> from my understanding Person vs. Group actor are mutually exclusive, so I can't have both on the same handle right?
Correct, while you can have webfinger resolve both a group actor and person actor from a single handle, that gets messy quickly because how the receiving end handles this is not specified. Mastodon for example only takes the first entry, which crucially means if a community and user have the same handle, then one of the actors is inaccessible to Mastodon.
Here are some quick answers to the open questions:
Should the Person actor have its own inbox?
Yes, the Person actor and the Group actor are two separate identities (as far as anybody outside of your instance is concerned.
Outbox representation — Should the Group's outbox contain the Announce
activities, the inner Create activities, or both?
This is optional (at least for NodeBB). If you investigate NodeBB's actors, all of their outboxes return an empty OrderedCollection because I simply haven't gotten around to it yet, and I don't know many implementations that read it. Federation works fine without it, but it would make sense to follow Lemmy or Piefed's lead here.
Backwards compatibility — Should Madblog support a "hybrid" mode that sends both Create (for Mastodon) and Announce (for threadiverse)?
Mastodon will correctly de-duplicate the object so sending both Create(Note/Article) and Announce(Create(Note/Article)) is fine. The former serves non-threadiverse followers, and the latter ensures threadiverse syncronization capability.
Separate keypair for the Person actor? If the Person actor eventually needs to sign requests (e.g. for inbox delivery), it would need its own keypair.
I believe so. It was trivial for me to just generate keypairs for everybody, so I don't know off-hand whether things break if your Person actor doesn't have one. It might not resolve in some implementations?
<img class="not-responsive emoji" src="
" />
