig['content_valid'])) {
+                http_status_exit(403, 'Permission denied');
+            }
+        }
+
         if (
             $AS->is_valid() && $AS->type === 'Announce' && is_array($AS->obj)
             && array_key_exists('object', $AS->obj) && array_key_exists('actor', $AS->obj)
diff --git a/util/nsh b/util/nsh
index b90b3928a..e14a26e1c 100755
--- a/util/nsh
+++ b/util/nsh
@@ -24,8 +24,6 @@ USER = None
 PASSWD = None
 VERIFY_SSL=True
 
-
-
 class Completer():
 
     matches  = []