Enable RFC 9421 signature by default

.github/changelog/2859-from-description

@@ -0,0 +1,4 @@
+Significance: patch
+Type: changed
+
+Enable RFC 9421 HTTP Message Signatures by default.

includes/class-options.php

@@ -288,7 +288,7 @@ public static function register_settings() {
 			array(
 				'type'        => 'boolean',
 				'description' => 'Use RFC-9421 signature.',
-				'default'     => false,
+				'default'     => true,
 			)
 		);
 

includes/class-signature.php

@@ -42,7 +42,7 @@ public static function sign_request( $args, $url ) {
 			return $args;
 		}
 
-		if ( '1' === \get_option( 'activitypub_rfc9421_signature' ) && self::could_support_rfc9421( $url ) ) {
+		if ( '1' === \get_option( 'activitypub_rfc9421_signature', '1' ) && self::could_support_rfc9421( $url ) ) {
 			$signature = new Http_Message_Signature();
 		} else {
 			$signature = new Http_Signature_Draft();

includes/wp-admin/class-advanced-settings-fields.php

@@ -180,7 +180,7 @@ public static function render_authorized_fetch_field() {
 	 * Render RFC-9421 signature field.
 	 */
 	public static function render_rfc9421_signature_field() {
-		$value = \get_option( 'activitypub_rfc9421_signature', '0' );
+		$value = \get_option( 'activitypub_rfc9421_signature', '1' );
 		?>
 		<p>
 			<label>

tests/phpunit/tests/includes/class-test-signature.php

@@ -292,6 +292,9 @@ public function test_unsupported_ec_curve_for_hs2019() {
 	 * @covers ::verify_http_signature
 	 */
 	public function test_verify_http_signature_with_digest() {
+		// Ensure Draft Cavage signature is used for this test.
+		\update_option( 'activitypub_rfc9421_signature', '0' );
+
 		// Create a user and get their keypair.
 		$keys = Actors::get_keypair( 1 );
 
@@ -352,6 +355,7 @@ public function test_verify_http_signature_with_digest() {
 		$this->assertTrue( Signature::verify_http_signature( $request ) );
 
 		\remove_filter( 'activitypub_pre_http_get_remote_object', $mock_remote_key_retrieval );
+		\delete_option( 'activitypub_rfc9421_signature' );
 	}
 
 	/**