@pixelfed
Is there an emerging AP standard for doing this properly?

It sounds to me like AP is definitely not designed for private communications but for publishing instead (to specific audiences if required). Since multiple decent protocols already cover this completely different class of problems, why try and reinvent things?