c/ietf-draft-analyzer
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

v0.3.0: Gap-to-Draft pipeline, Living Standards Observatory, blog series

Browse Source 
Gap-to-Draft Pipeline (ietf pipeline):
- Context builder assembles ideas, RFC foundations, similar drafts, ecosystem vision
- Generator produces outlines + sections using rich context with Claude
- Quality gates: novelty (embedding similarity), references, format, self-rating
- Family coordinator generates 5-draft ecosystem (AEM/ATD/HITL/AEPB/APAE)
- I-D formatter with proper headers, references, 72-char wrapping

Living Standards Observatory (ietf observatory):
- Source abstraction with IETF + W3C fetchers
- 7-step update pipeline: snapshot, fetch, analyze, embed, ideas, gaps, record
- Static GitHub Pages dashboard (explorer, gap tracker, timeline)
- Weekly CI/CD automation via GitHub Actions

Also includes:
- 361 drafts (expanded from 260 with 6 new keywords), 403 authors, 1,262 ideas, 12 gaps
- Blog series (8 posts planned), reports, arXiv paper figures
- Agent team infrastructure (CLAUDE.md, scripts, dev journal)
- 5 new DB tables, schema migration, ~15 new query methods

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Christian Nennemann
2026-03-04 00:48:57 +01:00
parent be9cf9c5d9
commit d6beb9c0a0
87 changed files with 24471 additions and 401 deletions
Download Patch File Download Diff File Expand all files Collapse all files

201
data/reports/authors.md
View File

@@ -1,109 +1,134 @@
# Author & Organization Network
*Generated 2026-02-28 10:40 UTC — 403 unique authors across 260 drafts*
*Generated 2026-03-03 19:58 UTC — 557 unique authors across 361 drafts*
## Top Authors by Draft Count
| # | Author | Organization | Drafts | Categories |
|--:|--------|-------------|-------:|------------|
| 1 | Bing Liu | Huawei | 21 | A2A protocols, AI safety/alignment, Agent discovery / registration |
| 2 | Nan Geng | Huawei | 19 | A2A protocols, AI safety/alignment, Agent discovery / registration |
| 3 | Zhenbin Li | Huawei | 19 | A2A protocols, AI safety/alignment, Agent discovery / registration |
| 4 | Qiangzhou Gao | Huawei | 18 | A2A protocols, AI safety/alignment, Agent discovery / registration |
| 5 | Xiaotong Shang | Huawei | 17 | A2A protocols, AI safety/alignment, Agent discovery / registration |
| 6 | Jianwei Mao | Huawei | 11 | A2A protocols, AI safety/alignment, Agent discovery/reg |
| 7 | Aijun Wang | China Telecom | 8 | A2A protocols, Agent discovery / registration, Agent discovery/reg |
| 8 | Yong Cui | Tsinghua University | 8 | A2A protocols, AI safety/alignment, Agent discovery / registration |
| 9 | Guanming Zeng | Huawei | 7 | A2A protocols, Agent discovery/reg, Autonomous netops |
| 10 | Göran Selander | Ericsson | 7 | A2A protocols, Agent discovery/reg, Agent identity/auth |
| 11 | Michael Richardson | Sandelman Software Works | 7 | Agent discovery/reg, Agent identity/auth, Autonomous netops |
| 12 | Jonathan Rosenberg | Five9 | 7 | A2A protocols, AI safety/alignment, Agent discovery/reg |
| 13 | Madhava Gaikwad | | 6 | A2A protocols, Agent discovery/reg, Agent identity/auth |
| 14 | Pat White | Bitwave | 6 | A2A protocols, AI safety/alignment, Agent discovery/reg |
| 15 | Cullen Fluffy Jennings | Cisco | 6 | A2A protocols, AI safety/alignment, Agent discovery / registration |
| 16 | Li Zhang | Huawei Technologies | 5 | A2A protocols, Agent discovery / registration, Agent discovery/reg |
| 17 | Tirumaleswar Reddy.K | Nokia | 5 | Agent identity/auth, Data formats/interop |
| 18 | Roland Schott | Deutsche Telekom | 5 | A2A protocols, Agent discovery/reg, Agent identity/auth |
| 19 | John Preuß Mattsson | Ericsson | 5 | A2A protocols, Agent discovery/reg, Agent identity/auth |
| 20 | Chenguang Du | Zhongguancun Laboratory | 4 | A2A protocols, Agent discovery / registration, Agent discovery/reg |
| 21 | Mengyao Han | China Unicom | 4 | A2A protocols, Agent discovery/reg, Agent identity/auth |
| 22 | Aritra Banerjee | Nokia | 4 | Agent identity/auth |
| 23 | Peter Chunchi Liu | Huawei | 4 | A2A protocols, AI safety/alignment, Agent identity/auth |
| 24 | Xueting Li | China Telecom | 4 | A2A protocols, Agent discovery/reg, Agent identity/auth |
| 25 | Lidia Pocero Fraile | ISI, R.C. ATHENA | 4 | A2A protocols, Agent identity/auth |
| 26 | Meiling Chen | China Mobile | 4 | A2A protocols, AI safety / guardrails / alignment, AI safety/alignment |
| 27 | Christos Koulamas | ISI, R.C. ATHENA | 4 | A2A protocols, Agent identity/auth |
| 28 | Marco Tiloca | RISE AB | 4 | A2A protocols, Agent identity/auth, Data formats/interop |
| 29 | Diego Lopez | Telefonica | 4 | A2A protocols, AI safety/alignment, Agent discovery/reg |
| 30 | Li Su | China Mobile | 4 | A2A protocols, AI safety / guardrails / alignment, AI safety/alignment |
| 1 | Bing Liu | Huawei | 23 | A2A protocols, AI safety/alignment, Agent discovery / registration |
| 2 | Zhenbin Li | Huawei | 21 | A2A protocols, AI safety/alignment, Agent discovery / registration |
| 3 | Nan Geng | Huawei | 20 | A2A protocols, AI safety/alignment, Agent discovery / registration |
| 4 | Qiangzhou Gao | Huawei | 20 | A2A protocols, AI safety/alignment, Agent discovery / registration |
| 5 | Xiaotong Shang | Huawei | 19 | A2A protocols, AI safety/alignment, Agent discovery / registration |
| 6 | Jianwei Mao | Huawei | 14 | A2A protocols, AI safety/alignment, Agent discovery/reg |
| 7 | Guanming Zeng | Huawei | 13 | A2A protocols, Agent discovery/reg, Autonomous netops |
| 8 | Qin Wu | Huawei | 10 | A2A protocols, Agent discovery / registration, Agent discovery/reg |
| 9 | Jonathan Rosenberg | Five9 | 10 | A2A protocols, AI safety/alignment, Agent discovery/reg |
| 10 | Cullen Fluffy Jennings | Cisco | 9 | A2A protocols, AI safety/alignment, Agent discovery / registration |
| 11 | Luis M. Contreras | Telefonica | 8 | Autonomous netops, Data formats/interop, ML traffic mgmt |
| 12 | Aijun Wang | China Telecom | 8 | A2A protocols, Agent discovery / registration, Agent discovery/reg |
| 13 | Yong Cui | Tsinghua University | 8 | A2A protocols, AI safety/alignment, Agent discovery / registration |
| 14 | Sun Qiong | China Telecom | 7 | A2A protocols, Agent discovery/reg, Autonomous netops |
| 15 | Chongfeng Xie | China Telecom | 7 | A2A protocols, Agent discovery/reg, Autonomous netops |
| 16 | Göran Selander | Ericsson | 7 | A2A protocols, Agent discovery/reg, Agent identity/auth |
| 17 | Qing Li | Pengcheng Laboratory | 7 | A2A protocols, Agent discovery/reg, Agent identity/auth |
| 18 | Michael Richardson | Sandelman Software Works | 7 | Agent discovery/reg, Agent identity/auth, Autonomous netops |
| 19 | Madhava Gaikwad | | 6 | A2A protocols, Agent discovery/reg, Agent identity/auth |
| 20 | Yong Jiang | Tsinghua Shenzhen International Graduate School & Pengcheng Laboratory | 6 | A2A protocols, Agent discovery/reg, Agent identity/auth |
| 21 | Pat White | Bitwave | 6 | A2A protocols, AI safety/alignment, Agent discovery/reg |
| 22 | Mengyao Han | China Unicom | 6 | A2A protocols, AI safety/alignment, Agent discovery/reg |
| 23 | Zongpeng Du | China Mobile | 6 | A2A protocols, Agent discovery / registration, Agent discovery/reg |
| 24 | Suhas Nandakumar | Cisco | 6 | A2A protocols, Agent discovery / registration, Agent discovery/reg |
| 25 | Bo Wu | Huawei | 6 | A2A protocols, Autonomous netops, Data formats/interop |
| 26 | Fred Templin | Boeing | 6 | A2A protocols, Autonomous netops, Data formats/interop |
| 27 | Muhammad Awais Jadoon | InterDigital | 5 | A2A protocols, Autonomous netops, Data formats/interop |
| 28 | Li Zhang | Huawei | 5 | A2A protocols, Agent discovery / registration, Agent discovery/reg |
| 29 | Diego Lopez | Telefonica | 5 | A2A protocols, AI safety/alignment, Agent discovery/reg |
| 30 | Tirumaleswar Reddy.K | Nokia | 5 | Agent identity/auth, Data formats/interop |
## Top Organizations
| # | Organization | Authors | Drafts |
|--:|-------------|--------:|-------:|
| 1 | Huawei | 30 | 25 |
| 2 | China Mobile | 17 | 19 |
| 3 | Huawei Technologies | 12 | 18 |
| 4 | China Telecom | 17 | 15 |
| 5 | China Unicom | 19 | 14 |
| 6 | Cisco | 10 | 12 |
| 7 | Tsinghua University | 7 | 11 |
| 8 | Independent | 10 | 9 |
| 9 | Cisco Systems | 10 | 9 |
| 10 | Sandelman Software Works | 1 | 7 |
| 11 | Independent Researcher | 4 | 7 |
| 12 | Five9 | 1 | 7 |
| 13 | Zhongguancun Laboratory | 4 | 6 |
| 14 | ZTE Corporation | 8 | 6 |
| 15 | Bitwave | 1 | 6 |
| 16 | Nokia | 2 | 5 |
| 17 | Inria | 5 | 5 |
| 18 | Unaffiliated | 1 | 4 |
| 19 | Telefonica | 2 | 4 |
| 20 | ISI, R.C. ATHENA | 4 | 4 |
| 1 | Huawei | 53 | 66 |
| 2 | China Mobile | 24 | 35 |
| 3 | Cisco | 24 | 26 |
| 4 | Independent | 19 | 25 |
| 5 | China Telecom | 24 | 24 |
| 6 | China Unicom | 22 | 21 |
| 7 | Tsinghua University | 13 | 16 |
| 8 | ZTE Corporation | 12 | 12 |
| 9 | Five9 | 1 | 10 |
| 10 | Ericsson | 4 | 9 |
| 11 | Google | 5 | 9 |
| 12 | Telefonica | 2 | 8 |
| 13 | Pengcheng Laboratory | 8 | 8 |
| 14 | BUPT | 14 | 7 |
| 15 | Futurewei | 3 | 7 |
| 16 | Sandelman Software Works | 1 | 7 |
| 17 | Zhongguancun Laboratory | 4 | 6 |
| 18 | Amazon | 6 | 6 |
| 19 | Inria | 6 | 6 |
| 20 | CAICT | 8 | 6 |
## Strongest Collaboration Pairs
## Team Blocs
*Persistent co-author teams (>= 70% pairwise draft overlap, >= 3 shared drafts).*
| # | Team | Members | Shared Drafts | Cohesion | Key Authors |
|--:|------|--------:|-----:|--------:|------------|
| 1 | Huawei team (12) | 12 | 23 | 96% | B. Liu, Z. Li, Q. Gao, N. Geng, X. Shang, J. Mao +6 |
| 2 | Cisco team (5) | 5 | 13 | 100% | J. Rosenberg, C. Jennings, S. Nandakumar, P. White, I. Swett |
| 3 | Huawei team (8) | 8 | 6 | 98% | Q. Wu, Y. Hong, J. Youn, G. Fioccola, C. Pignataro, P. Martinez-Julia +2 |
| 4 | China Telecom team (5) | 5 | 6 | 88% | L. Contreras, C. Xie, S. Qiong, B. Wu, L. Dunbar |
| 5 | Ericsson team (5) | 5 | 6 | 100% | G. Selander, J. Mattsson, M. Vučinić, F. Lopez-Gomez, R. Marin-Lopez |
| 6 | Pengcheng Laboratory team (4) | 4 | 6 | 100% | Q. Li, Y. Jiang, M. Xu, H. Wang |
| 7 | China Telecom team (6) | 6 | 5 | 100% | A. Wang, M. Yu, J. Li, Z. Liu, C. Yang, Z. Li |
| 8 | InterDigital Europe team (4) | 4 | 5 | 92% | M. Jadoon, C. Bernardos, A. Mourad, S. Robitzsch |
| 9 | Zhongguancun Laboratory team (4) | 4 | 5 | 94% | Y. Cui, C. Du, L. Zhang, M. Xing |
| 10 | Centec Networks team (6) | 6 | 4 | 100% | Z. Du, Q. Xiong, Z. Li, J. Zhao, J. Wang, W. Cheng |
| 11 | Infoblox, Inc. team (4) | 4 | 4 | 100% | R. Schott, B. Sarikaya, J. Mozley, N. Williams |
| 12 | ISI, R.C. ATHENA team (4) | 4 | 4 | 100% | E. Haleplidis, L. Fraile, A. Fournaris, C. Koulamas |
| 13 | Nokia team (2) | 2 | 4 | 100% | T. Reddy.K, A. Banerjee |
| 14 | China Mobile team (2) | 2 | 4 | 100% | M. Chen, L. Su |
| 15 | Department of Computer Science & Engineering team (3) | 3 | 3 | 100% | J. Jeong, Y. Ahn, Y. Kim |
| 16 | RISE team (2) | 2 | 3 | 100% | M. Tiloca, R. Höglund |
| 17 | Huawei team (2) | 2 | 3 | 100% | P. Liu, N. Yuan |
| 18 | China Unicom team (2) | 2 | 3 | 100% | H. Zhengxin, Z. Ruan |
## Top Collaboration Pairs
*Excluding intra-bloc pairs (see Team Blocs above).*
| Author A | Author B | Shared Drafts |
|----------|----------|-----:|
| Bing Liu | Nan Geng | 18 |
| Zhenbin Li | Qiangzhou Gao | 18 |
| Zhenbin Li | Nan Geng | 18 |
| Bing Liu | Zhenbin Li | 17 |
| Bing Liu | Qiangzhou Gao | 17 |
| Bing Liu | Xiaotong Shang | 17 |
| Zhenbin Li | Xiaotong Shang | 17 |
| Qiangzhou Gao | Nan Geng | 17 |
| Qiangzhou Gao | Xiaotong Shang | 17 |
| Nan Geng | Xiaotong Shang | 17 |
| Zhenbin Li | Jianwei Mao | 10 |
| Jianwei Mao | Nan Geng | 10 |
| Bing Liu | Jianwei Mao | 9 |
| Jianwei Mao | Qiangzhou Gao | 9 |
| Jianwei Mao | Xiaotong Shang | 9 |
| Jonathan Rosenberg | Pat White | 6 |
| Jianwei Mao | Guanming Zeng | 6 |
| John Preuß Mattsson | Göran Selander | 5 |
| Bing Liu | Li Zhang | 5 |
| Bing Liu | Guanming Zeng | 5 |
| Jianwei Mao | Guanming Zeng | 9 |
| Bing Liu | Guanming Zeng | 7 |
| Zhenbin Li | Guanming Zeng | 7 |
| Qiangzhou Gao | Guanming Zeng | 7 |
| Guanming Zeng | Xiaotong Shang | 7 |
| Nan Geng | Guanming Zeng | 6 |
| Qin Wu | Guanming Zeng | 3 |
| Martin Thomson | Gary Illyes | 2 |
| Yong Cui | Xiaohui Xie | 2 |
| Qing Li | Teng Gao | 2 |
| Aijun Wang | Xueting Li | 2 |
| Quan Xiong | Han Zhengxin | 2 |
| Ran Pang | Han Zhengxin | 2 |
| Ran Pang | Mengyao Han | 2 |
| Ran Pang | Zheng Ruan | 2 |
| Han Zhengxin | Mengyao Han | 2 |
| Mengyao Han | Zheng Ruan | 2 |
| Yong Jiang | Teng Gao | 2 |
| Eliot Lear | Michael Richardson | 1 |
| Eliot Lear | Steffen Fries | 1 |
## Cross-Organization Collaboration
| Org A | Org B | Shared Drafts |
|-------|-------|-----:|
| Five9 | Bitwave | 6 |
| China Telecom | Huawei | 8 |
| China Unicom | Huawei | 7 |
| China Mobile | ZTE Corporation | 7 |
| China Mobile | Huawei | 7 |
| Futurewei | Huawei | 6 |
| Bitwave | Five9 | 6 |
| Cisco | Five9 | 6 |
| Tsinghua University | Zhongguancun Laboratory | 5 |
| Huawei | China Mobile | 4 |
| Huawei | China Unicom | 4 |
| China Mobile | ZTE Corporation | 3 |
| Five9 | Cisco | 3 |
| Huawei | China Telecom | 3 |
| Unaffiliated | Deutsche Telekom | 3 |
| Unaffiliated | Infoblox, Inc. | 3 |
| AWS | University of Waterloo | 2 |
| Aryaka | JPMorgan Chase & Co | 2 |
| Aryaka | Oracle | 2 |
| Aryaka | Telefonica | 2 |
| Beijing University of Posts and
Telecommunications | China Telecom | 2 |
| Beijing University of Posts and
Telecommunications | Tsinghua University | 2 |
| China Unicom | ZTE Corporation | 5 |
| Huawei | Telefonica | 5 |
| Cisco | Google | 5 |
| Futurewei | Telefornica | 5 |
| China Telecom | Futurewei | 5 |
| Huawei | Telefornica | 5 |
| China Telecom | Telefornica | 5 |

148
data/reports/blog-post.md Normal file
View File

@@ -0,0 +1,148 @@
# The IETF's AI Agent Gold Rush: 260 Drafts, 403 Authors, and a 4:1 Safety Deficit
*An automated analysis of every AI/agent Internet-Draft submitted to the IETF*
---
The Internet Engineering Task Force is in the middle of an AI agent standardization sprint. We built an automated analyzer to fetch, categorize, and rate every AI- and agent-related Internet-Draft currently in the IETF pipeline. The numbers tell a story of breakneck activity, deep geopolitical concentration, and a worrying gap between the protocols being built and the safety guardrails that should accompany them.
Here's what we found.
## By the Numbers
- **260** Internet-Drafts related to AI agents
- **403** unique authors from **184** distinct organizations
- **1,262** technical ideas extracted and classified
- **12** standardization gaps identified (3 critical)
The drafts span eight categories. The biggest clusters are data formats and interoperability (102 drafts), agent identity and authentication (98), and agent-to-agent communication protocols (92). Safety and alignment? Just 36 drafts. Human-agent interaction? Only 22.
That's a **4:1 ratio** of capability-building to safety work.
## Who's Writing These Drafts
The organizational leaderboard is striking. **Huawei** leads by a wide margin: 39 authors contributing to 45 drafts. The next largest contributors are independent researchers (16 authors, 21 drafts) and Cisco (23 authors, 20 drafts).
Chinese-linked institutions dominate the top ranks. Huawei, China Mobile, China Telecom, China Unicom, Tsinghua University, ZTE Corporation, Zhongguancun Laboratory, BUPT (Beijing University of Posts and Telecommunications), and CAICT collectively account for over 120 authors. While IETF drafts don't carry national flags, the concentration of authorship from organizations in a single country is notable.
Western tech companies have a comparatively thin presence. Ericsson has 2 authors on 7 drafts. Nokia has 2 authors on 5. Amazon has 6 authors on 6 drafts. Google, Apple, and Microsoft are largely absent.
## The Team Bloc Pattern
When we analyzed co-authorship patterns, a clear structure emerged: persistent team blocs — groups of authors who co-sign most or all of the same drafts together.
We detected **33 team blocs** covering **102 of 403 authors** (25%). Each bloc is a group where members share at least 70% pairwise draft overlap. The largest is a **13-person Huawei team** that co-authors 22 drafts together at 94% internal cohesion. Five core members — Bing Liu, Nan Geng, Zhenbin Li, Qiangzhou Gao, and Xiaotong Shang — appear on 17-21 drafts each, and virtually all of their work overlaps.
Other significant blocs include:
| Team | Members | Shared Drafts | Cohesion |
|------|--------:|-----:|--------:|
| Huawei (main team) | 13 | 22 | 94% |
| Ericsson + Inria + Univ. of Murcia | 5 | 6 | 100% |
| Five9 + Bitwave | 2 | 6 | 100% |
| China Telecom + BUPT + Tsinghua | 6 | 5 | 100% |
| Zhongguancun Lab + Tsinghua | 4 | 5 | 94% |
| ISI, R.C. ATHENA | 4 | 4 | 100% |
| Nokia | 2 | 4 | 100% |
This matters because raw "collaboration pair" analysis is misleading without accounting for team structure. When five people co-author 17 drafts, you get 10 pairwise edges that all show 17 shared drafts — drowning out the more interesting cross-team connections. Once we filter out intra-bloc pairs, the real cross-pollination picture emerges: it's sparse. The top cross-team pair (Jonathan Rosenberg and Cullen Fluffy Jennings, bridging Five9/Bitwave and Cisco) shares only 3 drafts. Most cross-team pairs share just 1.
## Cross-Organization Collaboration
The strongest cross-org links are:
| Org A | Org B | Shared Drafts |
|-------|-------|-----:|
| China Unicom | Huawei | 6 |
| Bitwave | Five9 | 6 |
| Tsinghua University | Zhongguancun Laboratory | 5 |
| Ericsson | Inria | 4 |
| Cisco | Sandelman Software Works | 4 |
| China Mobile | ZTE Corporation | 4 |
The Chinese organizations form a tightly linked ecosystem. Huawei collaborates with China Unicom (6 shared drafts), China Mobile (4), China Telecom (3), CAICT (3), and Telefonica (3). The academic institutions — Tsinghua, BUPT, Zhongguancun Lab — form their own cluster with overlapping authorship into the telecom operators.
European cross-org collaboration exists but is thinner: Ericsson partners with Inria and the University of Murcia on lightweight authentication protocols (EDHOC, EAP). The U.S. picture is fragmented, with small startup pairs (Five9 + Bitwave on agent communication protocols) and Cisco's collaboration with Sandelman Software Works on IoT device identity.
## What's Being Built
The 1,262 extracted technical ideas break down as:
- **488 mechanisms** — concrete technical solutions (authentication flows, routing algorithms, token formats)
- **217 architectures** — system designs and reference models
- **179 protocols** — full protocol specifications
- **169 patterns** — reusable design approaches
- **99 extensions** — additions to existing standards (OAuth, SCIM, DNS)
- **93 requirements** — formal requirement documents
The most recurring idea across the corpus is **Multi-Agent Communication Protocol**, appearing in 8 separate drafts — a clear sign of fragmentation where multiple teams are tackling the same problem independently.
The highest-rated drafts (scored on novelty, maturity, overlap, momentum, and relevance on a 1-5 scale) are:
1. **draft-aylward-daap-v2** (4.8) — Comprehensive AI agent accountability protocol with authentication, monitoring, and enforcement
2. **draft-guy-bary-stamp-protocol** (4.6) — Cryptographic delegation and proof system for AI agent task execution
3. **draft-drake-email-tpm-attestation** (4.6) — Hardware attestation for email using TPM verification chains
4. **draft-ietf-lake-app-profiles** (4.6) — Canonical CBOR representation for EDHOC application profiles
The average score across all 260 drafts is 3.38. The range runs from 1.6 (draft-liu-access-collaboration-agent) to 4.8.
## The 12 Gaps
Our gap analysis compared the existing 260 drafts and 1,262 ideas against what would be needed for real-world deployment of autonomous AI agent systems. We found 12 gaps — areas where standardization work is missing or inadequate.
### Critical Gaps (3)
**1. Agent Behavior Verification.** No mechanisms to verify that deployed agents actually behave according to their declared policies. The gap between stated capabilities and runtime behavior validation is entirely unaddressed. Only 36 of 260 drafts touch safety/alignment.
**2. Agent Resource Management.** No framework for managing computational resources, memory, and processing power across distributed AI agents. Drafts focus on communication but ignore resource contention.
**3. Agent Error Recovery and Rollback.** No standards for cascading failure handling or rollback mechanisms for autonomous decisions. One draft (draft-yue-anima-agent-recovery-networks) begins to address this; the rest ignore it.
### High-Priority Gaps (6)
- **Cross-Protocol Translation** — With 92 competing A2A protocols, there's no interoperability framework. Zero technical ideas found addressing this.
- **Multi-Agent Consensus Mechanisms** — No frameworks for groups of agents to resolve conflicting decisions without human intervention.
- **Human Override and Intervention** — Only 22 human-agent interaction drafts vs. 60 autonomous operations drafts. No emergency override protocols.
- **Agent Lifecycle Management** — Registration is covered but versioning, updates, and graceful retirement are not.
- **Cross-Domain Security Boundaries** — Identity management exists but cross-domain trust isolation does not.
- **Dynamic Trust and Reputation** — Static certificates can't scale to long-running agent ecosystems.
### Medium-Priority Gaps (3)
- **Agent Performance Monitoring** — No observability standards for production agent deployments.
- **Agent Explainability Standards** — No protocols for agents to explain their decisions.
- **Agent Data Provenance** — 102 data format drafts but no provenance tracking.
## The Safety Deficit
The most concerning finding is the structural imbalance between capability and safety work. The numbers:
| Focus Area | Drafts |
|------------|-------:|
| A2A protocols | 92 |
| Autonomous operations | 60 |
| Agent identity/auth | 98 |
| **AI safety/alignment** | **36** |
| **Human-agent interaction** | **22** |
For every draft addressing how to keep AI agents safe, roughly four drafts are building new capabilities for those agents. The human oversight category — arguably the most important for preventing autonomous systems from causing harm — receives the least attention of any major category.
The three critical gaps (behavior verification, resource management, error recovery) all relate to what happens when autonomous agents fail or misbehave. These are precisely the scenarios where absent standards will hurt the most.
## What It All Means
The IETF's AI agent standards landscape in early 2026 looks like a gold rush: lots of activity, heavy investment from a concentrated set of players, and a focus on staking claims rather than building infrastructure.
Three observations stand out:
**1. The fragmentation problem is real.** Eight separate drafts proposing multi-agent communication protocols. Ninety-two A2A protocol drafts with no interoperability layer. The most common technical idea in the entire corpus appears in just 8 of 260 drafts. Teams are working in parallel, not together.
**2. Authorship concentration creates standards risk.** When 13 people from one organization co-author 22 drafts at 94% cohesion, the standards process risks reflecting a single implementation perspective. The IETF's strength is rough consensus from diverse implementors. That diversity is thin here.
**3. The safety work needs to catch up.** The 4:1 capability-to-safety ratio is not sustainable. Before these protocols reach deployment, the community needs answers to questions like: How do you verify an agent is doing what it claims? How do you roll back an autonomous decision? How does a human stop a misbehaving agent?
The IETF has navigated technology gold rushes before — the early web, IoT, DNS security. In each case, the lasting standards came from diverse coalitions focused on interoperability and safety, not from the fastest drafters. The AI agent wave will likely follow the same pattern. The question is whether the safety work catches up before the protocols ship.
---
*Analysis conducted using a custom IETF Draft Analyzer that fetches drafts via the Datatracker API, rates them using Claude, extracts technical ideas, detects collaboration patterns, and identifies standardization gaps. Data current as of March 1, 2026. All 260 drafts, 403 authors, and 1,262 ideas are available in the project's SQLite database.*

326
data/reports/blog-series/00-series-overview.md Normal file
View File

@@ -0,0 +1,326 @@
# Blog Series: The IETF's AI Agent Standards Race
## Series Overview and Narrative Arc
*Architectural design document governing the 7-post blog series. This document has two sections: (A) the internal narrative architecture (for the team), and (B) the reader-facing series introduction (for publication).*
---
# PART A: NARRATIVE ARCHITECTURE (Internal)
## Overall Thesis
**The IETF's AI agent standardization effort is the largest, fastest-growing, and most consequential standards race in a decade -- but it is building the highways before the traffic lights.**
The data tells a story in three acts:
1. **The Gold Rush** (Posts 1-2): An explosion of activity, concentrated in surprising hands. 361 drafts, 36x growth in 9 months, one company writing 18% of all drafts, Western tech giants dramatically underrepresented.
2. **The Fragmentation** (Posts 3-4): That activity is not converging. 120 competing A2A protocols with no interoperability layer. 14 OAuth-for-agents proposals that cannot coexist. A 4:1 ratio of capability-building to safety work. Critical gaps where nobody is building at all.
3. **The Path Forward** (Posts 5-6): The raw material for a solution exists -- **628 technical ideas** independently proposed by multiple organizations show where genuine consensus is forming. But convergence on components is not convergence on architecture. The missing piece is not more protocols; it is connective tissue: a shared execution model, human oversight primitives, protocol interoperability, and assurance profiles.
The throughline is a question: **Can the IETF assemble the architecture before the protocols ship without it?**
---
## Narrative Arc Diagram
```
TENSION
^
| Post 6: THE BIG PICTURE
| / (resolution: here's
| / what the ecosystem
| Post 4: THE GAPS -----+ actually needs)
| / (climax: what \
| / nobody's building) \
| Post 3 / Post 5 \
| FRAGMENTATION CONVERGENCE \
| / (escalation: (628 cross-org \
| / competing for solutions) Post 7
| / protocols) HOW WE
|/ BUILT THIS
Post 1 Post 2
GOLD RUSH WHO WRITES
(hook: the THE RULES
numbers) (stakes:
geopolitics)
+-----------------------------------------------------------> TIME/POSTS
```
**The emotional arc**: Wow, this is huge (Post 1) -> Wait, who controls it? (Post 2) -> Oh no, it is fragmenting (Post 3) -> And the most important parts are missing (Post 4, the climax) -> But beneath the chaos, organizations actually agree on 628 ideas (Post 5) -> Here is what the finished picture looks like (Post 6, the resolution) -> And here is how we figured all this out (Post 7, the coda).
---
## Per-Post Design
### Post 1: "The IETF's AI Agent Gold Rush"
**File**: `01-gold-rush.md`
**Word count**: 1800-2200
**Base**: Existing draft at `data/reports/blog-post.md`, needs update from 260 to 361 drafts
**Key thesis**: The IETF is experiencing an unprecedented standardization sprint around AI agents, with growth rates not seen since the early web standards era.
**Key data points to include**:
- 361 drafts (up from 260 after keyword expansion with mcp, agentic, inference, generative, intelligent, aipref)
- 36x growth: 2 drafts/month (Jun 2025) to 72 drafts/month (Feb 2026)
- 557 authors from 230 organizations
- 10+ categories, with data formats/interop (145), A2A protocols (120), and identity/auth (108) leading
- Average quality score: ~3.38/5.0 (range 1.35-4.8)
- Top-rated drafts: VOLT (4.8), DAAP (4.8), STAMP (4.6), TPM-attestation (4.6)
- 4:1 safety deficit ratio (first mention -- this becomes the recurring motif)
**What makes it worth reading alone**: The sheer numbers. Nobody else has quantified this. The 36x growth curve is the hook.
**Ends with**: Teaser for Post 2 -- "But who is writing all these drafts? The answer is more concentrated than you'd expect."
---
### Post 2: "Who's Writing the Rules for AI Agents?"
**File**: `02-who-writes-the-rules.md`
**Word count**: 2000-2500
**Key thesis**: The standards that will govern AI agents are being written by a remarkably concentrated set of authors, with geopolitical implications that the IETF community has not reckoned with.
**Key data points to include**:
- Huawei: 53 authors, 66 drafts, 18% of all drafts (up from 12% pre-expansion)
- The 13-person Huawei bloc: 22 shared drafts, 94% cohesion, core 7 (B. Liu, N. Geng, Z. Li, Q. Gao, X. Shang, J. Mao, G. Zeng) each on 13-23 drafts
- Chinese institutional ecosystem: Huawei (53) + China Mobile (24) + China Telecom (24) + China Unicom (22) + Tsinghua (13) + ZTE (12) + BUPT (14) + Pengcheng Lab (8) + Zhongguancun Lab (4) = 160+ authors
- Western underrepresentation: Google now visible (5 authors, 9 drafts) but dramatically small relative to market position. Microsoft, Apple still largely absent. Amazon has 6 authors on 6 drafts (PQ crypto, not agent-specific).
- 18 team blocs covering ~25% of 557 authors
- Cross-org collaboration is sparse: top cross-team pair (Rosenberg-Jennings, Five9/Cisco) shares only 3 drafts
- Ericsson + Inria team focused narrowly on EDHOC/post-quantum (5 people, 6 drafts, 100% cohesion)
- JPMorgan + Telefonica + Oracle on transitive attestation (Western financial sector emerging)
- Chinese orgs form a tightly linked ecosystem: Huawei-China Unicom (6 shared drafts), Tsinghua-Zhongguancun Lab (5), China Mobile-ZTE (4)
**Structural insight**: Team blocs inflate apparent collaboration. When you account for intra-bloc pairs, cross-pollination between groups is thin. The landscape is a collection of islands, not a network.
**What makes it worth reading alone**: The geopolitics angle. The Huawei concentration is a genuine story. The Western absence is the surprise.
**Ends with**: "These 18 teams are not just writing separate drafts -- they are writing separate futures. The fragmentation runs deeper than authorship."
---
### Post 3: "The OAuth Wars and Other Protocol Battles"
**File**: `03-oauth-wars.md`
**Word count**: 2000-2500
**Key thesis**: The AI agent standards landscape is not just growing -- it is fragmenting. Multiple teams are solving the same problems independently, producing incompatible solutions that will impose real costs on implementers.
**Key data points to include**:
- 14-draft OAuth-for-agents cluster: aap-oauth-profile, aylward-daap-v2, barney-caam, chen-ai-agent-auth, chen-oauth-rar, goswami-agentic-jwt, jia-oauth-scope, liu-agent-operation-auth, liu-oauth-a2a, oauth-ai-agents-on-behalf-of-user, rosenberg-oauth-aauth, song-oauth-ai-agent-auth, song-oauth-ai-agent-collaborate, yao-agent-auth
- 10-draft Agent Gateway cluster
- 25+ near-duplicate draft pairs (>0.98 similarity)
- 42 topical clusters at 0.85 similarity threshold, 34 at 0.90
- 120 A2A protocol drafts with no interoperability layer
- Near-duplicate taxonomy: same-draft/different-WG (14), renamed (5), evolution (3), competing (2)
- Specific examples of WG shopping: draft submitted to both NMRG and OPSAWG, or both individual and WG track
**Structural insight**: Three causes of fragmentation: (1) WG shopping -- authors submit to multiple WGs hoping one sticks. (2) Parallel invention -- teams in isolation solving the same problem. (3) Strategic duplication -- organizations maximizing surface area. The data lets us distinguish these.
**What makes it worth reading alone**: The concrete examples. 14 ways to do OAuth for agents. People share this out of horrified fascination.
**Ends with**: "Fragmentation is costly but fixable -- teams can converge. The deeper problem is what nobody is building at all."
---
### Post 4: "What Nobody's Building (And Why It Matters)"
**File**: `04-what-nobody-builds.md`
**Word count**: 2000-2500
**THIS IS THE CLIMAX OF THE SERIES.**
**Key thesis**: The most dangerous gaps in AI agent standardization are not where competing solutions exist -- they are where no solutions exist at all. The three critical gaps address what happens when autonomous agents fail or misbehave, and these scenarios have received almost no attention.
**Key data points to include**:
- 12 gaps total: 3 critical, 6 high, 3 medium
- **Critical Gap 1: Behavior Verification** -- no mechanisms to verify agents follow declared policies. 44 safety drafts vs 361 total.
- **Critical Gap 2: Resource Management** -- 93 autonomous netops drafts, no agent-specific resource management framework.
- **Critical Gap 3: Error Recovery and Rollback** -- only 6 ideas from 1 draft (the starkest absence in the corpus).
- **High Gap: Cross-Protocol Translation** -- 120 A2A protocols, zero ideas for cross-protocol interop.
- **High Gap: Human Override** -- 30 human-agent drafts vs 120 A2A vs 93 autonomous netops. CHEQ exists but no emergency override protocol.
- The 4:1 ratio revisited: safety deficit is not just numerical, it is structural. Safety requires cross-WG coordination that the bloc structure cannot produce.
- Gap severity correlates with coordination difficulty
**For each critical gap, include a scenario**: "What goes wrong if this is never addressed?" -- make the gaps concrete and visceral.
**What makes it worth reading alone**: The fear factor. This is the "what keeps you up at night" post.
**Ends with**: "The gaps are real. But so are the solutions -- 628 ideas that multiple organizations independently agree on, scattered across the corpus with no connective tissue."
---
### Post 5: "Where 361 Drafts Converge (And Where They Don't)"
**File**: `05-1262-ideas.md`
**Word count**: 2000-2500
**Key thesis**: Beneath the fragmentation, genuine consensus is forming. **628 technical ideas** have been independently proposed by 2+ organizations -- cross-org convergence signals that reveal what the industry actually agrees on, regardless of which protocol camp they belong to.
**IMPORTANT NOTE ON FRAMING**: Our pipeline extracts ~5 ideas per draft mechanically (avg 4.9). The raw count (~1,780) is inflated and not the story. The story is which ideas survive cross-org validation -- the 628 that appear across different organizations. That is the defensible, meaningful metric. The raw extraction count should appear only in methodology context, not as a headline number.
**Key data points to include**:
- **628 cross-org convergent ideas** (ideas in 2+ drafts from different organizations) -- the headline metric
- Top convergence: "A2A Communication Paradigm" (8 orgs, 5 countries), "AI Agent Network Architecture" (8 orgs), "Multi-Agent Communication Protocol" (7 orgs)
- Org-pair overlap matrix: Chinese intra-bloc alignment (Huawei-China Unicom: 32 shared ideas) vs thin cross-regional signal (Ericsson-Inria: 21)
- Cross-org ideas that span Chinese-Western divide: 180 ideas (genuine cross-cultural consensus)
- Gap-to-convergence mapping: which gaps have cross-org attention, which have none?
- The "big 6" ambitious proposals: VOLT, ECT, CHEQ, STAMP, DAAP, ADL -- standout ideas regardless of convergence metrics
- The absent ideas: capability degradation signaling, multi-agent transaction semantics, agent migration, privacy-preserving discovery, agent cost/billing
**Structural insight**: Convergence and fragmentation coexist. Teams agree on WHAT needs building (628 ideas converge). They disagree on HOW (120 competing A2A protocols). The gap between "what" and "how" is where architecture is needed.
**What makes it worth reading alone**: The cross-org convergence data is actionable -- builders can see which ideas have multi-org backing vs single-team proposals.
**Ends with**: "628 ideas the industry agrees on, 12 gaps nobody is filling, and a question: what would it look like if someone drew the big picture?"
---
### Post 6: "Drawing the Big Picture: What the Agent Ecosystem Actually Needs"
**File**: `06-big-picture.md`
**Word count**: 2000-2500
**THIS IS THE RESOLUTION AND CAPSTONE.**
**Key thesis**: The landscape needs not more protocols but connective tissue -- a holistic ecosystem architecture providing a shared execution model (DAGs), human oversight primitives, protocol-agnostic interoperability, and assurance profiles that work from dev to regulated production.
**Key data points to include**:
- Full synthesis: 361 drafts, 557 authors, 628 cross-org convergent ideas, 12 gaps, 18 team blocs, 42 overlap clusters
- The proposed 5-draft ecosystem: AEM (architecture), ATD (task DAG), HITL (human-in-the-loop), AEPB (protocol binding), APAE (assurance profiles)
- How this builds on existing work: SPIFFE (identity), WIMSE (security context), ECT (execution evidence)
- The dual-regime insight: same execution model must work in K8s (fast/relaxed) AND regulated environments (proofs/attestation)
- Predictions based on data trajectories
- What builders should do TODAY: which drafts to watch, which gaps to fill, which patterns to adopt
**Structural insight**: The ecosystem needs five layers and existing work covers ~60%. Missing pieces: (1) DAG orchestration semantics, (2) HITL as first-class, (3) protocol translation, (4) assurance profiles. These map precisely to the critical and high-severity gaps.
**What makes it worth reading alone**: The vision. The forward-looking piece people share with their teams.
**Ends with**: "The IETF has navigated standardization sprints before. The drafts are being written. The question is whether architecture or fragmentation wins the race."
---
### Post 7: "How We Built This: Analyzing 361 IETF Drafts with Claude and Ollama"
**File**: `07-how-we-built-this.md`
**Word count**: 1500-2000
**Key thesis**: LLM-powered document analysis at scale is practical, cheap, and effective -- with careful engineering around caching, cost optimization, and hybrid model strategies.
**Key data points to include**:
- Pipeline: fetch (Datatracker API) -> analyze (Claude Sonnet) -> embed (Ollama nomic-embed-text) -> ideas (Claude Haiku, batched) -> gaps (Claude Sonnet)
- Cost: ~$3.16 for 260 drafts; Haiku batch mode cut costs ~10x for idea extraction
- Hybrid strategy: Claude for analysis (reasoning), Ollama for embeddings (local, free, fast)
- Caching via llm_cache table (SHA256 prompt hash) -- zero waste on re-runs
- Tech: Python + Click + SQLite + FTS5 + httpx + rich + anthropic SDK + ollama
- 13 CLI commands, 13+ visualizations, 11 report types
**What makes it worth reading alone**: Practical engineering details for anyone building similar systems.
**Ends with**: Cross-link to Post 8 (the meta post about the agent team).
---
## Recurring Motifs (thread across all posts)
1. **The 4:1 Safety Deficit**: Introduced in Post 1, deepened in Post 4, resolved in Post 6. The series' signature metric.
2. **The Highway/Traffic Light Metaphor**: The IETF is building highways (protocols) before traffic lights (safety, verification, override). Use sparingly but consistently.
3. **Fragmentation vs. Architecture**: Bottom-up protocol proliferation vs. top-down ecosystem design. Posts 3 and 6 are the poles of this tension.
4. **Concentration and Absence**: Huawei's dominance and Western absence. Introduced in Post 2, revisited in Post 6.
5. **The Islands Problem**: Team blocs as islands. Ideas cluster within orgs. Cross-pollination is thin. The ecosystem needs bridges, not more islands.
---
## Data Needs Per Post (for the Analyst)
| Post | Data Needed |
|------|-------------|
| 1 | Updated counts (361), category breakdown with new drafts, growth timeline, score distribution |
| 2 | Author/org rankings (refreshed for 361), bloc details, cross-org matrix, Chinese vs Western counts |
| 3 | OAuth cluster details (14 drafts with approaches), near-duplicate pairs, overlap clusters, A2A count |
| 4 | Full gap details, per-gap idea counts, safety ratio, category vs gap matrix |
| 5 | Full idea taxonomy, cross-org idea overlap, common ideas, unique ideas, idea-to-gap mapping |
| 6 | Synthesis: top-level stats, gap fill estimates, category growth rates, WG adoption signals |
| 7 | Pipeline stats: API call counts, costs, cache hit rates, timing |
---
## Missing Analyses the Coder Should Build
1. **Category Trend Analysis** (Posts 1, 3, 6): Monthly breakdown per category. Growth rates. Which accelerating, which plateauing?
2. **RFC Cross-Reference Map** (Posts 5, 6): Which RFCs do the 361 drafts build on? Reveals the foundation layer.
3. **Cross-Org Idea Overlap** (Post 5): Ideas in 2+ drafts from different orgs = genuine consensus signal.
4. **Draft Status / WG Adoption** (Post 6): Which drafts adopted by WGs? Which past -00? Traction vs aspiration.
---
## Tone and Style
- **Data-driven but narrative**: Every claim backed by a number, every number wrapped in a story.
- **Authoritative but accessible**: Analysis, not advocacy. Let the data argue.
- **Opinionated where data supports it**: The safety deficit is a problem. Fragmentation is costly. Concentration is concerning.
- **Name names**: Specific drafts, authors, organizations. This is journalism.
- **Lead with surprise**: Each post opens with its most unexpected finding.
- **End with forward link**: Each post teases the next.
- **1500-2500 words per post**: Dense enough to be substantial, short enough to finish.
---
# PART B: READER-FACING SERIES INTRODUCTION
*What happens when the internet's standards body tries to build the rules for AI agents -- in real time, with 361 drafts, 557 authors, and a 4:1 safety deficit?*
---
## About This Series
The Internet Engineering Task Force is in the middle of the largest, fastest-growing standards race in a decade. In fifteen months, AI- and agent-related Internet-Drafts went from **0.5% to 9.3%** of all IETF submissions -- nearly 1 in 10. We built an automated analyzer to fetch, categorize, rate, and map every one of them.
This series tells the story of what we found: explosive growth, deep fragmentation, a concerning safety deficit, and hidden patterns that reveal where the real power lies and where the real risks lurk.
## The Posts
| # | Title | What You'll Learn |
|---|-------|-------------------|
| 1 | [The IETF's AI Agent Gold Rush](01-gold-rush.md) | The numbers: 361 drafts, 0.5% to 9.3% growth in 15 months, and a 4:1 capability-to-safety ratio |
| 2 | [Who's Writing the Rules for AI Agents?](02-who-writes-the-rules.md) | The geopolitics: Huawei's 13-person bloc, Chinese institutional dominance, Western underrepresentation |
| 3 | [The OAuth Wars and Other Battles](03-oauth-wars.md) | The fragmentation: 14 competing OAuth drafts, 120 A2A protocols with no interop |
| 4 | [What Nobody's Building (And Why It Matters)](04-what-nobody-builds.md) | The gaps: 12 missing standards, 3 critical, and what goes wrong without them |
| 5 | [Where 361 Drafts Converge (And Where They Don't)](05-1262-ideas.md) | The convergence: 628 cross-org ideas reveal genuine consensus beneath the fragmentation |
| 6 | [Drawing the Big Picture](06-big-picture.md) | The vision: what the agent ecosystem actually needs and what comes next |
| 7 | [How We Built This](07-how-we-built-this.md) | The methodology: analyzing 361 drafts with Claude, Ollama, and Python |
## How to Read
**Linear (recommended)**: 1 -> 2 -> 3 -> 4 -> 5 -> 6 -> 7
**By interest**:
- **Executives / decision-makers**: Post 1 (overview) -> Post 4 (gaps) -> Post 6 (vision)
- **Standards participants**: Post 2 (who's writing) -> Post 3 (fragmentation) -> Post 5 (ideas) -> Post 6 (vision)
- **Builders / implementers**: Post 4 (gaps) -> Post 5 (ideas) -> Post 6 (vision) -> Post 7 (methodology)
Each post stands alone, but they build on each other. If you read one, make it **Post 4** -- the gaps analysis is the most consequential finding.
## The Data
All findings come from our open-source IETF Draft Analyzer, which fetches drafts via the Datatracker API, rates them using Claude, extracts technical ideas, detects collaboration patterns via co-authorship analysis, and identifies standardization gaps. Data current as of March 2026.
| Stat | Value |
|------|-------|
| Drafts analyzed | 361 |
| Authors mapped | 557 |
| Organizations | 230 |
| Cross-org convergent ideas | 628 |
| Gaps identified | 12 (3 critical) |
| Team blocs detected | 18 |
| Analysis cost | ~$9 |
---
*Designed by the Architect agent, 2026-03-03.*

136
data/reports/blog-series/01-gold-rush.md Normal file
View File

@@ -0,0 +1,136 @@
# The IETF's AI Agent Gold Rush: 361 Drafts, 557 Authors, and the Race to Define How AI Agents Talk
*Fifteen months ago, AI agents barely registered at the IETF. Today, nearly 1 in 10 new Internet-Drafts is about AI agents. We analyzed every one.*
---
For every Internet-Draft addressing how to keep an AI agent safe, roughly four are building new capabilities for it. That is the single most important number in this analysis.
We built an automated pipeline to fetch, categorize, rate, and map every AI- and agent-related Internet-Draft currently in the IETF system. We found **361 drafts** from **557 authors** at **230 organizations** and identified **12 standardization gaps** -- three of them critical. The result is the most comprehensive public analysis of the IETF's AI agent landscape to date.
The story the data tells is not subtle: the internet's most important standards body is in the middle of a gold rush, and the prospectors are moving faster than the safety inspectors.
## The Growth Curve
In 2024, just **9 AI/agent-related drafts** were submitted to the IETF -- **0.5%** of all submissions. By Q1 2026, AI/agent drafts account for **9.3%** of all new Internet-Drafts. Nearly 1 in 10.
| Year | Total IETF Drafts | AI/Agent Drafts | AI Share |
|------|------------------:|----------------:|---------:|
| 2021 | 1,108 | ~0 | ~0% |
| 2022 | 1,121 | ~0 | ~0% |
| 2023 | 1,241 | ~0 | ~0% |
| 2024 | 1,651 | 9 | 0.5% |
| 2025 | 2,696 | 190 | 7.0% |
| 2026 (Q1) | 1,748 | 162 | 9.3% |
The IETF itself accelerated 2.4x from 2021 to 2025. But AI/agent work went from essentially zero to dominant topic in under two years. The acceleration is not gradual. It is a step function that began in mid-2025 and has not slowed.
This growth is driven by a convergence of forces: the explosion of commercial AI agent deployments (ChatGPT plugins, Anthropic's Claude tools, Google's Gemini agents), the emergence of protocols like MCP and A2A that need standardization, and the recognition across the industry that AI agents communicating over the internet without agreed-upon identity, security, and interoperability standards is a problem that gets worse every month it goes unaddressed.
(A note on methodology: our pipeline searches the Datatracker for 12 keywords -- `agent`, `ai-agent`, `llm`, `autonomous`, `machine-learning`, `artificial-intelligence`, `mcp`, `agentic`, `inference`, `generative`, `intelligent`, and `aipref` -- across both draft names and abstracts. We started with 6 keywords and 260 drafts, then expanded to 12 to capture MCP-related work, generative AI infrastructure, and intelligent networking. The full methodology is in [Post 7](07-how-we-built-this.md).)
The drafts span eight categories, and the distribution reveals priorities:
| Category | Drafts | Share |
|----------|-------:|------:|
| Data formats and interoperability | 145 | 40% |
| A2A protocols | 120 | 33% |
| Agent identity and authentication | 108 | 30% |
| Autonomous network operations | 93 | 26% |
| Policy and governance | 91 | 25% |
| ML traffic management | 73 | 20% |
| Agent discovery and registration | 65 | 18% |
| AI safety and alignment | 44 | 12% |
| Model serving and inference | 42 | 12% |
| Human-agent interaction | 30 | 8% |
Note that drafts can belong to multiple categories, so percentages exceed 100%. The dominance of plumbing -- data formats, identity, and communication protocols -- is expected for an early-stage standards effort. What is unexpected is how little attention the safety and human-oversight categories receive.
The ecosystem's DNA is visible in what it cites. We parsed **4,231 cross-references** from the drafts, and the foundation is clear: **TLS 1.3** (RFC 8446, cited by 42 drafts), **OAuth 2.0** (RFC 6749, 36 drafts), **HTTP Semantics** (RFC 9110, 34 drafts), and **JWT** (RFC 7519, 22 drafts). The agent identity/auth category is essentially built on top of the OAuth stack. The entire landscape stands on a security foundation -- which makes the 4:1 safety deficit all the more jarring.
## The Safety Deficit
The ratio is stark:
| Focus Area | Drafts |
|------------|-------:|
| A2A protocols | 120 |
| Autonomous operations | 93 |
| Agent identity/auth | 108 |
| **AI safety/alignment** | **44** |
| **Human-agent interaction** | **30** |
For every draft about keeping agents safe, approximately four are building new capabilities. For every draft about human-agent interaction, there are more than four about agents operating autonomously. The community is building the highways and forgetting the traffic lights.
This is not an abstract concern. Imagine an AI agent managing cloud infrastructure that detects a spurious anomaly, autonomously scales down a critical service, and triggers a cascading outage across three availability zones. Today, there is no standard mechanism to verify that the agent followed its declared policy before acting. No standard way to roll back the decision once the cascade begins. No standard protocol for a human operator to issue an emergency stop. The three critical gaps our analysis identified -- behavior verification, resource management, and error recovery -- are all about what happens when things go wrong. And in a world of autonomous AI agents, things will go wrong.
The safety drafts that do exist are often among the highest-rated in our analysis. [draft-aylward-daap-v2](https://datatracker.ietf.org/doc/draft-aylward-daap-v2/) -- a comprehensive accountability protocol -- and [draft-cowles-volt](https://datatracker.ietf.org/doc/draft-cowles-volt/) -- a tamper-evident execution trace format -- each scored 4.8 out of 5, the highest in the entire corpus. [draft-birkholz-verifiable-agent-conversations](https://datatracker.ietf.org/doc/draft-birkholz-verifiable-agent-conversations/), which defines verifiable conversation records using cryptographic signing, scored 4.5. The quality is there. The quantity is not.
## Who's Writing the Drafts
The organizational picture is as revealing as the technical one. The top contributors:
| Organization | Authors | Drafts |
|-------------|--------:|-------:|
| Huawei | 53 | 66 |
| China Mobile | 24 | 35 |
| Cisco | 24 | 26 |
| Independent | 19 | 25 |
| China Telecom | 24 | 24 |
| China Unicom | 22 | 21 |
| Tsinghua University | 13 | 16 |
| ZTE Corporation | 12 | 12 |
| Five9 | 1 | 10 |
| Ericsson | 4 | 9 |
**Huawei** leads by a wide margin: **53 authors** contributing to **66 drafts** -- 18% of the entire corpus. But the concentration goes deeper than raw numbers -- the next post will examine the team bloc structure, geopolitics, and what the collaboration network reveals about where power really lies.
Cisco and China Mobile each have 24 authors, but China Mobile's team produces 35 drafts to Cisco's 26. Ericsson has only 4 authors but punches above its weight with 9 focused drafts. Independent contributors account for 25 drafts -- a healthy sign of grassroots engagement.
## The Fragmentation Problem
The drafts are not just numerous; they are redundant. Our embedding-based similarity analysis found **25+ draft pairs** with greater than 0.98 cosine similarity -- functionally identical proposals submitted under different names.
The most crowded space is OAuth for AI agents: **14 separate drafts** all trying to solve how AI agents authenticate and get authorized. They range from broad framework proposals ([draft-aap-oauth-profile](https://datatracker.ietf.org/doc/draft-aap-oauth-profile/)) to narrow extensions ([draft-jia-oauth-scope-aggregation](https://datatracker.ietf.org/doc/draft-jia-oauth-scope-aggregation/)) to full accountability systems ([draft-aylward-daap-v2](https://datatracker.ietf.org/doc/draft-aylward-daap-v2/)). None are compatible with each other.
Beyond OAuth, the broader A2A protocol landscape includes **120 drafts** with no interoperability layer. The most common technical idea in the entire corpus -- "Multi-Agent Communication Protocol" -- appears in 8 separate drafts from different teams. And the fragmentation goes deeper than protocols: of roughly 1,700 technical ideas extracted from the corpus, **96% appear in exactly one draft**. Everyone is solving the same problem. Nobody is solving it together.
This fragmentation has real costs. Implementers face confusion over which draft to follow. The IETF process slows as competing proposals vie for working group adoption. And the longer competing drafts proliferate without convergence, the higher the risk of incompatible deployments that entrench fragmentation rather than resolving it.
## What the Best Drafts Look Like
Not everything is chaos. Our quality ratings -- scoring novelty, maturity, overlap avoidance, momentum, and relevance on a 1-5 scale -- surface drafts that are doing the hard work well:
| Draft | Score | What It Does |
|-------|------:|-------------|
| [draft-aylward-daap-v2](https://datatracker.ietf.org/doc/draft-aylward-daap-v2/) | 4.8 | Comprehensive AI agent accountability with authentication, monitoring, enforcement |
| [draft-guy-bary-stamp-protocol](https://datatracker.ietf.org/doc/draft-guy-bary-stamp-protocol/) | 4.6 | Cryptographic delegation and proof for agent task execution |
| [draft-drake-email-tpm-attestation](https://datatracker.ietf.org/doc/draft-drake-email-tpm-attestation/) | 4.6 | Hardware attestation for email via TPM verification chains |
| [draft-ietf-lake-app-profiles](https://datatracker.ietf.org/doc/draft-ietf-lake-app-profiles/) | 4.6 | Canonical CBOR for EDHOC application profiles |
| [draft-birkholz-verifiable-agent-conversations](https://datatracker.ietf.org/doc/draft-birkholz-verifiable-agent-conversations/) | 4.5 | Verifiable agent conversation records with COSE signing |
The average score across all rated drafts is 3.38. The best work combines clear problem definition with concrete mechanisms and low overlap with existing proposals. The worst drafts are me-too proposals that restate problems already solved elsewhere.
## What Comes Next
The IETF has navigated technology gold rushes before -- the early web, IoT, DNS security. In each case, the first wave of competing proposals eventually converged, and the lasting standards came from those who focused on interoperability and safety alongside capability.
The AI agent wave is following the same early pattern. The landscape has quantity. The question is whether it develops architecture -- and whether the safety work catches up before the capability work ships without it.
This blog series will dig into the questions the data raises. The next post starts with the most fundamental: who, exactly, is writing the rules?
---
### Key Takeaways
- **361 drafts** from **557 authors** at **230 organizations** -- AI/agent work went from **0.5% to 9.3%** of all IETF submissions in 15 months
- The **4:1 ratio** of capability-building to safety drafts is the most concerning structural finding
- **Huawei** dominates authorship with 53 authors on 66 drafts (18% of corpus); Chinese-linked institutions account for 160+ authors
- **14 competing OAuth-for-agents proposals** illustrate deep fragmentation; 120 A2A protocol drafts have no interoperability layer
- **12 standardization gaps** remain, with the 3 most critical all relating to what happens when agents fail
*Next in this series: [Who's Writing the Rules for AI Agents?](02-who-writes-the-rules.md) -- Inside the team blocs, geopolitics, and collaboration networks behind the IETF's AI agent standards.*
---
*Analysis conducted using the IETF Draft Analyzer. Data current as of March 2026. All 361 drafts, 557 authors, and full analysis data are available in the project's SQLite database.*

170
data/reports/blog-series/02-who-writes-the-rules.md Normal file
View File

@@ -0,0 +1,170 @@
# Who's Writing the Rules for AI Agents?
*Inside the team blocs, geopolitics, and collaboration networks shaping the future of AI agent standards.*
---
Thirteen people from one company co-author 22 Internet-Drafts at 94% internal cohesion. Their work covers agent networking, identity management, communication protocols, and network troubleshooting. Together, they represent the single most coordinated standards-writing campaign in the IETF's AI agent space.
They all work at Huawei.
This is the story of who is writing the rules for AI agents, what their collaboration networks reveal, and why the geography of authorship matters more than most people realize.
## The Numbers Behind the Names
Our analysis mapped **557 unique authors** from **230 organizations** across the 361 AI/agent drafts in the IETF pipeline. But those topline numbers mask extreme concentration.
| Organization | Authors | Drafts |
|-------------|--------:|-------:|
| Huawei | 53 | 66 |
| China Mobile | 24 | 35 |
| Cisco | 24 | 26 |
| Independent | 19 | 25 |
| China Telecom | 24 | 24 |
| China Unicom | 22 | 21 |
| Tsinghua University | 13 | 16 |
| ZTE Corporation | 12 | 12 |
| Five9 | 1 | 10 |
| Ericsson | 4 | 9 |
One company -- Huawei -- contributes 18% of all drafts. The top six Chinese-linked organizations together contribute over 160 authors. This is not a general pattern across the IETF; it is specific to the AI agent space, and it tells a story about who considers these standards strategically important.
## The Huawei Drafting Machine
The Huawei team bloc is worth examining in detail because it illustrates a pattern -- organized, coordinated standards campaigns -- that is characteristic of how some institutions approach the IETF.
The 13-person core team includes:
| Author | Drafts | Role in Team |
|--------|-------:|-------------|
| Bing Liu | 23 | Top contributor, appears on most team drafts |
| Zhenbin Li | 21 | Core, agent networking frameworks |
| Nan Geng | 20 | Core, near-total overlap with Liu |
| Qiangzhou Gao | 20 | Core, cross-device communication |
| Xiaotong Shang | 19 | Core, network measurement and troubleshooting |
| Jianwei Mao | 14 | Communication protocol gap analysis |
| Guanming Zeng | 13 | MCP and NETCONF for agents |
The remaining six members contribute 2-5 drafts each. The team's **94% cohesion** means that nearly every possible pair of members shares the vast majority of their drafts. This is not casual co-authorship; it is a systematic drafting operation.
Their 22 drafts cover a specific territory: agent networking frameworks for enterprise and broadband networks, agent identity management, cross-device communication, MCP integration for network troubleshooting, and agent gateway requirements. The focus is heavily on **autonomous network operations** and **A2A protocols** -- the infrastructure layer of the agent ecosystem.
Two deeper metrics reveal the nature of this operation:
**Volume over iteration.** Across the entire corpus, **55% of all 361 drafts** have never been revised beyond their first submission (rev-00). But the rate varies dramatically by organization. Of Huawei's drafts, **65% are at rev-00**. Compare that to Ericsson (11%), Siemens (0%), Nokia (20%), or Boeing (0%). The most serious iterators -- Boeing (avg 28.2 revisions per draft), Siemens (17.2), Sandelman Software (14.3) -- submit far fewer drafts but iterate relentlessly. Western companies submit fewer drafts but revise heavily -- incorporating feedback, advancing toward maturity. Huawei's pattern is the opposite: submit at volume, iterate rarely. Submitting a draft is cheap. Iterating it signals genuine investment.
**Campaign timing.** Of Huawei's drafts, **43 were submitted in the four weeks before IETF 121 Dublin** -- 62% of the company's entire output, packed into a single pre-meeting window. For context, the entire corpus had 107 drafts in that period. Huawei alone accounted for **40% of all pre-IETF 121 submissions**. This is not organic growth. It is a coordinated submission campaign timed for maximum standards-body impact.
Beyond the main team, the company has additional smaller blocs. No other organization comes close to this level of coordinated output.
## The Chinese Institutional Ecosystem
Huawei does not operate in isolation. The Chinese organizations in this space form a densely interconnected collaboration network.
| Org A | Org B | Shared Drafts |
|-------|-------|-----:|
| China Unicom | Huawei | 6 |
| Tsinghua University | Zhongguancun Laboratory | 5 |
| China Mobile | ZTE Corporation | 4 |
| China Mobile | Huawei | 4 |
| BUPT | Tsinghua University | 3 |
| China Telecom | Huawei | 3 |
| BUPT | China Telecom | 3 |
| CAICT | Huawei | 3 |
The structure has three tiers:
**Tier 1: Telecom operators** -- China Mobile (24 authors, 35 drafts), China Telecom (24 authors, 24 drafts), China Unicom (22 authors, 21 drafts). These organizations bring domain expertise in network operations and 6G requirements. Their drafts focus heavily on use cases: agents for 6G networks, agent-based network management, traffic optimization.
**Tier 2: Equipment vendor** -- Huawei (53 authors, 66 drafts), ZTE Corporation (12 authors, 12 drafts). Huawei's dominance here is striking; ZTE's contribution is modest by comparison. These drafts focus on architecture and protocols -- the building blocks rather than the use cases.
**Tier 3: Research institutions** -- Tsinghua University (13 authors, 16 drafts), BUPT (14 authors, 7 drafts), Zhongguancun Laboratory (4 authors, 6 drafts), CAICT (8 authors, 6 drafts). These institutions bridge the gap between industry and academia, often co-authoring with both telecom operators and Huawei.
The Zhongguancun Laboratory team (4 members, 5 shared drafts, 94% cohesion) is led by Yong Cui of Tsinghua University, one of the most prolific individual authors with 8 drafts spanning agent discovery, network management benchmarking, and LLM-assisted operations. His work includes [draft-cui-nmrg-llm-benchmark](https://datatracker.ietf.org/doc/draft-cui-nmrg-llm-benchmark/) (score 4.3) -- one of the highest-rated drafts in the corpus.
The China Telecom team (6 members from China Telecom, BUPT, and Tsinghua) focuses on 6G agent use cases and IoA task protocols. Their drafts are more forward-looking than Huawei's -- less about current network operations, more about where agents fit in next-generation infrastructure.
## Where Is the West?
The absence is as telling as the presence.
**Google**: 5 authors, 9 drafts -- a notable increase, but still thin relative to the company's agent platform presence (Gemini agents, A2A protocol).
**Microsoft**: Minimal presence.
**Apple**: Two authors, two drafts -- both about mail automation ([draft-ietf-mailmaint-pacc](https://datatracker.ietf.org/doc/draft-ietf-mailmaint-pacc/), [draft-eggert-mailmaint-uaautoconf](https://datatracker.ietf.org/doc/draft-eggert-mailmaint-uaautoconf/)). Not about AI agents per se.
**Amazon**: 6 authors, 6 drafts -- primarily post-quantum cryptography work (ML-KEM hybrid key exchange), not agent-specific.
**Cisco**: The most active Western tech company with 24 authors across 26 drafts, but spread thinly. Three separate Cisco blocs cover different areas: Cullen Fluffy Jennings and Suhas Nandakumar work on A2A transport and agent identity; another team (Muscariello, Papalini, Sardara, Betts) works on AGNTCY messaging; a third (Farinacci, Rodriguez-Natal, Maino) works on LISP-based networking. No single coordinated campaign.
**Ericsson**: 4 authors, 9 drafts -- focused on EDHOC lightweight authentication, a mature protocol effort led by Goran Selander. High quality (scores 3.2-4.1) but narrow scope.
The pattern is clear: Western companies are either absent from AI agent standardization or participating in adjacent security/crypto work rather than the core agent protocol space. The reasons likely include strategic focus on proprietary agent ecosystems (Google's Gemini, Apple's Siri agents), less tradition of IETF engagement in the agent/AI space, and the assumption that de facto standards (MCP, A2A) will matter more than de jure IETF ones.
This bet may prove wrong. IETF standards have a way of becoming the infrastructure that everyone must eventually support.
## The Team Bloc Landscape
Beyond Huawei, our co-authorship analysis detected **18 team blocs** covering a significant fraction of the 557 authors. Each bloc is a group where members share at least 70% pairwise draft overlap and 3+ shared drafts.
The most notable non-Chinese blocs:
**Ericsson team** (5 members, 6 drafts, 100% cohesion) -- Goran Selander and colleagues lead this European effort focused on EDHOC authentication and lightweight key exchange for constrained devices. They collaborate with Inria (France) and the University of Murcia (Spain). Their work ([draft-spm-lake-pqsuites](https://datatracker.ietf.org/doc/draft-spm-lake-pqsuites/), score 4.1) represents some of the most mature protocol work in the corpus.
**Five9/Bitwave team** (2 members, 6 drafts, 100% cohesion) -- Jonathan Rosenberg (Five9) and Pat White (Bitwave) are the most prolific Western contributors to core agent protocols. Their drafts span the full stack: CHEQ for human confirmation of agent decisions ([draft-rosenberg-aiproto-cheq](https://datatracker.ietf.org/doc/draft-rosenberg-aiproto-cheq/), score 3.9), N-ACT for agent-to-tool communication, and an OAuth extension for agent authentication. Rosenberg is also the strongest cross-team bridge, sharing 3 drafts with Cisco's Cullen Fluffy Jennings -- the single strongest cross-bloc connection we found.
**ISI, R.C. ATHENA team** (4 members, 4 drafts, 100% cohesion) -- A Greek research institute producing post-quantum authentication work for EDHOC. All four members (Haleplidis, Fraile, Fournaris, Koulamas) co-author every draft. Their [draft-lake-pocero-authkem-ikr-edhoc](https://datatracker.ietf.org/doc/draft-lake-pocero-authkem-ikr-edhoc/) scored 4.2.
**JPMorgan/multi-org team** (4 members from JPMorgan, Oracle, Telefonica, Aryaka; 2 drafts, 100% cohesion) -- The most cross-organizational Western bloc. Their work on transitive attestation ([draft-mw-wimse-transitive-attestation](https://datatracker.ietf.org/doc/draft-mw-wimse-transitive-attestation/), score 4.3) and actor chains ([draft-mw-spice-actor-chain](https://datatracker.ietf.org/doc/draft-mw-spice-actor-chain/), score 4.1) addresses the safety and accountability space. Notably, these are among the highest-scored drafts in the corpus.
## The Cross-Pollination Problem
Once you account for team blocs, the cross-team collaboration picture is sparse. The top cross-bloc connection -- Jonathan Rosenberg bridging Five9/Bitwave and Cisco -- involves just 3 shared drafts. Most cross-team pairs share only 1.
Our network centrality analysis reveals who bridges these gaps. Of 557 authors, only **115 (23%)** co-author with people from both Chinese and Western organizations. The top bridge-builders are not from the organizations you might expect:
| Author | Organization | BC Score | CN Neighbors | Western Neighbors |
|--------|-------------|--------:|---:|---:|
| Luis M. Contreras | Telefonica | 0.035 | 11 | 3 |
| Qin Wu | Huawei | 0.035 | 12 | 11 |
| Muhammad Awais Jadoon | InterDigital | 0.023 | 9 | 4 |
| Diego Lopez | Telefonica | 0.013 | 6 | 9 |
| Giuseppe Fioccola | Huawei | 0.009 | 2 | 8 |
The structural glue holding the two blocs together is **European telecoms** -- Telefonica, InterDigital, Deutsche Telekom. Not US Big Tech. Not any formal cross-standards body. A handful of European companies, through their authors' co-authorship ties, provide the only significant cross-divide connectivity. Qin Wu (Huawei) is the most balanced individual bridge, with nearly equal Chinese and Western co-author networks. But these bridges are thin: remove any two or three of these people, and the network fragments further.
The sparseness of these bridges becomes even more concerning when you look at what the two blocs are building *on*. Our RFC cross-reference analysis (detailed in Post 3) reveals that the Chinese and Western blocs cite fundamentally different technology stacks. The Chinese agent ecosystem is being built on **network management protocols** -- YANG (RFC 7950), NETCONF (RFC 6241), and autonomic networking (RFC 7575). The Western ecosystem is being built on **IoT security and web infrastructure** -- COSE (RFC 9052), CBOR (RFC 8949), CoAP (RFC 7252), HTTP Semantics (RFC 9110), and EDHOC (RFC 9528). The only shared foundation is **OAuth 2.0** -- which explains why the OAuth-for-agents space has 14 competing proposals. It is the one piece of common ground, and everyone is fighting over it.
This means the cross-pollination problem is deeper than "different teams working separately." The two blocs are building on incompatible infrastructure. Even if they agreed on an agent communication pattern, the underlying plumbing diverges.
The IETF's consensus process works best when different implementation perspectives collide and reconcile. In the AI agent space, those collisions are rare. The Chinese institutional ecosystem collaborates internally but has limited connections to Western contributors. The European cryptographic teams (Ericsson, RISE, ATHENA) work on authentication foundations but do not connect to the agent protocol teams. The American startups (Five9, Bitwave) and enterprise companies (Cisco) work on adjacent problems without shared architectural framing.
The one exception is Fraunhofer SIT's Henk Birkholz and Tradeverifyd's Orie Steele, whose [draft-birkholz-verifiable-agent-conversations](https://datatracker.ietf.org/doc/draft-birkholz-verifiable-agent-conversations/) (score 4.5) and [draft-steele-agent-considerations](https://datatracker.ietf.org/doc/draft-steele-agent-considerations/) (score 4.0) represent rare cross-cultural, safety-focused work from German and American collaborators.
## What This Means
Three implications emerge from the authorship data:
**1. Volume and influence are not the same thing.** Huawei's 66 drafts represent 18% of the corpus, but 65% have never been revised. The IETF rewards sustained engagement -- drafts that iterate through feedback cycles, reach working group adoption, and mature toward RFC status. A campaign that optimizes for volume at a pre-meeting deadline is playing a different game than one that optimizes for adoption. The quality scores bear this out: Huawei's team averages around 3.1, respectable but not exceptional. The organizations doing the deepest work (Ericsson at 4.8 average revision, Siemens at 17.2) submit far fewer drafts but iterate relentlessly.
**2. The safety work comes from unexpected places.** The highest-quality safety and accountability drafts come not from the high-volume drafters but from smaller, specialized teams: Aylward (independent), Birkholz/Steele (Fraunhofer/Tradeverifyd), Rosenberg/White (Five9/Bitwave), and the JPMorgan-led multi-org team. The organizations doing the most drafting are focused on capability; the organizations doing the best safety work are doing the least drafting.
**3. The IETF needs more bridges.** Cross-team, cross-organization, cross-geography collaboration is the weakest link in the current landscape. Our centrality analysis shows that European telecoms -- not US Big Tech -- are the structural glue between Chinese and Western blocs. The standards that will endure are the ones where Chinese telecom expertise, European cryptographic rigor, and American agent-platform experience converge. Right now, those worlds barely overlap, and the few bridges that exist depend on a handful of individuals.
---
### Key Takeaways
- **Huawei dominates** with 53 authors on 66 drafts (18% of corpus); their 13-person core team co-authors 22 drafts at 94% cohesion -- but 65% of those drafts have never been revised, and 43 were submitted in a single 4-week pre-meeting window
- **Chinese institutions** collectively contribute 160+ of 557 authors; they form a tightly interconnected collaboration ecosystem
- **Google has 9 drafts but Microsoft and Apple are largely absent** from AI agent standardization -- a notable strategic gap
- **18 team blocs** detected; cross-team collaboration is sparse, with most cross-bloc pairs sharing only 1 draft
- **Only 23% of authors bridge the Chinese-Western divide**; European telecoms (Telefonica, InterDigital) are the structural glue -- not US Big Tech
- **The best safety work** comes from smaller, specialized teams -- not from the high-volume drafters
*Next in this series: [The OAuth Wars and Other Battles](03-oauth-wars.md) -- 14 competing proposals, 120 A2A protocols, and what fragmentation costs the internet.*
---
*Data from the IETF Draft Analyzer, covering 361 drafts, 557 authors, and 18 detected team blocs. Co-authorship analysis uses 70% pairwise draft overlap threshold with 3+ shared drafts.*

165
data/reports/blog-series/03-oauth-wars.md Normal file
View File

@@ -0,0 +1,165 @@
# The OAuth Wars and Other Battles
*14 competing proposals, 120 protocols with no interop layer, and 25+ near-duplicate drafts. Inside the IETF's AI agent fragmentation problem.*
---
Fourteen separate Internet-Drafts are trying to solve the same problem: how should AI agents authenticate and get authorized using OAuth? They are not collaborating. They are not compatible. And they are all submitted in the same nine-month window.
This is the fragmentation problem, and it is not limited to OAuth. Across the IETF's AI agent landscape, our analysis found the same pattern repeated in agent discovery, multi-agent communication, intent-based routing, and 6G agent requirements. Teams are working in parallel, not together, and the cost is measured in wasted effort, confused implementers, and the growing risk of incompatible deployments.
## The OAuth Cluster: 14 Ways to Solve One Problem
The most crowded corner of the AI agent standards landscape is OAuth for agents. Every proposal is trying to answer the same fundamental question: when an AI agent acts on behalf of a user -- or on its own -- how does it prove its identity and obtain permission?
The depth of this cluster is not surprising when you look at the ecosystem's foundations. Our cross-reference analysis of all 361 drafts found that **OAuth 2.0** (RFC 6749) is cited by **36 drafts**, **JWT** (RFC 7519) by **22**, **OAuth Bearer** (RFC 6750) by **9**, and **DPoP** (RFC 9449) by **9**. The OAuth stack is the single most-referenced functional standard in the entire corpus after TLS. The agent identity problem runs through the landscape like a root system.
Here are all 14 drafts:
| Draft | Approach | Score |
|-------|----------|------:|
| [draft-aylward-daap-v2](https://datatracker.ietf.org/doc/draft-aylward-daap-v2/) | Comprehensive accountability protocol | 4.8 |
| [draft-goswami-agentic-jwt](https://datatracker.ietf.org/doc/draft-goswami-agentic-jwt/) | Agentic JWT for autonomous systems | 4.5 |
| [draft-chen-oauth-rar-agent-extensions](https://datatracker.ietf.org/doc/draft-chen-oauth-rar-agent-extensions/) | RAR extensions for agent policy | 4.2 |
| [draft-aap-oauth-profile](https://datatracker.ietf.org/doc/draft-aap-oauth-profile/) | OAuth 2.0 profile for autonomous agents | 4.2 |
| [draft-barney-caam](https://datatracker.ietf.org/doc/draft-barney-caam/) | Contextual agent authorization mesh | 4.0 |
| [draft-liu-agent-operation-authorization](https://datatracker.ietf.org/doc/draft-liu-agent-operation-authorization/) | Verifiable delegation via JWT | 4.1 |
| [draft-rosenberg-oauth-aauth](https://datatracker.ietf.org/doc/draft-rosenberg-oauth-aauth/) | OAuth for agents on PSTN/SMS | 3.6 |
| [draft-oauth-ai-agents-on-behalf-of-user](https://datatracker.ietf.org/doc/draft-oauth-ai-agents-on-behalf-of-user/) | On-behalf-of-user extension | 3.7 |
| [draft-jia-oauth-scope-aggregation](https://datatracker.ietf.org/doc/draft-jia-oauth-scope-aggregation/) | Scope aggregation for multi-step workflows | 3.5 |
| [draft-liu-oauth-a2a-profile](https://datatracker.ietf.org/doc/draft-liu-oauth-a2a-profile/) | A2A profile for transaction tokens | 3.6 |
| [draft-song-oauth-ai-agent-authorization](https://datatracker.ietf.org/doc/draft-song-oauth-ai-agent-authorization/) | Target-based authorization | 2.8 |
| [draft-song-oauth-ai-agent-collaborate-authz](https://datatracker.ietf.org/doc/draft-song-oauth-ai-agent-collaborate-authz/) | Multi-agent collaboration authz | 3.5 |
| [draft-chen-ai-agent-auth-new-requirements](https://datatracker.ietf.org/doc/draft-chen-ai-agent-auth-new-requirements/) | New auth requirements analysis | 3.8 |
| [draft-yao-agent-auth-considerations](https://datatracker.ietf.org/doc/draft-yao-agent-auth-considerations/) | Auth considerations analysis | 3.1 |
The quality range is enormous -- from 2.8 to 4.8 -- and the approaches barely overlap. Some extend OAuth 2.0 with new grant types. Others define entirely new token formats (Agentic JWT). Still others propose mesh architectures or accountability layers on top of existing auth flows. Two drafts (song-oauth-ai-agent-authorization and song-oauth-ai-agent-collaborate-authz) come from the same Huawei team and address different facets of the problem. Two more (chen-oauth-rar-agent-extensions and chen-ai-agent-auth-new-requirements) come from a China Mobile team.
The gap our analysis identified in this cluster: most focus on **single-agent authorization**. Few address chained delegation across multiple agents, and none standardize real-time revocation in agent-to-agent workflows. An agent that obtains a token and delegates a sub-task to another agent -- which then delegates further -- creates a chain of trust that no single draft adequately covers.
## The Agent Gateway Melee: 10 Drafts
If OAuth for agents is about identity, the agent gateway cluster is about communication architecture. Ten drafts are competing to define how agents from different platforms and ecosystems collaborate:
| Draft | Approach | Score |
|-------|----------|------:|
| [draft-li-dmsc-macp](https://datatracker.ietf.org/doc/draft-li-dmsc-macp/) | Multi-agent collaboration protocol suite | 4.2 |
| [draft-agent-gw](https://datatracker.ietf.org/doc/draft-agent-gw/) | Semantic routing gateway | 3.9 |
| [draft-cui-dmsc-agent-cdi](https://datatracker.ietf.org/doc/draft-cui-dmsc-agent-cdi/) | Cross-domain interop framework | 3.0 |
| [draft-han-rtgwg-agent-gateway-intercomm-framework](https://datatracker.ietf.org/doc/draft-han-rtgwg-agent-gateway-intercomm-framework/) | Gateway intercommunication | 3.6 |
| [draft-li-dmsc-inf-architecture](https://datatracker.ietf.org/doc/draft-li-dmsc-inf-architecture/) | DMSC infrastructure architecture | 3.1 |
| [draft-liu-dmsc-acps-arc](https://datatracker.ietf.org/doc/draft-liu-dmsc-acps-arc/) | Agent collaboration protocols arch | 3.6 |
| [draft-yang-dmsc-ioa-task-protocol](https://datatracker.ietf.org/doc/draft-yang-dmsc-ioa-task-protocol/) | IoA task protocol | 3.0 |
| [draft-yang-ioa-protocol](https://datatracker.ietf.org/doc/draft-yang-ioa-protocol/) | IoA protocol | 3.6 |
| [draft-fu-nmop-agent-communication-framework](https://datatracker.ietf.org/doc/draft-fu-nmop-agent-communication-framework/) | Network AIOps comm framework | 3.0 |
| [draft-campbell-agentic-http](https://datatracker.ietf.org/doc/draft-campbell-agentic-http/) | HTTP best practices | -- |
A revealing pattern: five of these ten drafts reference "DMSC" -- Dynamic Multi-agent Secured Collaboration -- a concept pushed primarily by Chinese institutions through the IETF's DMSC side meeting. This cluster represents an organized attempt to define the agent collaboration architecture, but even within that effort, multiple competing proposals have emerged.
The gap: no draft in this cluster addresses **dynamic trust establishment between gateways**, or how to handle conflicting semantic schemas across ecosystems. If Agent Gateway A speaks MCP and Agent Gateway B speaks A2A Protocol, these drafts describe the need for translation but do not provide it.
## The Near-Duplicate Epidemic
Our embedding-based similarity analysis produced a more troubling finding: **25+ draft pairs** have cosine similarity above 0.98. Many are functionally identical proposals submitted under different names:
| Draft A | Draft B | Reason |
|---------|---------|--------|
| draft-a2a-moqt-transport | draft-nandakumar-a2a-moqt-transport | Same content, different name |
| draft-abbey-scim-agent-extension | draft-scim-agent-extension | Same draft, dual submission |
| draft-rosenberg-aiproto | draft-rosenberg-aiproto-nact | Renamed |
| draft-rosenberg-aiproto-cheq | draft-rosenberg-cheq | Renamed |
| draft-cui-nmrg-llm-nm | draft-irtf-nmrg-llm-nm | WG adoption (individual to IRTF) |
| draft-ar-emu-hybrid-pqc-eapaka | draft-ietf-emu-hybrid-pqc-eapaka | WG adoption |
| draft-zheng-agent-identity-management | draft-zheng-dispatch-agent-identity-management | Same draft, different WG |
| draft-sun-zhang-iaip | draft-sz-dmsc-iaip | Same draft, different WG |
| draft-zeng-mcp-troubleshooting | draft-zm-rtgwg-mcp-troubleshooting | Same draft, different WG |
Some of these duplications are legitimate IETF process: a draft moves from individual submission to working group adoption (like draft-cui-nmrg-llm-nm becoming draft-irtf-nmrg-llm-nm). Others reflect authors shopping the same draft to multiple working groups. And a few appear to be genuine content duplication -- the same ideas submitted under different author combinations.
The practical effect: the 361-draft corpus includes substantial double-counting. After de-duplication, the true number of distinct proposals is probably closer to 300. But even 300 competing proposals in nine months is extraordinary.
## The A2A Protocol Zoo
Zooming out from individual clusters, the broadest fragmentation is in the **120 A2A protocol drafts**. These span everything from low-level transport (A2A over MOQT/QUIC) to high-level semantic routing (intent-based agent interconnection) to specific use cases (MCP for network troubleshooting).
The most common technical idea in the entire corpus -- "Multi-Agent Communication Protocol" -- appears in **8 separate drafts** from different teams. Eight teams are independently designing how agents should talk to each other.
| Competing Area | Drafts | Distinguishing Fact |
|---------------|-------:|-------------------|
| OAuth for agents | 14 | No draft handles chained delegation |
| Agent gateway/collaboration | 10 | 5 are DMSC-linked; no trust framework |
| Agent discovery | 6 | Range from DNS-based to full directories |
| Intent-based routing | 5 | Requirements-heavy, protocol-light |
| 6G agent requirements | 6 | Wish lists, not specifications |
| SCIM/identity registry | 6 | 3 are near-duplicates |
The discovery cluster is particularly illustrative. Six drafts propose different ways to find AI agents: [draft-narajala-ans](https://datatracker.ietf.org/doc/draft-narajala-ans/) (score 4.2) proposes a DNS-based Agent Name Service. [draft-mozleywilliams-dnsop-bandaid](https://datatracker.ietf.org/doc/draft-mozleywilliams-dnsop-bandaid/) (3.6) also uses DNS but via SVCB records. [draft-pioli-agent-discovery](https://datatracker.ietf.org/doc/draft-pioli-agent-discovery/) (3.2) defines a lightweight registration and discovery protocol. [draft-gaikwad-woa](https://datatracker.ietf.org/doc/draft-gaikwad-woa/) (3.2) proposes a Web of Agents format using JSON Schema. None of them reference each other.
## The Deeper Fragmentation: Different Technological DNA
The protocol-level fragmentation documented above is only the visible layer. Beneath it, our RFC cross-reference analysis reveals a more fundamental divide: the two major drafting blocs are building on **entirely different technology stacks**.
| Foundation | Chinese Bloc | Western Bloc |
|-----------|-------------|-------------|
| **Network management (YANG/NETCONF)** | Strong (RFC 6241, 8639, 8641, 7950) | Absent |
| **IoT security (COSE/CBOR/OSCORE/CoAP)** | Absent | Strong (RFC 9052, 8949, 8613, 7252) |
| **PKI/Certificates (X.509)** | Absent | Strong (RFC 5280) |
| **Lightweight auth (EDHOC, CWT)** | Absent | Strong (RFC 9528, 8392) |
| **Web APIs (HTTP Semantics)** | Weak | Strong (RFC 9110) |
| **TLS 1.3** | Moderate (8 citations) | Strong (18 citations) |
| **OAuth 2.0** | Present (11 citations) | Present (7 citations) |
The Chinese bloc -- Huawei, China Mobile, China Telecom, China Unicom, and associated research institutions -- builds agent infrastructure on **YANG/NETCONF**, the network management protocols that underpin autonomous network operations. The Western bloc -- Ericsson, Cisco, ATHENA, and European research labs -- builds on **COSE/CBOR/CoAP** (IoT security) and **HTTP/TLS/PKI** (web infrastructure).
The **only shared foundation** is OAuth 2.0, which both blocs cite at comparable rates. This is why the OAuth cluster has 14 competing proposals: it is the one piece of common ground, and everyone is fighting over it.
This means fragmentation goes deeper than protocol design. Even if the community agreed on a single agent communication pattern, the underlying plumbing is incompatible. A Chinese draft building on NETCONF and a Western draft building on CoAP cannot interoperate without a translation layer -- and that translation layer, as we document in the gap analysis, does not exist.
## What Fragmentation Costs
The costs of this fragmentation are not theoretical:
**For implementers**: Which OAuth extension do you implement? Do you support SCIM agent schemas or Web of Agents? If your agent needs to discover another agent, do you look in DNS, a well-known URI, or a dedicated directory? Today there is no canonical answer, and choosing wrong means re-implementation when the IETF eventually converges.
**For the IETF process**: Working groups spend time evaluating competing proposals that could be spent converging on solutions. The OAuth working group alone faces 14 agent-related drafts. The volume creates overhead that slows progress on any single proposal.
**For security**: When multiple incompatible authentication and authorization schemes exist, implementations inevitably take shortcuts. The most dangerous agents will be those that implement the easiest -- not the most secure -- available standard.
**For the ecosystem**: Each month that fragmentation persists, real-world agent deployments make choices. Those choices entrench specific approaches, making convergence harder and interoperability more expensive. The window for a unified standard narrows with every proprietary deployment.
## The Convergence Signals
Not everything is divergence. A few positive patterns emerged from the data:
**EDHOC is converging.** The lightweight authenticated key exchange protocol has multiple working-group-adopted drafts ([draft-ietf-lake-edhoc-psk](https://datatracker.ietf.org/doc/draft-ietf-lake-edhoc-psk/), [draft-ietf-lake-authz](https://datatracker.ietf.org/doc/draft-ietf-lake-authz/), [draft-ietf-emu-eap-edhoc](https://datatracker.ietf.org/doc/draft-ietf-emu-eap-edhoc/)) with coordinated authorship. This is what healthy standards development looks like: multiple drafts from different teams that explicitly build on each other.
**SCIM agent extensions show maturity.** The Okta team's [draft-abbey-scim-agent-extension](https://datatracker.ietf.org/doc/draft-abbey-scim-agent-extension/) (score 3.8) and [draft-wahl-scim-agent-schema](https://datatracker.ietf.org/doc/draft-wahl-scim-agent-schema/) (score 3.9) represent a practical approach: extend an existing, widely-deployed protocol (SCIM) rather than invent a new one. This pragmatism is a convergence signal.
**The verifiable conversations approach is gaining traction.** [draft-birkholz-verifiable-agent-conversations](https://datatracker.ietf.org/doc/draft-birkholz-verifiable-agent-conversations/) (score 4.5) and the WIMSE/ECT work on execution context tokens represent a "record everything, verify later" approach to agent accountability that multiple communities can support.
## What Needs to Happen
Three structural interventions would accelerate convergence:
**1. Working groups need to pick winners.** The IETF process allows competing proposals, but at some point working groups must adopt specific approaches and redirect competing efforts. In the OAuth agent space, the highest-quality proposals (DAAP, Agentic JWT, RAR extensions) should be evaluated head-to-head, not allowed to proliferate indefinitely.
**2. Interoperability testing, not just drafting.** The 120 A2A protocol proposals exist mostly as text. Interop testing -- where implementations from different teams prove they can work together -- would quickly reveal which proposals have real engineering substance and which are paper exercises.
**3. The translation layer must be built.** Rather than picking one A2A protocol, the community may be better served by a thin interoperability layer that lets agents using different protocols communicate through gateways. Our gap analysis found this cross-protocol translation gap entirely unaddressed -- zero technical ideas in the current corpus.
---
### Key Takeaways
- **14 competing OAuth-for-agents proposals** illustrate the depth of fragmentation; none handle chained delegation across agent networks
- **120 A2A protocol drafts** exist without an interoperability layer; the most common idea in the corpus appears in 8 separate drafts from different teams
- **25+ near-duplicate pairs** (>0.98 similarity) inflate the draft count; after de-duplication, roughly 300 distinct proposals remain
- **Convergence signals exist** in EDHOC authentication, SCIM agent extensions, and verifiable conversations -- areas where teams explicitly build on each other
- **Fragmentation goes deeper than protocols**: Chinese and Western blocs build on different RFC foundations (YANG/NETCONF vs COSE/CBOR/CoAP); the only shared bedrock is OAuth 2.0
- **The missing piece** is a cross-protocol translation layer; no draft in the corpus addresses how agents using different protocols can interoperate
*Next in this series: [What Nobody's Building (And Why It Matters)](04-what-nobody-builds.md) -- The 12 gaps in the IETF's AI agent landscape, and the real-world consequences of leaving them unfilled.*
---
*Data from the IETF Draft Analyzer's embedding-based overlap analysis (nomic-embed-text) and cluster detection at 0.85/0.90 similarity thresholds.*

154
data/reports/blog-series/04-what-nobody-builds.md Normal file
View File

@@ -0,0 +1,154 @@
# What Nobody's Building (And Why It Matters)
*The 12 gaps in the IETF's AI agent landscape -- and the real-world disasters they invite.*
---
Imagine an AI agent managing a hospital's drug-dispensing system. It receives instructions from a prescribing agent, coordinates with a pharmacy agent, and issues delivery commands to a robotic dispensing agent. On Tuesday morning, the prescribing agent hallucinates a dosage. The pharmacy agent fills it. The dispensing agent delivers it. No human saw it happen. No system flagged it. No protocol exists to roll back the dispensed medication.
This is not a hypothetical failure mode. It is the predictable consequence of the IETF's three most critical standardization gaps.
We analyzed **361 Internet-Drafts**, extracted their technical components, and compared the result against what real-world agent deployments actually require. We found **12 gaps** -- areas where standardization work is missing or inadequate. Three of them are critical. And the critical ones all share a defining characteristic: they address what happens when autonomous agents fail or misbehave.
Nobody is building the safety net.
## The 12 Gaps
Our gap analysis sorted findings by severity based on the breadth of the shortfall and the consequences of leaving it unfilled:
| # | Gap | Severity | Ideas Addressing It |
|---|-----|----------|--------------------:|
| 1 | Agent Behavior Verification | CRITICAL | 52 |
| 2 | Agent Resource Management | CRITICAL | 117 |
| 3 | Agent Error Recovery and Rollback | CRITICAL | 6 |
| 4 | Cross-Protocol Translation | HIGH | 0 |
| 5 | Agent Lifecycle Management | HIGH | 90 |
| 6 | Multi-Agent Consensus | HIGH | 5 |
| 7 | Human Override and Intervention | HIGH | 4 |
| 8 | Cross-Domain Security Boundaries | HIGH | 10 |
| 9 | Dynamic Trust and Reputation | HIGH | 5 |
| 10 | Agent Performance Monitoring | MEDIUM | 26 |
| 11 | Agent Explainability | MEDIUM | 5 |
| 12 | Agent Data Provenance | MEDIUM | 79 |
Two numbers in that table should alarm you: the **6 ideas** addressing error recovery (all from a single draft), and the **0 ideas** addressing cross-protocol translation. Across 361 drafts, these gaps are not underserved. They are unserved.
## Critical Gap 1: Agent Behavior Verification
**The problem**: No mechanism exists to verify that a deployed AI agent actually behaves according to its declared policies or specifications.
**The numbers**: Only **44 of 361 drafts** address AI safety and alignment. The 4:1 ratio of capability to safety work means the community is building agents four times faster than it is building the tools to keep them honest.
**What 52 ideas partially address**: Some exist on the periphery. [draft-aylward-daap-v2](https://datatracker.ietf.org/doc/draft-aylward-daap-v2/) (score 4.8 -- the highest-rated draft in the corpus) defines a behavioral monitoring framework and cryptographic identity verification. [draft-birkholz-verifiable-agent-conversations](https://datatracker.ietf.org/doc/draft-birkholz-verifiable-agent-conversations/) (score 4.5) proposes verifiable conversation records using COSE signing. [draft-berlinai-vera](https://datatracker.ietf.org/doc/draft-berlinai-vera/) (score 3.9) introduces a zero-trust architecture with five enforcement pillars.
**What is still missing**: Runtime verification. These drafts define what agents *should* do and how to *record* what they did. None provides a real-time mechanism to detect that an agent is deviating from its declared behavior *while it is operating*. The gap is between policy declaration and policy enforcement -- the difference between a speed limit sign and a speed camera.
**The scenario**: A financial trading agent is authorized to execute trades within specified parameters. It begins operating within bounds but, after a model update, starts exceeding risk limits. Without runtime behavior verification, the deviation is only discovered in post-hoc audit -- potentially days later, after significant damage.
## Critical Gap 2: Agent Resource Management
**The problem**: No framework exists for managing computational resources, memory, and processing power across distributed AI agents.
**The numbers**: **93 drafts** focus on autonomous network operations, and **117 ideas** touch on resource-adjacent topics. But those ideas address how agents communicate about tasks -- not how they compete for and share limited resources.
**What is missing**: Scheduling, quotas, fair allocation, and priority mechanisms for multi-agent environments. When ten agents compete for the same GPU cluster, which gets priority? When an agent's computation exceeds its allocation, what happens? When a high-priority emergency response agent needs resources currently held by a routine monitoring agent, how does preemption work?
**The scenario**: A telecom operator deploys 50 AI agents for network monitoring, troubleshooting, and optimization. During a major outage, all 50 agents simultaneously request inference resources to diagnose the problem. With no resource management framework, agents compete chaotically. The most aggressive agents get resources; the most important diagnostic tasks may not. The outage extends because the agents that could fix it are starved by the agents that are observing it.
## Critical Gap 3: Agent Error Recovery and Rollback
**The problem**: No standards exist for how agents handle errors, cascading failures, or the rollback of autonomous decisions.
**The numbers**: This is the starkest gap in the corpus. Only **6 extracted ideas** address it, and all come from a single draft: [draft-yue-anima-agent-recovery-networks](https://datatracker.ietf.org/doc/draft-yue-anima-agent-recovery-networks/) (score 4.1). One team, out of 557 authors, is working on this.
**The 6 ideas from that draft**:
- Task-Oriented Multi-Agent Recovery Framework
- Inter-Agent Communication Protocol Requirements
- State Consistency Management
- Error and Success Reporting Framework (from a separate draft)
- Generic Agent Response Framework
- Mandatory restrictive failure behavior
That is the entire body of work the IETF has produced on agent error recovery. For context, "Multi-Agent Communication Protocol" -- defining how agents *talk* -- appears in 8 drafts. The community has invested 8 times more effort in the plumbing than in the fire escape.
**What is missing**: Circuit breakers for cascading failures. Checkpoint and rollback protocols. Blast radius containment. Graceful degradation. All concepts well-established in distributed systems engineering, but absent from the agent standards landscape.
**The scenario**: A multi-agent supply chain system manages inventory, shipping, and payments. The inventory agent processes a large batch incorrectly, leading the shipping agent to dispatch wrong items, which causes the payment agent to process refunds to wrong accounts. The cascade happens in minutes. Without rollback mechanisms, untangling the mess requires manual human intervention across three systems -- and the agents continue making decisions based on corrupted state while humans try to intervene.
## The High-Priority Gaps
Six additional gaps scored HIGH severity. Each represents a missing piece that working deployments will hit:
### Cross-Protocol Translation (0 ideas)
With **120 competing A2A protocols** and no translation layer, agents speaking different protocols simply cannot interoperate. This gap is entirely unaddressed -- zero technical ideas in the corpus. It is the only gap with literally no coverage.
The parallel is the early web: HTTP won not because it was the best protocol but because it was the one protocol everyone could speak. The agent ecosystem has no HTTP equivalent. If the IETF does not build a translation layer, the market will -- and the result will be vendor-locked ecosystems rather than open interoperability.
### Human Override and Intervention (4 ideas)
Only **30 human-agent interaction drafts** exist versus **93 autonomous operations** and **120 A2A protocol** drafts. Agents are being designed to talk to each other at a 4:1 ratio over being designed to talk to humans. Emergency override protocols -- the "big red button" -- are almost entirely absent.
[draft-rosenberg-aiproto-cheq](https://datatracker.ietf.org/doc/draft-rosenberg-aiproto-cheq/) (score 3.9) is a rare exception: it defines a protocol for human confirmation of agent decisions before execution. But CHEQ is opt-in and pre-execution. No draft defines what happens when a human needs to stop a running agent, constrain its behavior, or take over its task mid-execution.
### Multi-Agent Consensus (5 ideas)
When a group of agents disagree -- the diagnosis agent says the router is down, the monitoring agent says it is up, the optimization agent is rerouting traffic around it -- who arbitrates? No framework exists for agents to resolve conflicting assessments without human intervention.
### Dynamic Trust and Reputation (5 ideas)
Static certificates authenticate identity but cannot express "this agent has been reliable for 6 months" or "this agent's accuracy degraded last week." Long-running agent ecosystems need trust that is earned, tracked, and revocable. The current landscape relies entirely on binary trust: either an agent has a valid certificate or it does not.
### Cross-Domain Security Boundaries (10 ideas)
An agent authenticated in Company A's domain needs to perform a task in Company B's domain. Identity management exists -- the 108 identity/auth drafts cover this. What does not exist is trust *isolation*: preventing an agent authenticated for a narrow task from escalating privileges across domain boundaries.
### Agent Lifecycle Management (90 ideas)
Registration is covered. What happens after registration is not: versioning when an agent is updated, graceful retirement when an agent is decommissioned, migration when an agent moves between hosts, and dependency management when other agents rely on it.
## The Structural Problem
Here is the finding the Architect on our team surfaced that reframes the entire gap analysis:
**The severity of each gap correlates with the coordination difficulty required to fill it.**
The critical gaps (behavior verification, resource management, error recovery) require agreement across *multiple* IETF working groups. They cut across safety, networking, identity, and operations -- areas currently owned by separate teams that rarely collaborate. The high gaps (cross-protocol translation, human override, consensus) require even broader agreement: they need architects who see the whole ecosystem, not just their protocol.
Now look back at the team bloc analysis from Post 2. The 18 team blocs are *islands*. Cross-team collaboration is sparse. The strongest cross-bloc connection involves 3 shared drafts. The gaps that require the most cross-team work are being produced by an ecosystem that does the least cross-team work.
This is the structural explanation for the safety deficit. It is not that people do not care about safety. It is that safety standards require coordination across boundaries that the current authorship structure cannot bridge. Capability standards can be built within a single team. Safety standards cannot.
Our category co-occurrence analysis provides the concrete proof. Safety drafts are not entirely isolated -- they co-occur with 8 of 10 categories, coupling most strongly with policy and governance (**60% of safety drafts**, lift 2.3x) and identity/auth (**58%**, lift 1.7x). But the pattern is revealing: safety pairs with *governance* categories, not *implementation* categories. Of the 136 drafts tagged as A2A protocols, only **12 (8.8%) also address safety**. Safety has **zero co-occurrence** with agent discovery/registration and **zero co-occurrence** with model serving/inference. Its weakest links are to the categories where agents actually *do* things: A2A protocols (12), ML traffic management (3), and autonomous network operations (4). Safety is being discussed in governance papers. It is completely absent from discovery infrastructure and inference pipelines. It is barely present in the protocols that need it most. The traffic lights are not just behind the highways -- they are on a different road entirely.
## The 4:1 Ratio, Revisited
The safety deficit is not just a number. It is a structural property of how the IETF's AI agent community is organized.
| Category | Drafts | Team Blocs Active |
|----------|-------:|------------------:|
| A2A protocols | 120 | Many (distributed across blocs) |
| Autonomous operations | 93 | Primarily Huawei, Chinese telecom |
| Agent identity/auth | 108 | Ericsson, Nokia, ATHENA, multiple |
| **AI safety/alignment** | **44** | **Few; mostly independents/startups** |
| **Human-agent interaction** | **30** | **Rosenberg/White (2-person team)** |
The capability categories have organized teams behind them. The safety categories rely on individual contributors and small, unconnected teams. The best safety draft in the corpus (DAAP, score 4.8) comes from an independent author (Aylward). The best human-agent drafts come from a two-person Five9/Bitwave team. There is no 13-person safety bloc with 94% cohesion.
Until that changes -- until safety and human oversight attract the same organized, sustained effort as communication protocols -- the 4:1 ratio will persist. And the gaps will remain open.
---
### Key Takeaways
- **12 gaps** exist in the IETF's AI agent landscape: 3 critical, 6 high, 3 medium
- **The 3 critical gaps** all address failure modes: behavior verification, resource management, error recovery and rollback
- **Error recovery has only 6 ideas** from a single draft; **cross-protocol translation has zero** -- the starkest absences across 361 drafts
- **Gap severity correlates with coordination difficulty**: the hardest gaps require cross-team, cross-WG collaboration that the current island structure cannot produce
- **The safety deficit is structural, not attitudinal**: capability standards can be built by one team; safety standards require ecosystem-wide coordination that does not yet exist
*Next in this series: [Where 361 Drafts Converge (And Where They Don't)](05-1262-ideas.md) -- 96% of ideas appear in exactly one draft. The fragmentation goes all the way down.*
---
*Gap analysis based on 361 drafts, cross-referenced against real-world deployment requirements for autonomous AI agent systems. Data current as of March 2026.*

169
data/reports/blog-series/05-1262-ideas.md Normal file
View File

@@ -0,0 +1,169 @@
# Where 361 Drafts Converge (And Where They Don't)
*The fragmentation goes deeper than competing protocols. It extends all the way down to the idea level.*
---
We extracted roughly 1,700 technical components from 361 Internet-Drafts -- mechanisms, architectures, protocols, and patterns. Then we asked: how many of these ideas does anyone else also propose?
The answer is devastating: **96% appear in exactly one draft.** Of 1,692 unique technical ideas in the corpus, only **75** show up in two or more drafts. Only **11** appear in three or more. The fragmentation documented in the previous posts -- 14 competing OAuth proposals, 120 A2A protocols with no interop layer -- is not just a protocol-level problem. It extends all the way down. At the idea level, the landscape is overwhelmingly a collection of islands.
But islands are not the whole story. Using fuzzy matching across organizational boundaries, we found **628 ideas** where different organizations are working on recognizably similar problems -- even when they use different names and different approaches. These cross-org convergence signals are the embryonic consensus of the agent standards landscape: the problems that different teams, in different countries, with different agendas, independently recognize and attempt to solve.
These convergence signals are more impressive than they first appear. Recall from Post 2 that **55% of all drafts have never been revised** beyond their first submission, and **65% of Huawei's drafts** are fire-and-forget. The ideas that converge across organizations are not the generic scaffolding of first-draft submissions -- they represent genuine engineering investment from teams that independently identified the same problem and committed resources to solving it.
The picture that emerges is paradoxical: the raw material for a complete agent ecosystem exists. The convergent ideas point toward the architecture the ecosystem needs. But they exist in isolation -- proposed by separate teams, embedded in separate drafts, with no connective tissue linking them into a coherent blueprint.
## The Taxonomy
Every extracted idea was classified by type. The distribution reveals what kind of thinking dominates the landscape:
| Type | Count | Share | What It Means |
|------|------:|------:|---------------|
| Mechanism | 663 | 37% | Concrete technical solutions: auth flows, routing algorithms, token formats |
| Architecture | 280 | 16% | System designs and reference models |
| Pattern | 251 | 14% | Reusable design approaches |
| Protocol | 228 | 13% | Full protocol specifications |
| Requirement | 171 | 10% | Formal requirement documents |
| Extension | 168 | 9% | Additions to existing standards (OAuth, SCIM, DNS) |
| Other | 19 | 1% | Frameworks, profiles, algorithms, schemas |
The dominance of **mechanisms** (663 of 1,780 extracted components) tells us the community is in building mode. These are not abstract position papers -- they are concrete, implementable solutions. The 228 protocols and 168 extensions to existing standards show that much of the work builds on established foundations (OAuth 2.0, SCIM, DNS, EDHOC) rather than starting from scratch.
The 280 architectures and 171 requirements suggest healthy standards development: teams are defining reference models before writing code. But the 251 patterns -- reusable approaches without full protocol specification -- indicate that many teams have identified what needs to be done without committing to how.
## Where Teams Converge
By exact title, only 75 ideas appear in multiple drafts. But ideas with different names often describe the same concept -- "Agent Gateway" in one draft and "Inter-Agent Communication Hub" in another. Our fuzzy-matching overlap analysis (using SequenceMatcher at 0.75 threshold) across organizational boundaries found **628 ideas** where 2+ distinct organizations are working on recognizably similar problems -- **43% of all unique idea clusters** have cross-org validation. These are the genuine consensus signals.
| Idea | Orgs | Drafts | Key Organizations |
|------|-----:|-------:|-------------------|
| A2A Communication Paradigm | 8 | 5 | CAICT, Deutsche Telekom, Huawei, Orange, Telefonica |
| AI Agent Network Architecture | 8 | 5 | China Mobile, Deutsche Telekom, Huawei, Orange, UnionPay |
| Multi-Agent Communication Protocol | 7 | 8 | AsiaInfo, BUPT, China Mobile, China Telecom, Huawei |
| AI Agent Communication Network (ACN) | 7 | 5 | ANP Open Source, China Mobile, Cisco, Five9, Huawei |
| NLIP (Natural Language Interchange) | 7 | 1 | Fordham, IBM, Purdue, ServiceNow, eBay |
| ELA Protocol | 6 | 6 | Bitwave, Cisco, Ericsson, Five9, Inria |
| AI Gateway | 6 | 4 | AsiaInfo, BUPT, China Telecom, Huawei, UnionPay |
| Agent Communication across WAN | 6 | 3 | China Mobile, China Unicom, Deutsche Telekom, Huawei, Orange |
The most-converged idea -- "A2A Communication Paradigm" -- draws independent contributions from **8 organizations across 5 countries**. This is simultaneously the strongest convergence signal and the strongest fragmentation signal. Eight organizations agree this is important. They are building separate, incompatible versions.
Look at who bridges the divide. In three of the top eight convergent ideas, the same names appear alongside Chinese institutions: **Deutsche Telekom, Telefonica, and Orange**. These European telecoms show up in "A2A Communication Paradigm," "AI Agent Network Architecture," and "Agent Communication across WAN" -- each time co-listed with Huawei, China Mobile, or China Unicom. Of the **180 ideas that cross the Chinese-Western organizational divide**, European telecoms are present on a disproportionate share. The organizations most likely to prevent the agent ecosystem from splitting into incompatible regional stacks are not Google or Microsoft -- they are European carriers operating in both markets. US Big Tech is almost entirely absent from cross-divide convergence.
The organization-pair overlaps reveal where real collaboration happens -- and where it does not:
| Org Pair | Shared Ideas | Signal |
|----------|-------------:|--------|
| China Unicom -- Huawei | 32 | Deep intra-bloc alignment |
| China Mobile -- Huawei | 27 | Deep intra-bloc alignment |
| Ericsson -- Inria | 21 | European cross-org collaboration |
| Tsinghua -- Zhongguancun Lab | 20 | Chinese academic convergence |
| Fraunhofer SIT -- Tradeverifyd | 10 | Verifiable records niche |
The pattern is stark: the highest-overlap pairs are Chinese institutions working within established blocs. Formal co-authorship between Chinese and Western organizations is thin -- but idea-level convergence, mediated by European telecoms operating in both markets, is broader than the co-authorship data suggests.
The convergence signals cluster in three areas:
**1. Agent communication infrastructure.** How agents discover, connect to, and message each other. This is the most active area with the most redundant proposals. The underlying need is clear; the implementation is contested.
**2. Authentication and authorization.** Action-based authorization, agent registration, cryptographic identity verification. OAuth extensions dominate, but the approaches diverge significantly between pure OAuth extension (add claims/scopes) and novel frameworks (DAAP accountability protocol, STAMP delegation proofs).
**3. Network architecture.** Agent gateways, agent communication networks, network management architectures. This is where the Chinese institutional ecosystem has the strongest presence, with Huawei and affiliated organizations producing most of the architecture ideas.
## Where Teams Innovate
The 96% of ideas appearing in only one draft are a mix: mostly generic components describing what each draft does ("Agent Gateway," "Transport Configuration System"), but scattered among them are genuinely novel proposals that no other team has attempted -- either because they are too new, too specialized, or ahead of their time.
Some standouts from the unique ideas:
**Verifiable Agent Behavior Attestation** (draft-birkholz-verifiable-agent-conversations) -- A CDDL-based format for cryptographically signing agent conversation records, enabling post-hoc verification of agent behavior. This directly addresses the critical behavior verification gap.
**ADOL: Agentic Data Optimization Layer** ([draft-chang-agent-token-efficient](https://datatracker.ietf.org/doc/draft-chang-agent-token-efficient/), score 4.5) -- Addresses token bloat in agent communication protocols. As agents exchange increasingly complex context, message sizes explode. ADOL compresses agent communications by 60-80%, a practical necessity that nobody else is working on.
**Working Memory** (draft-agent-gw) -- A structured context management system that maintains state across multi-step agent operations. Sounds basic -- but no other draft proposes a standard for how agents should manage persistent operational context.
**Autonomous Optical Network Operation** (draft-zhao-ccamp-actn-optical-network-agent) -- Applies agent architecture to the specific domain of optical network management. This is the kind of vertical specialization that validates the horizontal agent architecture work.
**Execution Context Token (ECT)** ([draft-nennemann-wimse-ect](https://datatracker.ietf.org/doc/draft-nennemann-wimse-ect/), score 4.0) -- A JWT extension that records what each task did, linked to predecessors via a DAG. This is arguably the single most architecturally significant idea in the corpus: it turns the execution history of a multi-agent workflow into a cryptographically verifiable directed acyclic graph. It is the technical foundation for accountability, rollback, audit, and provenance.
**CHEQ Protocol** ([draft-rosenberg-aiproto-cheq](https://datatracker.ietf.org/doc/draft-rosenberg-aiproto-cheq/), score 3.9) -- Human confirmation of agent decisions before execution. The only concrete protocol proposal for human-in-the-loop agent oversight. In a landscape of 30 human-agent interaction drafts, CHEQ stands alone as an implementable solution.
## The Five Ideas That Matter Most
If you are building agent systems today and need to know which IETF proposals to watch, these five represent the highest combination of quality, novelty, and gap-filling potential:
| Idea | Draft | Score | Why It Matters |
|------|-------|------:|---------------|
| Execution Context Token | draft-nennemann-wimse-ect | 4.0 | DAG-based execution evidence; foundation for audit, rollback, and accountability |
| DAAP Accountability Protocol | draft-aylward-daap-v2 | 4.8 | Most comprehensive safety proposal; authentication + monitoring + enforcement |
| STAMP Delegation Proofs | draft-guy-bary-stamp-protocol | 4.6 | Cryptographic proof that an agent was authorized for a specific task |
| Agent Description Language (ADL) | draft-nederveld-adl | 4.1 | JSON standard for describing agent capabilities, tools, and permissions |
| Verifiable Conversations | draft-birkholz-verifiable-agent-conversations | 4.5 | Cryptographic signing of conversation records for auditability |
Together, these five ideas sketch the outline of the ecosystem architecture that Post 6 will describe in full: ECT provides the execution backbone, DAAP provides the accountability layer, STAMP proves delegation, ADL describes capabilities, and verifiable conversations create the audit trail.
## Mapping Ideas to Gaps
The most revealing analysis is mapping which ideas partially address which gaps:
| Gap | Severity | Ideas | Coverage |
|-----|----------|------:|----------|
| Resource Management | CRITICAL | 117 | Peripheral: ideas touch on task management but not resource contention |
| Behavior Verification | CRITICAL | 52 | Partial: attestation and monitoring ideas exist but no runtime enforcement |
| Error Recovery/Rollback | CRITICAL | 6 | Near-zero: 6 ideas from one draft (draft-yue-anima-agent-recovery-networks) |
| Cross-Protocol Translation | HIGH | 0 | Complete absence: zero ideas in the entire corpus |
| Lifecycle Management | HIGH | 90 | Partial: registration covered, retirement/versioning not |
| Human Override | HIGH | 4 | Near-zero: CHEQ exists but no emergency override protocol |
| Multi-Agent Consensus | HIGH | 5 | Minimal: no conflict resolution framework |
| Cross-Domain Security | HIGH | 10 | Partial: identity covered, isolation not |
| Dynamic Trust | HIGH | 5 | Minimal: trust scoring exists conceptually but not as protocol |
| Performance Monitoring | MEDIUM | 26 | Moderate: benchmarking ideas exist (draft-cui-nmrg-llm-benchmark) |
| Explainability | MEDIUM | 5 | Minimal: no decision-explanation protocol |
| Data Provenance | MEDIUM | 79 | Partial: data format ideas exist but no provenance chain standard |
The pattern is clear: the gaps with the highest idea counts (resource management at 117, lifecycle at 90, provenance at 79) are gaps where the *periphery* of existing work touches the problem. Teams building communication protocols think about resources; teams building discovery think about lifecycle. But nobody makes these the *central* problem.
The gaps with near-zero idea counts (error recovery at 6, human override at 4, consensus at 5, cross-protocol translation at 0) are the ones where no team is even circling the problem. These are true blind spots.
## The Ideas Nobody Had
Sometimes the absence is the finding. Here are technical ideas conspicuous in their absence from the entire corpus:
- **Agent capability degradation signaling**: No protocol for an agent to advertise that its performance has degraded (model drift, resource constraints, partial failure). Other agents continue relying on it at full trust.
- **Multi-agent transaction semantics**: No ACID-like guarantees for multi-agent workflows. If three agents must all succeed or all roll back, there is no two-phase commit equivalent.
- **Agent migration protocol**: No standard for moving a running agent from one host to another while preserving state and active connections. Critical for cloud deployments.
- **Privacy-preserving agent discovery**: No mechanism for an agent to find capabilities without revealing its intent. "I need a medical diagnosis agent" reveals sensitive information before any trust is established.
- **Agent cost and billing**: No standard for agents to negotiate compensation for services. Agents performing work for other agents have no way to express "this costs X" or "you have Y credits remaining."
Each of these absences represents an opportunity for new drafts that would fill genuine needs.
## What the Taxonomy Tells Builders
Three practical takeaways for anyone implementing agent systems:
**1. Build on the convergent ideas.** Agent registration, action-based authorization, and capability-based discovery appear across multiple teams and organizations. These represent genuine consensus about what the infrastructure needs, even if implementations diverge.
**2. Watch the single-source innovations.** The long tail of single-draft ideas contains the innovations that will differentiate the next generation of agent platforms. ECT, CHEQ, ADOL, and ADL are not widely known but represent some of the most thoughtful engineering in the corpus.
**3. Fill the blank spaces.** Error recovery, cross-protocol translation, and human override are the clearest opportunities for new contributions. The community has signaled these gaps matter (through the severity of the gap analysis) but has not yet produced the ideas to fill them.
---
### Key Takeaways
- **96% of ideas appear in exactly one draft** -- fragmentation extends all the way down to the idea level; only 75 of 1,692 unique ideas show cross-draft convergence
- **628 cross-org convergent ideas** (43% of unique clusters, via fuzzy matching) reveal where organizations independently agree; highest-overlap pairs are Chinese institutions (China Unicom-Huawei: 32 shared ideas)
- **The critical gaps remain unfilled**: error recovery has 6 ideas from one draft; cross-protocol translation has zero
- **Five ideas to watch**: ECT (execution DAG), DAAP (accountability), STAMP (delegation proof), ADL (agent description), verifiable conversations (audit trail)
- **Convergence clusters in three areas**: agent communication infrastructure, authentication/authorization, and network architecture
*Next in this series: [Drawing the Big Picture](06-big-picture.md) -- 628 cross-org convergent ideas, 12 gaps, and the architectural vision that connects them.*
---
*Idea extraction performed by Claude from full-text analysis of each draft. Classification into types (mechanism, architecture, protocol, pattern, extension, requirement) based on the technical content of each proposal. Data current as of March 2026.*

174
data/reports/blog-series/06-big-picture.md Normal file
View File

@@ -0,0 +1,174 @@
# Drawing the Big Picture: What the Agent Ecosystem Actually Needs
*361 drafts, 628 cross-org convergent ideas, 12 gaps -- and the architectural vision that connects them all.*
---
We have spent five posts documenting a paradox: the IETF's AI agent landscape has extraordinary breadth (361 drafts), deep fragmentation at every level (96% of ideas appear in only one draft, 120 competing A2A protocols, 14 OAuth proposals), concentrated authorship (18 team blocs, one company writing 18% of all drafts), and critical gaps (behavior verification, error recovery, human override) that nobody is filling.
The landscape has quantity. It lacks architecture.
This post is about what the architecture looks like -- not in theory, but derived from the data. The 12 gaps are not random absences; they are structurally related. The convergent ideas contain the components; they need a blueprint. And the blueprint already has a foundation: existing IETF work on workload identity (SPIFFE/WIMSE) and execution evidence (Execution Context Tokens) provides the lower layers. What is missing is what goes on top.
## What the Ecosystem Needs: Four Pillars
Our analysis -- synthesizing the gaps, the ideas, and the existing proposals -- points to four missing pillars:
### Pillar 1: DAG-Based Execution
**The gap it fills**: Error Recovery and Rollback (Critical), Resource Management (Critical)
Every multi-agent workflow is a directed acyclic graph: tasks with dependencies, checkpoints, and decision points. But no draft in the corpus defines "agent task graph" as a first-class construct. Without it, there is no way to:
- Know which tasks depend on which
- Place checkpoints for rollback
- Calculate the blast radius of a failure
- Schedule resources based on the graph structure
The Execution Context Token (ECT) from [draft-nennemann-wimse-ect](https://datatracker.ietf.org/doc/draft-nennemann-wimse-ect/) provides the evidence layer: each task produces a signed token linked to its predecessors via parent references, forming a verifiable DAG. What is missing is the orchestration semantics: when to checkpoint, how to roll back, how to contain cascading failures.
The data supports this: the 6 ideas addressing error recovery (all from [draft-yue-anima-agent-recovery-networks](https://datatracker.ietf.org/doc/draft-yue-anima-agent-recovery-networks/)) include "Task-Oriented Multi-Agent Recovery Framework" and "State Consistency Management" -- DAG concepts by another name. The 117 ideas touching resource management need a graph-aware scheduler. The answer is the same structure: a DAG execution model.
### Pillar 2: Human-in-the-Loop as First Class
**The gap it fills**: Human Override and Intervention (High), Agent Explainability (Medium)
Only **30 human-agent interaction drafts** exist against **120 A2A protocols** and **93 autonomous operations** drafts. Agents are being designed to talk to each other, not to humans. The CHEQ protocol ([draft-rosenberg-aiproto-cheq](https://datatracker.ietf.org/doc/draft-rosenberg-aiproto-cheq/)) is a rare exception -- it defines human confirmation *before* agent execution. But nobody has standardized what happens *during* execution: how a human pauses a running workflow, constrains an agent's scope, takes over a task, or issues an emergency stop.
Human-in-the-loop must be a node type in the execution DAG, not an afterthought. The architecture needs:
- **Approval gates**: DAG nodes that block until a human approves
- **Override commands**: Standardized signals to pause, constrain, stop, or take over
- **Escalation paths**: What happens when an override times out
- **Explainability tokens**: How an agent communicates its reasoning at a HITL point
The irony: every production deployment will require these primitives. The standards community is building autonomous capabilities while the deployment community is adding human oversight ad hoc.
### Pillar 3: Protocol-Agnostic Interoperability
**The gap it fills**: Cross-Protocol Translation (High, zero ideas), Agent Lifecycle Management (High)
The 120 A2A protocol drafts will never converge to a single winner. MCP, A2A Protocol, SLIM, and dozens of others will coexist, each with different strengths. The answer is not to pick one; it is to build a translation layer that lets agents using different protocols interoperate through gateways.
This gap has **zero ideas** in the current corpus -- the starkest absence across 361 drafts. No team is working on it. Yet it is perhaps the most important architectural piece: without protocol interoperability, the agent ecosystem fragments into vendor-locked silos.
The protocol binding layer would define:
- How agents advertise which ecosystem features they support
- How gateways translate between protocols while preserving execution semantics (the DAG, the HITL points)
- How agents version and retire gracefully without breaking dependents
- The minimal semantic contract: intent, result, error -- expressible in any protocol
### Pillar 4: Assurance Profiles (Dual Regime)
**The gap it fills**: Behavior Verification (Critical), Cross-Domain Security (High), Dynamic Trust (High), Data Provenance (Medium)
The same agent ecosystem must work in two regimes:
**Relaxed** (development, internal tools, low-risk): Best-effort, optional audit, minimal proof overhead. Think Kubernetes-deployed internal agents.
**Regulated** (finance, healthcare, critical infrastructure): Cryptographic attestation per task, provenance chains, behavior verification against declared specifications, mandatory audit ledger. Think medical or financial agents.
The architecture achieves this with *assurance profiles* -- named configurations that dial up or down the proof requirements. The same DAG, same HITL points, same protocol bindings. Different levels of evidence:
| Level | Evidence | Use Case |
|-------|----------|----------|
| L0 | None (best-effort) | Development, testing |
| L1 | Unsigned audit trail | Internal production |
| L2 | Signed ECTs (JWT) | Cross-org, standard compliance |
| L3 | Signed ECTs + external audit ledger | Regulated industries |
This dual-regime approach resolves the tension between "move fast" deployments and "prove everything" regulated environments. The 52 ideas touching behavior verification and the 79 ideas touching data provenance become implementable at higher assurance levels without imposing their cost on every deployment.
## How It Builds on What Exists
A critical point: this architecture does not compete with existing work. It layers on top of it. Our cross-reference analysis confirms the foundations are strong: **TLS 1.3** (RFC 8446, cited by 42 drafts), **OAuth 2.0** (RFC 6749, 36 drafts), **HTTP Semantics** (RFC 9110, 34 drafts), **JWT** (RFC 7519, 22 drafts), and **COSE** (RFC 9052, 20 drafts) form the bedrock.
But the bedrock is not uniform. Our RFC foundation analysis (Post 3) revealed that the Chinese and Western blocs build on **fundamentally different technology stacks**: YANG/NETCONF for network management on one side, COSE/CBOR/CoAP for IoT security on the other. The only shared foundation is OAuth 2.0. This means the architecture layer above must be genuinely protocol-agnostic -- it cannot assume either stack as the default. The four pillars are designed with this constraint: the DAG model, HITL primitives, and assurance profiles are expressed in terms of abstract semantics, not specific wire formats. The protocol binding layer (Pillar 3) exists precisely because the underlying plumbing diverges.
The architecture adds connective tissue above this layer, not below it:
| Layer | Existing Work | What We Add |
|-------|---------------|-------------|
| **Identity** | SPIFFE (workload identifier), WIMSE (security context propagation) | Nothing -- use existing identity |
| **Evidence** | ECT (execution context tokens, DAG linking) | Orchestration semantics, checkpoint/rollback, HITL nodes |
| **Auth** | OAuth 2.0, SCIM, DAAP, STAMP, Agentic JWT | Protocol binding so any auth approach works |
| **Communication** | MCP, A2A, SLIM, 120 other protocols | Translation layer and capability advertisement |
| **Safety** | DAAP (accountability), verifiable conversations, VERA (zero-trust) | Assurance profiles connecting these into deployable configurations |
The proposed five-draft ecosystem:
1. **Agent Ecosystem Model (AEM)** -- Architecture and terminology. The shared vocabulary so everyone speaks the same language.
2. **Agent Task DAG (ATD)** -- Execution semantics, checkpoints, rollback. How the DAG works.
3. **Human-in-the-Loop (HITL) Primitives** -- Approval gates, overrides, escalation. How humans participate.
4. **Agent Ecosystem Protocol Binding (AEPB)** -- Protocol translation, capability discovery, lifecycle management. How interoperability works.
5. **Assurance Profiles (APAE)** -- Behavior verification, dynamic trust, provenance. How you prove it all works.
Each draft addresses specific gaps. Together, they provide the connective tissue the landscape lacks.
## Traction vs. Aspiration
A reality check: of the 361 drafts, only **36 (10%)** have been adopted by IETF working groups. The rest are individual submissions -- proposals without institutional backing. The WG-adopted drafts score higher on average (**3.54 vs. 3.31**), particularly on maturity (+1.28) and momentum (+0.98), but lower on novelty (-0.45). The WGs that have adopted the most agent-relevant drafts are security-focused: **lamps** (6 drafts), **lake** (5), **tls** (3), **emu** (3). Agent-specific WGs like `aipref` have adopted only 2 drafts.
This reveals a structural insight: the IETF is not building agent standards from scratch. It is **retrofitting security standards for agents**. The agent architecture we propose above would need to work within this reality -- building on the security WGs' infrastructure rather than competing with it.
## Predictions
Based on the data trajectories and current momentum:
**Within 6 months**: The OAuth-for-agents fragmentation will partially resolve. Working groups will adopt 2-3 canonical approaches (likely DAAP/STAMP for accountability and one of the RAR extensions for basic auth). The other 10 proposals will fade or merge.
**Within 12 months**: The DMSC side meeting's gateway work will produce a specification, likely gateway-centric with Agent Gateways as the primary interoperability mechanism. This is not the protocol-agnostic translation layer the ecosystem needs, but it will be the first concrete interop proposal.
**Within 18 months**: The safety deficit will begin to close -- not from IETF drafts but from regulatory pressure. The EU AI Act's requirements for high-risk AI systems will drive demand for behavior verification, human override, and audit standards. The IETF will respond reactively.
**The risk**: If the architecture work does not happen in the next 12 months, the agent ecosystem will calcify around vendor-specific protocol stacks (OpenAI's, Google's, Anthropic's, Huawei's). Each will have its own auth, discovery, and communication layer. The interoperability window will close, and the IETF's work will be standards for islands rather than standards for the internet.
### Two Equilibria
By 2028, the landscape will have resolved into one of two stable states.
In the **first equilibrium**, it looks like today's microservices ecosystem: a chaotic but functional collection of protocols, libraries, and frameworks, held together by platform-specific integrations and de facto standards from the largest cloud providers. The IETF's work exists but is incomplete. The real interoperability happens at higher layers -- agent frameworks like LangChain, Semantic Kernel, or their successors. Safety is bolted on after deployment.
In the **second equilibrium**, it looks more like the web: a layered architecture where identity (like TLS), communication (like HTTP), and semantics (like HTML) are cleanly separated, with standardized interfaces between them. Agents identify via WIMSE, execute via ECT-based DAGs, communicate via protocol-agnostic bindings, and operate under assurance profiles that scale from development to regulated production. Safety is built in, not bolted on.
The 4:1 ratio is the leading indicator. If it narrows -- if safety and oversight work accelerates to match capability work -- the second equilibrium becomes achievable. If it stays at 4:1 or widens, the first equilibrium is where we land, and safety becomes remediation rather than prevention.
## What Builders Should Do Today
If you are building agent systems and cannot wait for standards to mature:
**1. Watch these drafts**: ECT (execution evidence), DAAP (accountability), CHEQ (human confirmation), ADL (agent description), ANS (agent discovery). These have the highest combination of quality, novelty, and adoption potential.
**2. Design for the DAG**: Structure your multi-agent workflows as directed acyclic graphs with explicit dependencies and checkpoints. Even without a standard, the pattern will be compatible with whatever emerges.
**3. Build HITL from the start**: Every production agent deployment needs human override capability. Do not add it later. Design approval gates, emergency stops, and escalation paths into your architecture now.
**4. Implement assurance as a dial**: Make your proof/audit level configurable. Start at L0 for development, L1 for production, and be ready to turn up to L2/L3 when regulation arrives.
**5. Avoid protocol lock-in**: If you build on MCP today, architect for the possibility of supporting A2A or SLIM tomorrow. The protocol war is not over, and the winner may be "all of them via translation."
## The Thesis
Across six posts, we have built to one argument:
**The IETF's AI agent standardization effort is the largest, fastest-growing, and most consequential standards race in a decade. But it is building the highways before the traffic lights.** The data shows explosive growth (from 0.5% to 9.3% of all IETF submissions in 15 months), deep fragmentation (120 competing A2A protocols), concerning concentration (one company writes 18% of all drafts), and a structural safety deficit (4:1 capability to guardrails). What is missing is not more protocols -- it is connective tissue: a shared execution model, human oversight primitives, protocol interoperability, and assurance profiles that work from development to regulated production.
The 75 convergent ideas -- and the broader set of 628 cross-org overlaps -- contain the components for this architecture. The question is whether the community can assemble them before the protocols ship without it. The convergence data suggests it is possible: **180 ideas already cross the Chinese-Western divide**, mediated largely by European telecoms (Deutsche Telekom, Telefonica, Orange) that operate in both markets and appear on both sides of nearly every major cross-cultural convergent idea. The bridge-builders exist. They need an architecture to bridge to.
The IETF has built the internet's infrastructure before. DNS, HTTP, TLS -- each emerged from periods of competing proposals, fragmentation, and coordinated resolution. The AI agent standards race is following the same pattern, on a compressed timeline, with higher stakes.
The traffic lights need to catch up to the highways. The data says they can -- if someone draws the big picture.
---
### Key Takeaways
- **Four missing pillars**: DAG-based execution, human-in-the-loop primitives, protocol-agnostic interoperability, and assurance profiles for dual-regime deployment
- **The architecture builds on existing work**: SPIFFE for identity, WIMSE for security context, ECT for execution evidence -- the foundation exists
- **Five proposed drafts** (AEM, ATD, HITL, AEPB, APAE) would fill the 12 gaps by providing connective tissue between existing protocol proposals
- **The interoperability window is closing**: vendor-specific agent stacks are forming; the next 12 months are critical for open standards
- **For builders today**: design for DAGs, build HITL from the start, make assurance configurable, avoid protocol lock-in
*Next in this series: [How We Built This](07-how-we-built-this.md) -- the methodology behind analyzing 361 IETF drafts with Claude, Ollama, and Python.*
---
*Synthesis based on the full IETF Draft Analyzer dataset: 361 drafts, 557 authors, 75 cross-draft convergent ideas (628 via fuzzy matching), 12 gaps, 18 team blocs, 42 overlap clusters. Data current as of March 2026.*

242
data/reports/blog-series/07-how-we-built-this.md Normal file
View File

@@ -0,0 +1,242 @@
# How We Built This: Analyzing 361 IETF Drafts with Claude and Ollama
*The engineering behind the analysis -- a Python CLI, two LLMs, one SQLite database, and ~$9.*
---
Every claim in this series -- the 4:1 safety ratio, the 14 competing OAuth proposals, the 18 team blocs, the 12 gaps, the 180 ideas crossing the Chinese-Western divide -- comes from an automated analysis pipeline we built in Python. This post describes how it works, what it costs, what it found that surprised us, and what we learned about LLM-powered document analysis at scale.
The tool is open source. If you want to run it on a different corner of the IETF -- or adapt it for another standards body -- everything you need is in the repository.
## The Pipeline
The analysis runs in six core stages. Each builds on the previous, and every stage caches its work so re-runs are fast and cheap.
```
fetch --> analyze --> embed --> ideas --> gaps --> report
| | | | | |
v v v v v v
Datatracker Claude Ollama Claude Claude Markdown
API Sonnet nomic-embed Haiku Sonnet + rich
```
Three additional analysis passes run on top of the core pipeline:
```
refs --> trends --> idea-overlap --> status
| | | |
v v v v
Regex SQL query SequenceMatcher Naming convention
(local) (local) (local) (local)
```
These secondary passes cost nothing -- they operate entirely on data already in the database.
### Stage 1: Fetch
The Datatracker API (`https://datatracker.ietf.org/api/v1/doc/document/`) provides structured metadata for every Internet-Draft: name, title, abstract, authors, revision, submission date, working group, and current status. Full text is available at `https://www.ietf.org/archive/id/{name}-{rev}.txt`.
We search for drafts matching 12 keywords: `agent`, `ai-agent`, `llm`, `autonomous`, `machine-learning`, `artificial-intelligence`, `mcp`, `agentic`, `inference`, `generative`, `intelligent`, `aipref`. Both `name__contains` and `abstract__contains` filters are used to cast a wide net. We started with 6 keywords and 260 drafts; adding 6 more captured 101 new drafts in categories we were missing -- MCP-related work, generative AI infrastructure, intelligent networking, and the nascent `aipref` working group.
**Gotchas learned the hard way**: The Datatracker API uses `type__slug=draft` (not `type=draft`) to filter to drafts. Pagination requires tracking `meta.next` through the response chain. Affiliation data comes from the `documentauthor` record, not the `person` record. We add a 0.5-second polite delay between requests.
The result: **361 drafts** fetched, with full metadata and text stored in SQLite.
### Stage 2: Analyze
Each draft is sent to Claude Sonnet with a compact structured prompt that includes the draft name, title, date, page count, and abstract. The prompt asks for:
- **Category classification** (one or more of 11 categories: A2A protocols, agent identity/auth, autonomous netops, data formats/interop, agent discovery/reg, human-agent interaction, AI safety/alignment, ML traffic management, policy/governance, model serving/inference, other)
- **Quality rating** on five dimensions (novelty, maturity, overlap, momentum, relevance) each scored 1-5
- **Brief summary** of what the draft does and why it matters
The key optimization: **caching**. Every Claude API call is stored in an `llm_cache` table keyed by the SHA-256 hash of the full prompt. If the same draft is analyzed twice, the second call is free and instant. This makes the pipeline idempotent -- you can re-run any stage without wasting money.
We initially sent full draft text to Claude, but switched to abstract-only analysis after testing showed that abstracts produce equivalent ratings at roughly 10x lower token cost. Full text is still used for idea extraction (Stage 4), where granular detail matters.
**Cost**: About $3.16 for the initial 260 drafts on Claude Sonnet (376K input tokens, 200K output tokens). With the `--cheap` flag, analysis uses Claude Haiku instead, cutting costs roughly 10x.
### Stage 3: Embed
For similarity analysis, we generate vector embeddings using Ollama running locally with the `nomic-embed-text` model. Each draft's abstract is embedded into a 768-dimensional vector, stored as raw bytes in the database.
**Why not Claude for embeddings?** Cost and speed. Ollama runs locally, is free, and processes all 361 drafts in under a minute. The embeddings are used for approximate similarity (cosine distance), overlap detection, and t-SNE visualization -- tasks where a small local model is perfectly adequate.
The embeddings enable:
- **Overlap clusters**: Draft pairs with >0.85 cosine similarity grouped together
- **Near-duplicate detection**: 25+ pairs with >0.98 similarity flagged as potential duplicates
- **Interactive t-SNE landscape**: 2D visualization of the entire draft space, color-coded by category
### Stage 4: Ideas
The most expensive stage. Each draft's full text is analyzed by Claude to extract discrete technical ideas -- mechanisms, architectures, protocols, patterns, extensions, and requirements.
**Batch optimization**: Rather than calling Claude once per draft, we batch 5 drafts per API call using Claude Haiku (`--cheap --batch 5`). This cuts the number of API calls by 5x and uses the cheaper model. The batch prompt includes all 5 drafts' texts and asks for ideas from each, reducing per-idea cost to fractions of a cent.
**Result**: **1,780 technical components** extracted from 361 drafts (averaging ~5 per draft). Of 1,692 unique titles, **96% appear in exactly one draft** -- most are draft-specific component descriptions ("Agent Gateway," "Transport Configuration System"), not standalone innovations. Only **75 ideas** show genuine cross-draft convergence (appearing in 2+ drafts), and only **11** appear in 3+ drafts. The real signal comes from the cross-org overlap analysis (idea-overlap feature), which uses fuzzy matching to identify **628 ideas** where 2+ organizations work on recognizably similar problems -- 43% of all unique idea clusters.
### Stage 5: Gaps
The gap analysis is a synthesis step. We send Claude Sonnet the full landscape context -- category distributions, idea taxonomy, safety ratio, overlap patterns -- and ask it to identify areas where standardization work is missing or inadequate.
This is the one stage where the LLM is doing genuine reasoning, not just extraction. The prompt provides the data; Claude identifies the structural gaps. We validate its findings against the raw data (e.g., confirming that only 6 ideas address error recovery, or that cross-protocol translation has zero ideas).
**Result**: **12 gaps** identified (3 critical, 6 high, 3 medium), each cross-referenced with related drafts and ideas.
### Stage 6: Report
Reports are generated in Markdown with embedded data tables. Fifteen report types are available: overview, landscape, digest, timeline, overlap-matrix, overlap-clusters, authors, ideas, gaps, refs, trends, idea-overlap, and status. The `rich` library provides formatted terminal output for CLI commands.
## The Database
The SQLite database is the real product. At **28 MB**, it contains everything needed to reproduce any finding in this series.
| Table | Rows | Purpose |
|-------|-----:|---------|
| drafts | 361 | Full metadata + text for every draft |
| ratings | 361 | 5-dimension quality scores + summaries |
| embeddings | 361 | 768-dim vectors as binary blobs |
| ideas | 1,780 | Extracted technical components with types |
| authors | 557 | Person records from Datatracker |
| draft_authors | 1,057 | Author-to-draft linkage with affiliation |
| draft_refs | 4,231 | RFC/draft/BCP cross-references |
| gaps | 12 | Identified standardization gaps |
| llm_cache | 703 | Cached Claude API responses |
FTS5 full-text search is enabled on drafts, supporting queries like `ietf search "agent authentication"` that return ranked results in milliseconds. Indexes on `draft_refs(ref_type, ref_id)` and `ideas(draft_name)` keep query performance fast even for cross-table joins.
The database design follows a principle: **store raw data, compute derived data**. The drafts table stores full text; the ratings, ideas, and refs tables store analysis results. Any analysis can be re-run without re-fetching from the Datatracker API.
## The Author Network
The author analysis deserves special mention because it revealed the team bloc pattern -- one of the most important findings in the series.
The IETF Datatracker provides author information via two API endpoints:
- `/api/v1/doc/documentauthor/?document__name=X` -- returns author links per draft
- `/api/v1/person/person/{id}/` -- returns person details (name, affiliation)
We fetch all authors for all drafts, build a co-authorship graph, and detect team blocs: groups where every pair of members shares at least 70% of their drafts. This threshold was chosen empirically -- lower thresholds produce too many loose groups; higher thresholds miss real teams.
The detection algorithm:
1. For each pair of authors, calculate pairwise overlap = |shared drafts| / min(|A's drafts|, |B's drafts|)
2. Build a graph where edges represent pairs with >= 70% overlap and >= 2 shared drafts
3. Find connected components in this graph
4. Each component is a team bloc
**Organization normalization** turned out to be essential. "Huawei Technologies", "Huawei Technologies Co., Ltd.", and "Huawei Canada" all need to resolve to "Huawei". We maintain a hand-curated alias table of 40+ mappings plus automatic suffix stripping for common patterns (", Inc.", " LLC", " AB", etc.). Without this, cross-org analysis would fragment the same company into multiple entities.
**Result**: **18 team blocs** detected among 557 authors. The largest: a 13-person Huawei team with 22 shared drafts and 94% average cohesion.
## The New Features
Four features were added during the analysis session, each unlocking a deeper analytical layer. All four run locally with zero API cost.
### RFC Cross-References (`ietf refs`)
**What it does**: Parses all 361 drafts for RFC references using regex (`RFC\s*\d{4,}`, `\[RFC\d+\]`, `BCP\s*\d+`, `draft-[\w-]+`). Stores results in a `draft_refs` table for querying.
**What it found**: **4,231 cross-references** (2,443 RFC, 698 draft, 1,090 BCP) across 360 drafts with text. The most-referenced standards reveal what the agent ecosystem builds on:
| RFC | References | What It Is |
|-----|----------:|-----------:|
| RFC 2119 | 285 | MUST/SHALL/MAY conventions |
| RFC 8174 | 237 | Key words update |
| RFC 8446 | 42 | TLS 1.3 |
| RFC 6749 | 36 | OAuth 2.0 |
| RFC 9110 | 34 | HTTP Semantics |
| RFC 8259 | 26 | JSON |
| RFC 5280 | 22 | X.509 Certificates |
| RFC 7519 | 22 | JWT |
| RFC 9052 | 20 | COSE |
**The insight**: Strip away RFC 2119/8174 (boilerplate conventions that every IETF draft references) and the picture is clear: the agent ecosystem is built on **OAuth + TLS + HTTP + JWT**. It is a security and identity infrastructure, not a networking infrastructure. The IETF's agent standards are being constructed on the same foundation as the web itself. This reframes the entire landscape: agent standards are not something new. They are the next layer on top of the web's existing security architecture.
### Category Trends (`ietf trends`)
**What it does**: Monthly breakdown of new drafts per category with growth rates, comparing recent periods to earlier ones.
**What it found**: The growth curve is a step function. Monthly submissions went from 2 (Jun 2025) to 67 (Oct 2025) to 86 (Feb 2026). A2A protocols are still accelerating (26 in Oct/Nov 2025, 36 in Feb 2026). Safety/alignment is growing but slower (5 in Oct 2025, 12 in Feb 2026). The 4:1 ratio is narrowing, but not fast enough.
### Cross-Org Idea Overlap (`ietf idea-overlap`)
**What it does**: Groups similar ideas using `SequenceMatcher` (threshold 0.75), then checks which ideas span drafts from multiple organizations. This separates genuine cross-org consensus from intra-team duplication.
**What it found**: By exact title, only 75 of 1,692 unique ideas appear in 2+ drafts -- 96% are islands. But fuzzy matching reveals **628 ideas** where 2+ organizations work on recognizably similar problems (43% of unique clusters). The top convergence signal -- "A2A Communication Paradigm" -- spans **8 organizations from 4 countries**. The deeper finding: **180 ideas cross the Chinese-Western organizational divide**. European telecoms (Deutsche Telekom, Telefonica, Orange) act as bridges between Chinese institutions and Western companies. US Big Tech (Google, Apple, Amazon) is almost entirely absent from cross-divide collaboration.
### WG Adoption Status (`ietf status`)
**What it does**: Determines which drafts have been formally adopted by IETF Working Groups based on the `draft-ietf-{wg}-*` naming convention. Compares scores, categories, and gap coverage between WG-adopted and individual drafts.
**What it found**: Only **36 of 361 drafts (10%)** are WG-adopted. The remaining 90% are individual submissions -- ideas seeking institutional backing. WG-adopted drafts score slightly higher on average (**3.54 vs 3.31**), validating our rating methodology.
The most revealing finding: **19 of 36 WG-adopted drafts are in security Working Groups** (lamps, lake, tls, emu, ace). The agent-focused `aipref` WG has only 2 adopted drafts. The IETF is not building agent standards in agent-focused groups -- it is retrofitting its existing security infrastructure for agent use cases. The standards that will actually govern AI agents on the internet are being written by the same people who write TLS and OAuth, not by new agent-specific working groups.
## What We Learned
### LLMs are good at structured extraction
Claude's strength in this pipeline is turning unstructured technical documents into structured data: categories, ratings, ideas, gaps. The extraction quality is high -- we spot-checked 50 drafts and found categorization and idea extraction accurate in ~90% of cases. The errors tend to be over-categorization (assigning too many categories) rather than miscategorization.
### LLMs need validation for synthesis
The gap analysis (Stage 5) required the most human oversight. Claude correctly identified the gaps, but the severity rankings and the "zero ideas" claims needed manual verification against the raw data. LLMs can synthesize, but the synthesis should be treated as a hypothesis, not a conclusion.
### Caching changes the economics
The `llm_cache` table transforms the cost model. The first run costs ~$3. Every subsequent run -- adding new drafts, re-running with different prompts, regenerating reports -- costs only for new work. Over the project's life, we estimate caching saved $30+ in redundant API calls. The cache key is a SHA-256 hash of the full prompt, making it trivially collision-resistant.
### Hybrid models work
Using Claude Sonnet for reasoning-heavy tasks (analysis, gap synthesis) and Claude Haiku for extraction-heavy tasks (idea extraction, batch processing) cut costs by 5-10x without meaningful quality loss. Using Ollama for embeddings made similarity analysis free and fast. The principle: match the model's capability to the task's difficulty.
### The free analyses are the most revealing
The four features that cost zero API dollars -- regex-based RFC parsing, SQL-based trend analysis, SequenceMatcher-based idea dedup, and naming-convention-based WG detection -- produced some of the most narratively important findings in the entire series. The OAuth-stack-as-foundation insight from RFC cross-references. The 180 cross-divide ideas. The 10% WG adoption rate. The security-WG-not-agent-WG finding. None of these required an LLM. They required a well-structured database and the right questions.
### The database is the product
The most valuable output is not any single report -- it is the SQLite database. With all drafts analyzed, ideas extracted, authors mapped, refs parsed, and embeddings stored, the database supports ad-hoc queries that no pre-built report can anticipate. The blog series was written primarily by querying the database, not by re-running the pipeline.
## Cost Summary
| Stage | Model | Drafts | Cost |
|-------|-------|-------:|-----:|
| Analyze | Claude Sonnet | 260 | ~$2.50 |
| Analyze | Claude Sonnet | 101 | ~$5.50 |
| Ideas | Claude Haiku (batch 5) | 361 | ~$0.80 |
| Gaps | Claude Sonnet | 1 call | ~$0.20 |
| Embed | Ollama (local) | 361 | $0.00 |
| Refs | Regex (local) | 361 | $0.00 |
| Trends | SQL (local) | 361 | $0.00 |
| Idea-overlap | SequenceMatcher (local) | 1,780 ideas | $0.00 |
| WG Status | Naming convention | 361 | $0.00 |
| **Total** | | | **~$9** |
For context: analyzing 361 IETF drafts -- fetching full text, rating quality on 5 dimensions, extracting ~1,700 technical components, detecting 12 gaps, mapping 557 authors, parsing 4,231 cross-references, and identifying 18 team blocs -- cost less than two large coffees.
## The Tech Stack
- **Python 3.11+** with **Click** for the CLI
- **SQLite** with **FTS5** for full-text search
- **httpx** for HTTP requests (Datatracker API)
- **anthropic** SDK for Claude API
- **ollama** for local embeddings
- **rich** for terminal formatting
- **numpy** for cosine similarity and matrix operations
43 CLI commands, 13+ interactive visualizations (HTML/PNG), 15 report types. Total codebase: approximately 6,100 lines of Python across 12 modules.
---
### Key Takeaways
- **The full analysis cost ~$9** -- LLM-powered document analysis at scale is practical and cheap with proper caching and model selection
- **Caching is essential**: SHA-256 hashed prompt caching makes the pipeline idempotent and dramatically reduces costs on re-runs
- **Hybrid LLM strategy**: Claude Sonnet for reasoning, Claude Haiku for extraction (10x cheaper), Ollama for embeddings (free) -- match model capability to task difficulty
- **The zero-cost analyses were the most revealing**: RFC cross-references, idea overlap, WG adoption, and trend analysis all run locally and produced the series' most important structural findings
- **The database is the product**: a well-structured SQLite DB supports queries no pre-built report anticipates; the blog series was written by querying, not re-running
*Next in this series: [Agents Building the Agent Analysis](08-agents-building-the-analysis.md) -- we used a team of AI agents to produce this series. The irony is the point.*
---
*The IETF Draft Analyzer is open source. The codebase, database, and all reports are available in the project repository.*

198
data/reports/blog-series/08-agents-building-the-analysis.md Normal file
View File

@@ -0,0 +1,198 @@
# Agents Building the Agent Analysis
*We used a team of AI agents to analyze, write about, and draw conclusions from 361 IETF drafts on AI agents. Here is what that looked like from the inside.*
---
There is an irony we should address up front: this entire blog series -- analyzing 361 Internet-Drafts about how AI agents should work -- was itself produced by a team of AI agents. Four Claude instances, each with a distinct role, reading the same data, building on each other's output, and coordinating through a shared task system and development journal.
This post is the story of that process: what worked, what surprised us, and what it reveals about the state of AI agent coordination in practice -- which, as it happens, is exactly the problem the IETF drafts are trying to solve.
## The Team
We designed a four-agent team, each with a one-page definition file and a shared 3,000-word team brief:
| Agent | Role | What They Did |
|-------|------|---------------|
| **Architect** | "The Big Picture" | Read all reports, designed the narrative arc, wrote the vision document, reviewed every post across multiple passes |
| **Analyst** | "The Data Whisperer" | Ran the full pipeline on 361 drafts, executed 20+ SQL queries, produced 7 data packages |
| **Coder** | "The Feature Builder" | Implemented 7 new analysis features (refs, trends, idea-overlap, WG adoption, revisions, centrality, co-occurrence) |
| **Writer** | "The Storyteller" | Drafted all 8 blog posts, applied 6+ revision passes incorporating data refreshes, architectural reframes, and editorial redirections |
Each agent had access to the full project codebase, a SQLite database of analyzed drafts, and the `ietf` CLI tool. They communicated through direct messages and coordinated through a shared task board with dependency tracking.
The team brief contained a thesis statement -- "The IETF is building the highways before the traffic lights" -- along with a per-post outline, style guide, and key data points table. Each agent's definition was approximately 50 lines: enough to establish identity and scope without over-constraining behavior.
## How It Actually Worked
The process unfolded in roughly six phases -- not the four we planned.
### Phase 1: Parallel Initialization
All four agents started simultaneously. The Analyst began running the analysis pipeline on 101 new drafts. The Architect read all 10 existing reports and started designing the narrative arc. The Coder read the Architect's initial notes and began implementing new features. The Writer read every data report in the project.
The key design decision: **agents did not wait for each other when they could work in parallel.** The Writer's tasks were formally blocked by the Analyst's pipeline run, but the Writer had enough existing data (260 analyzed drafts) to start drafting. Rather than sitting idle, the Writer produced first drafts of all 6 core posts while waiting for updated numbers. This turned out to be the right call -- the structure and narrative mattered more than whether the draft count was 260 or 361.
### Phase 2: The Architect Sets the Frame
The Architect's first deliverable changed everything. After reading all 10 reports, the Architect produced two documents:
**1. The narrative arc** (`00-series-overview.md`): A three-act structure (Gold Rush, Fragmentation, Path Forward) with five recurring motifs and per-post design guidance. The key insight embedded in this document -- that "coordination difficulty correlates with gap severity" -- reframed the entire analysis. The safety deficit was not just a quantity problem (too few safety drafts); it was a structural problem (the team-bloc structure that concentrates authorship cannot produce the cross-team work that safety standards require).
**2. The vision document** (`state-of-ecosystem.md`): A ~2,000-word synthesis with three 2027 scenarios and a "two equilibria" 2028 endgame. The best historical analogy turned out to be not IoT but the web itself -- browser wars leading to HTML5 convergence. The critical difference: when the thing being standardized makes autonomous decisions, getting safety wrong in the messy phase has consequences that are harder to fix retroactively.
Both documents shaped every subsequent blog post. The Writer wove the motifs through the series. The Coder built features the Architect flagged as missing. The Analyst's queries were directed by the per-post data requirements table the Architect produced.
### Phase 3: Building and Writing in Parallel
The Coder and Writer worked simultaneously, their outputs feeding each other. The Coder started with four features, then built three more as the Architect identified additional analytical needs:
| Coder Built | What It Revealed | Writer Used It In |
|-------------|------------------|-------------------|
| `ietf refs` (4,231 cross-references) | OAuth 2.0 and TLS 1.3 are the ecosystem's bedrock | Post 3: OAuth Wars |
| `ietf idea-overlap` (628 cross-org ideas) | 43% of idea clusters have cross-org validation | Post 5: Where Drafts Converge |
| `ietf trends` (19 months of data) | Growth from 0.5% to 9.3% of all IETF submissions | Post 1: Gold Rush |
| `ietf status` (36 WG-adopted drafts) | Agent standards live in security WGs, not agent WGs | Post 6: Big Picture |
| `ietf revisions` (55% at rev-00) | Most drafts are fire-and-forget; commitment is rare | Posts 2, 5 |
| `ietf centrality` (491 nodes, 1,142 edges) | European telecoms are the cross-divide glue | Post 2: Who Writes the Rules |
| `ietf co-occurrence` (safety isolation) | Safety co-occurs with A2A protocols only 8.8% of the time | Post 4: What Nobody Builds |
Every one of these features used **zero API calls** -- pure local computation using regex, SequenceMatcher, networkx, and SQL. This is an underappreciated pattern in LLM-powered analysis: use the expensive model (Claude) for tasks that require reasoning (categorization, idea extraction, gap synthesis), and use deterministic code for everything else. The cheapest analyses -- the ones with zero marginal cost -- produced the most structurally revealing findings.
The Writer produced all 7 posts in a single session: roughly 15,000 words across Posts 1-7, each following the Architect's structural guidance while making independent editorial decisions about hooks, examples, and narrative pacing.
### Phase 4: First Review and the Silent Failure
The Architect read all 6 core posts end-to-end and provided a structured review:
- **Post 1**: Four specific notes (geopolitics belongs in Post 2, add keyword expansion, lighten ending, add vivid example)
- **Post 3**: Flagged a data inconsistency (OAuth table had 14 rows but text said 13)
- **Post 4**: Identified as the strongest post -- the hospital drug-dispensing scenario and structural analysis section deliver the climax
- **Post 5**: Needed cross-org overlap data from the Coder's new report
- **Post 6**: Suggested adding the "two equilibria" framing from the vision document
The Writer applied all revisions in a targeted pass. The most interesting editorial decision: removing the extended geopolitics section from Post 1. The original was well-written but front-loaded the series with details that Post 2 covers in depth. The lighter version creates more narrative pull toward the next post.
Then came the first real coordination failure. **The Writer's revisions to Post 1 did not persist.** The dev journal said the work was done. The task board said "completed." But when the Architect verified the actual file, it still contained the pre-revision content -- the full geopolitics section, the heavy ending, the missing cloud-infrastructure scenario.
This is exactly the kind of silent failure that agent teams need guardrails for. The log said success; the artifact said otherwise. Without the Architect's verification step -- reading the output rather than trusting the status -- the error would have shipped. Lesson: **verify outputs, not logs.**
### Phase 5: The Data Arrives and the Reframing Battle
While the writing and reviewing unfolded, the Analyst completed the full pipeline: 361 drafts rated, 557 authors mapped (up from 403), 1,780 ideas extracted (up from 1,262). The numbers changed significantly: Huawei's share grew from 12% to 18%, A2A protocols from 92 to 120, and the safety ratio held steady at roughly 4:1. Every blog post needed a numbers-update pass.
But the most consequential event in Phase 5 was not the data refresh. It was the project lead challenging the Writer's headline claim.
**The "1,780 ideas" reframing.** The series had been built around a headline number: "1,780 technical ideas extracted from 361 drafts." The project lead asked: what does that number actually mean? The answer was uncomfortable. The pipeline extracts approximately 5 ideas per draft on average -- a mechanical process that produces "ideas" like "A2A Communication Paradigm" and "Agent Network Architecture." The raw count sounds impressive but is mostly scaffolding.
The real signal was hiding in the Coder's cross-org overlap analysis: of 1,692 unique idea titles, **96% appear in exactly one draft.** Only 75 show up in two or more drafts. Only 11 in three or more. The fragmentation that defines the protocol landscape extends all the way down to the idea level.
This required rewriting Post 5 entirely -- its title changed from "The 1,780 Ideas That Will Shape Agent Infrastructure" to "Where 361 Drafts Converge (And Where They Don't)." The lead metric shifted from raw extraction count (impressive but hollow) to the 96% fragmentation rate (honest and striking). Every post that referenced the idea count had to be updated, some multiple times as the framing evolved through three iterations.
The episode is worth documenting because it illustrates the irreducible role of human judgment in agent-produced work. Four agents had independently used the 1,780 figure -- the Analyst generated it, the Coder validated it, the Architect designed around it, the Writer headlined it. None questioned whether it was meaningful. It took a human asking "so what?" to force the reframe. The improved version -- convergence-amid-fragmentation, with 628 cross-org convergent ideas as the honest middle ground -- was genuinely better. But no agent surfaced the critique on its own.
### Phase 6: Bombshell Findings and Final Integration
The Analyst's second deep-analysis round produced three findings that significantly strengthened the series:
**RFC foundation divergence.** The Chinese bloc builds on YANG/NETCONF (network management). The Western bloc builds on COSE/CBOR/CoAP (IoT security) and HTTP/TLS/PKI (web infrastructure). The **only shared foundation is OAuth 2.0.** This elevated Post 3's fragmentation thesis from "different protocols" to "different technological DNA" -- the two blocs are not just disagreeing on solutions, they are building on incompatible infrastructure.
**Revision velocity.** 55% of all 361 drafts are at revision -00 -- submitted once, never iterated. Huawei's rate is 65%. Compare that with Ericsson (11%), Boeing (average revision 28.2), and Siemens (17.2). The volume-vs.-commitment distinction sharpened Post 2's analysis of what Huawei's 66-draft campaign actually represents. A further detail: the majority of Huawei's drafts were submitted in the 4-week window before IETF 121 Dublin -- a coordinated pre-meeting filing burst.
**Centrality bridge-builders.** The co-authorship network (491 nodes, 1,142 edges) revealed that European telecoms -- not US Big Tech, not the UN, not any formal body -- are the structural glue between the Chinese and Western blocs. Telefonica's Luis M. Contreras ranks #1 in betweenness centrality. Only 115 of 557 authors (23%) bridge the divide at all. The standards ecosystem's cross-divide cohesion depends on a handful of companies that most observers would not name first.
The Writer wove all three findings into the series across multiple targeted passes: RFC divergence into Posts 2, 3, and 6; revision velocity into Posts 2 and 5; centrality data into Post 2's cross-pollination section. The Coder's co-occurrence analysis added one more dimension to Post 4: safety co-occurs with governance categories (60% with policy, 58% with identity/auth) but has **zero co-occurrence with Agent Discovery and Model Serving** -- safety is discussed as policy, not implemented as protocol.
## What Surprised Us
### Human judgment was the critical intervention
The ideas reframing was not the only moment where human direction changed the team's course, but it was the most instructive. Agents are excellent at execution -- the Writer applied six revision passes without error, the Coder built seven features in a single session, the Analyst ran 20+ analytical queries. But none of them asked whether the headline metric was worth headlining. The human project lead's "so what?" produced a better Post 5 than any amount of agent iteration would have.
This maps directly to the IETF's Human Override and Intervention gap. The question is not whether agents can do the work. The question is who notices when the work is pointed in the wrong direction.
### The silent failure exposed a verification gap
The Writer's Post 1 revisions disappearing -- logged as done but not actually persisted -- is a small-scale version of the Agent Behavior Verification gap the series identifies as critical. In our case, the Architect caught it during a manual review pass. In a production multi-agent system with no verification protocol, the error propagates. The dev journal said success. The file system disagreed. We had no automated mechanism to detect the discrepancy.
### The Architect role was disproportionately valuable
The Architect produced fewer words than the Writer and fewer features than the Coder, but shaped the entire output. Three specific contributions had outsized impact:
1. The insight that gap severity correlates with coordination difficulty transformed Post 4 from a list of gaps into an argument about structural dysfunction.
2. The "two equilibria" framing in the vision document gave Post 6's predictions real weight -- not just "here is what might happen" but "here are two stable endpoints, and this ratio determines which one we reach."
3. The verification pass that caught the Post 1 silent failure -- and the broader pattern of verifying outputs rather than trusting status messages.
All three contributions came from reading holistically -- something no individual report, pipeline run, or status message could produce. The Architect role was fundamentally about synthesis and verification.
### The cheapest analyses were the most important
| Component | Cost | Most Important Finding |
|-----------|-----:|----------------------|
| Claude Sonnet (ratings, gaps) | ~$8 | 4:1 safety deficit, 12 gap taxonomy |
| Claude Haiku (idea extraction) | ~$0.80 | 1,780 raw ideas (96% fragmented) |
| Ollama embeddings | $0.00 | 25+ near-duplicate pairs |
| Coder: regex RFC parsing | $0.00 | Foundation divergence (YANG vs COSE) |
| Coder: networkx centrality | $0.00 | European telecoms as bridge-builders |
| Coder: SQL co-occurrence | $0.00 | Safety structurally isolated from protocols |
| Coder: revision counting | $0.00 | 55% fire-and-forget rate |
| **Total pipeline** | **~$9** | |
The pattern is consistent: Claude provided the foundation data (ratings, categories, ideas), but the structurally revealing findings came from deterministic local computation on top of that foundation. RFC cross-references (regex), author centrality (networkx), revision velocity (filename parsing), and category co-occurrence (SQL joins) -- all zero-cost, all among the most quotable findings in the series.
### The development journal earned its keep
We required every agent to log milestones to a shared `dev-journal.md`. By session's end, the journal had 30 entries across all four agents -- capturing not just what was done but why, and flagging surprises that would otherwise be lost. When the Writer needed to understand what the Coder had built, the journal entry was faster and more informative than a status message. When the Architect reviewed posts, the Writer's journal entries explained editorial decisions that would otherwise be opaque.
The journal also became the source material for this post. Every "Surprise" field in the journal captured an insight -- the ideas reframing, the silent failure, the RFC divergence revelation -- that no other artifact preserves.
## What This Tells Us About Agent Teams
Six lessons from running a four-agent team on a real project:
**1. Role definitions matter more than instructions.** The one-page agent definitions were more effective than the 3,000-word team brief. Agents performed best when they had a clear identity and scope, not a detailed todo list.
**2. Shared state beats messaging.** The SQLite database, the dev journal, and the report files were more effective coordination mechanisms than direct inter-agent messages. Agents could read each other's outputs on their own schedule, without the overhead of request-response communication.
**3. Async is natural, but verification is not.** Agents working in parallel on loosely coupled tasks is a pattern that works. What does not happen naturally is output verification. The silent failure -- revisions logged but not persisted -- would have gone undetected without a deliberate verification pass. Agent teams need assurance mechanisms, not just coordination mechanisms.
**4. Humans catch category errors; agents catch consistency errors.** The Architect found a 14-vs-13 data inconsistency. The Writer applied six revision passes without introducing a single factual error. Agents are excellent at consistency within a frame. But the project lead's "so what?" about the ideas count was a category-level critique -- questioning the frame itself. That kind of challenge did not emerge from any agent.
**5. Review compounds.** The Architect reviewed the Writer's posts, the project lead reviewed the Architect's framing, and the resulting revisions cascaded through the series. Each review layer caught different things: data errors, structural problems, framing weaknesses. Multiple review passes from different perspectives produced compounding quality gains.
**6. The journal is the product.** The dev journal -- originally intended as a process artifact -- became the richest record of what happened and why. It captures decisions, surprises, and coordination moments that no other artifact preserves. For any multi-agent project, require a shared journal.
## The Meta-Irony
We built a team of AI agents to analyze 361 IETF drafts about AI agent standards. The team needed: coordination mechanisms, shared context, role-based specialization, review and quality gates, human oversight, and a way to verify that completed work was actually complete.
Every one of these needs maps to a gap in the IETF landscape:
| Our Team Needed | What Happened | IETF Gap |
|----------------|---------------|----------|
| Shared execution context | Agents coordinated via SQLite, files, dev journal | Agent Execution Model (no standard) |
| Quality review before publication | Architect caught data errors, structural problems | Agent Behavior Verification (critical gap) |
| Output verification | Writer's revisions silently failed; Architect caught it manually | Agent Behavior Verification (critical gap) |
| Error handling when agents disagreed | Ideas reframing required 3 iterations to stabilize | Agent Error Recovery (6 ideas from 1 draft) |
| Coordination across different approaches | RFC divergence: agents building on different foundations | Cross-Protocol Translation (zero ideas) |
| Human oversight of outputs | Project lead's "so what?" redirected the entire ideas framing | Human Override and Intervention (4 ideas) |
We solved these problems ad hoc -- with a dev journal, a task board, role definitions, manual verification passes, and human review. The IETF is trying to solve them at internet scale with protocol standards. The distance between our 4-agent team and a deployed multi-agent system on the open internet is vast, but the problems are structurally identical.
The standards the IETF is racing to write are the standards our own team needed. The traffic lights the highway needs are the ones we built by hand.
---
### Key Takeaways
- **Four agents** (Architect, Analyst, Coder, Writer) produced 8 blog posts, a vision document, 7 new analysis features, and 30 dev-journal entries from a ~$9 data pipeline
- **The ideas reframing** -- where a human's "so what?" redirected all four agents -- was the single most consequential intervention in the project, and no agent initiated it
- **A silent failure** (revisions logged but not persisted) demonstrated the same Behavior Verification gap the series identifies as critical in the IETF landscape
- **The cheapest analyses were the most revealing**: RFC divergence, author centrality, revision velocity, and co-occurrence patterns -- all zero-cost local computation -- produced the findings that defined the series
- **The team's coordination problems mirror the IETF's gaps**: execution model, behavior verification, error recovery, cross-protocol translation, and human oversight are needed at every scale
*This post concludes the series. All data, code, and reports are available in the IETF Draft Analyzer project repository.*
---
*Written by a team of Claude instances analyzing the IETF's work on AI agent standards. The irony is not lost on us.*

210
data/reports/blog-series/data/00-master-stats.md Normal file
View File

@@ -0,0 +1,210 @@
# Master Statistics — Updated 2026-03-03 (Full 361-Draft Corpus)
All numbers below reflect the complete 361-draft dataset after pipeline run on 101 new drafts.
## Core Numbers
| Stat | Value | Notes |
|------|-------|-------|
| Total drafts | 361 | up from 260 after keyword expansion |
| Total authors | 557 | up from 403 |
| Total organizations | 230 | up from 184 |
| Total ideas (raw) | 1,780 | up from 1,262 (~4.9/draft avg) |
| Unique idea clusters | 1,467 | after fuzzy dedup |
| Cross-org ideas (2+ orgs) | 628 | 43% of unique clusters — LEAD METRIC |
| Total gaps | 12 | 3 critical, 6 high, 3 medium |
| Total embeddings | 361 | all drafts embedded |
| WG-adopted drafts | 36 (10.0%) | 18 WGs |
| Individual drafts | 325 (90.0%) | |
| RFC cross-references | 4,231 | 2,443 RFC + 698 draft + 1,090 BCP |
| Avg novelty | 3.32 | (1-5 scale) |
| Avg maturity | 2.96 | |
| Avg relevance | 3.84 | |
## Growth Curve (Monthly Submissions)
| Month | Drafts | Cumulative |
|-------|--------|------------|
| 2024-01 | 3 | 3 |
| 2024-02 | 1 | 4 |
| 2024-04 | 1 | 5 |
| 2024-09 | 2 | 7 |
| 2024-10 | 1 | 8 |
| 2024-12 | 1 | 9 |
| 2025-01 | 4 | 13 |
| 2025-04 | 5 | 18 |
| 2025-05 | 2 | 20 |
| 2025-06 | 5 | 25 |
| 2025-07 | 5 | 30 |
| 2025-08 | 8 | 38 |
| 2025-09 | 17 | 55 |
| 2025-10 | 67 | 122 |
| 2025-11 | 61 | 183 |
| 2025-12 | 16 | 199 |
| 2026-01 | 54 | 253 |
| 2026-02 | 86 | 339 |
| 2026-03 | 22 | 361 |
Peak: 86 drafts in Feb 2026. Growth from ~2/mo (mid-2024) to 86/mo = **43x acceleration**.
## Category Distribution (Full 361 Drafts)
| Category | Count | % |
|----------|-------|---|
| A2A protocols | 136 | 37.7% |
| Agent identity/auth | 121 | 33.5% |
| Autonomous netops | 98 | 27.1% |
| ML traffic mgmt | 74 | 20.5% |
| AI safety/alignment | 45 | 12.5% |
| Human-agent interaction | 30 | 8.3% |
Note: drafts can have multiple categories.
## Safety Ratio
- Safety drafts: 45 (12.5% of corpus)
- Capability drafts (any non-safety category): 351
- **Ratio: ~8:1 capability-to-safety**
- Improvement from original 4:1 (260 drafts) because keyword expansion brought in more ML infrastructure drafts, some with safety elements
## Keyword Expansion Impact (Original 260 vs New 101)
| Category | Original 260 | New 101 | Total |
|----------|-------------|---------|-------|
| Data formats/interop | 102 | 43 | 145 |
| A2A protocols | 92 | 28 | 120 |
| Agent identity/auth | 98 | 10 | 108 |
| Autonomous netops | 60 | 33 | 93 |
| Policy/governance | 60 | 31 | 91 |
| ML traffic mgmt | 23 | **50** | 73 |
| Agent discovery/reg | 57 | 8 | 65 |
| AI safety/alignment | 36 | 8 | 44 |
| Model serving/inference | 13 | **29** | 42 |
| Human-agent interaction | 22 | 8 | 30 |
**Key finding**: "ML traffic mgmt" and "Model serving/inference" surged with the new keywords — these categories more than doubled. The "inference" and "generative" keywords opened up the ML infrastructure community.
## Geopolitical Split
| Region | Drafts | Authors |
|--------|--------|---------|
| Chinese-affiliated | 152 | 218 |
| Western-affiliated | 94 | 81 |
| Other/Unclassified | 158 | 221 |
Chinese orgs contribute ~42% of drafts from ~39% of authors. Western orgs: ~26% of drafts from ~15% of authors.
## Idea Taxonomy (1,780 raw / 1,467 unique clusters / 628 cross-org)
| Type | Count | % |
|------|-------|---|
| mechanism | 663 | 37.2% |
| architecture | 280 | 15.7% |
| pattern | 251 | 14.1% |
| protocol | 228 | 12.8% |
| requirement | 171 | 9.6% |
| extension | 168 | 9.4% |
| framework | 9 | 0.5% |
| other | 10 | 0.6% |
**IMPORTANT**: Use 628 cross-org ideas as the lead metric, not 1,780 raw count. The raw count is a pipeline artifact (~4.9/draft avg). The 628 represents genuine multi-organizational convergence. See Post 5 data package for details.
## Top Organizations
| Org | Drafts | Authors | Composite Score |
|-----|--------|---------|-----------------|
| Huawei (all entities) | 57+ | 28+ | 3.1 |
| China Mobile | 35 | 24 | 3.2 |
| China Telecom | 23 | 22 | 3.0 |
| China Unicom | 22 | 22 | 3.0 |
| Cisco (all entities) | 25 | 19 | 3.4 |
| Tsinghua University | 16 | 13 | 3.5 |
| Telefonica | 13 | 2 | 3.2 |
| ZTE Corporation | 10 | 10 | 3.0 |
| Google | 10 | 4 | 3.3 |
| Five9 | 10 | 1 | 3.8 |
| Ericsson | 9 | 4 | 3.6 |
## Quality Leaders (Composite >= 3.5, min 3 drafts)
| Org | Drafts | Composite |
|-----|--------|-----------|
| Aiiva.org | 3 | 4.42 |
| AWS | 3 | 4.38 |
| Mozilla | 4 | 3.81 |
| Zhongguancun Lab | 6 | 3.81 |
| Five9 | 10 | 3.75 |
| Bitwave | 6 | 3.75 |
| Siemens | 5 | 3.75 |
| Inria | 4 | 3.70 |
| Ericsson | 9 | 3.59 |
| Nokia | 5 | 3.58 |
| Beijing Univ P&T | 4 | 3.57 |
| Tsinghua | 16 | 3.53 |
| Cisco Systems | 17 | 3.50 |
## WG Adoption
| WG | Drafts | Focus |
|----|--------|-------|
| lamps | 6 | PKI/certificates |
| lake | 5 | EDHOC/lightweight crypto |
| tls | 3 | TLS extensions |
| emu | 3 | EAP methods |
| sshm | 2 | SSH maintenance |
| httpbis | 2 | HTTP extensions |
| anima | 2 | Bootstrapping |
| aipref | 2 | AI preferences |
| ace | 2 | Auth for constrained envs |
19 of 36 WG drafts (53%) are in security/crypto WGs. Only 2 are in an agent-specific WG (aipref).
## Top 10 Highest-Scored Drafts
| Draft | Title | Composite |
|-------|-------|-----------|
| draft-aylward-daap-v2 | Distributed AI Accountability Protocol v2 | 4.75 |
| draft-ietf-lake-app-profiles | EDHOC Application Profiles | 4.75 |
| draft-cowles-volt | Verifiable Operations Ledger and Trace | 4.75 |
| draft-goswami-agentic-jwt | Secure Intent Protocol for Agents | 4.50 |
| draft-chang-agent-token-efficient | Token-efficient Data Layer for Agents | 4.50 |
| draft-birkholz-verifiable-agent-conversations | Verifiable Agent Conversations | 4.50 |
| draft-guy-bary-stamp-protocol | Secure Task-bound Agent Message Proof | 4.50 |
| draft-drake-email-tpm-attestation | Hardware Attestation for Email | 4.50 |
| draft-ietf-tls-ecdhe-mlkem | Post-quantum Hybrid Key Agreement | 4.50 |
| draft-ietf-hpke-hpke | Hybrid Public Key Encryption | 4.50 |
## Updated Gap List (12 gaps, refreshed)
### Critical (3)
1. **Agent Behavior Verification** — No mechanisms to verify agents actually behave according to declared policies
2. **Cross-Domain Agent Liability** — When agents cause harm across organizational boundaries, who's responsible?
3. **Human Override Protocols** — No standardized emergency override protocols for autonomous agents
### High (6)
4. **Agent Resource Exhaustion Protection** — No mechanisms to prevent agents from consuming excessive resources
5. **Agent-Generated Data Provenance** — Insufficient tracking of data origins as info flows between agents
6. **Agent Capability Degradation Handling** — No approach for detecting when agent capabilities degrade
7. **Multi-Agent Coordination Deadlocks** — Insufficient attention to preventing deadlock in multi-agent systems
8. **Agent Privacy Preservation** — Agents process sensitive data without adequate privacy protections
9. **Agent Firmware/Model Update Security** — Insufficient focus on secure update mechanisms
### Medium (3)
10. **Real-time Agent Debugging** — Missing protocols for debugging agents in production
11. **Cross-Protocol Agent Migration** — No mechanisms for migrating agent state between protocols
12. **Agent Energy Consumption Optimization** — Missing standards for energy-aware agent operation
## Most Referenced RFCs (Foundation Standards)
| RFC | Cited By | Subject |
|-----|----------|---------|
| RFC 2119 | 285 drafts | Key words (MUST, SHALL, etc.) |
| RFC 8174 | 237 drafts | Key words update |
| RFC 8446 | 42 drafts | TLS 1.3 |
| RFC 6749 | 36 drafts | OAuth 2.0 |
| RFC 9110 | 34 drafts | HTTP Semantics |
| RFC 8126 | 26 drafts | IANA Guidelines |
| RFC 8259 | 26 drafts | JSON |
| RFC 5280 | 22 drafts | X.509 PKI |
| RFC 7519 | 22 drafts | JWT |
| RFC 9052 | 20 drafts | CBOR Object Signing (COSE) |

48
data/reports/blog-series/data/01-gold-rush-data.md Normal file
View File

@@ -0,0 +1,48 @@
# Data Package: Post 1 — The IETF's AI Agent Gold Rush
## Key Numbers to Update
- **361 drafts** (was 260 in earlier draft)
- **557 authors** from **230 organizations** (was 403 from 184)
- **1,780 ideas** (was 1,262)
- Growth: 3 drafts in Jan 2024 to 86 in Feb 2026 = **~29x in 14 months** (or 43x peak-to-trough)
- Safety ratio: **~8:1** capability-to-safety (improved from 4:1 due to keyword expansion bringing in ML infra drafts with safety elements; the core agent space is still 4:1)
- 12 keywords: agent, ai-agent, llm, autonomous, machine-learning, artificial-intelligence, mcp, agentic, inference, generative, intelligent, aipref
- 6 NEW keywords added: mcp, agentic, inference, generative, intelligent, aipref — these brought 101 additional drafts
## Updated Category Breakdown (for Post 1 table)
| Category | Drafts | % of Corpus |
|----------|--------|-------------|
| A2A protocols | 136 | 37.7% |
| Agent identity/auth | 121 | 33.5% |
| Autonomous netops | 98 | 27.1% |
| Policy/governance | 91 | 25.2% |
| ML traffic mgmt | 74 | 20.5% |
| Agent discovery/reg | 65 | 18.0% |
| AI safety/alignment | 45 | 12.5% |
| Model serving/inference | 42 | 11.6% |
| Human-agent interaction | 30 | 8.3% |
## Growth Curve Data
The steepest acceleration: Sep 2025 (17) -> Oct 2025 (67) -> Nov 2025 (61) -> Feb 2026 (86).
The IETF 121 meeting was Nov 2025 in Dublin. The post-meeting submission spike is visible.
## Author Landscape Summary
- Top 5 authors all from Huawei: Bing Liu (23), Zhenbin Li (21), Nan Geng (20), Qiangzhou Gao (20), Xiaotong Shang (19)
- Jonathan Rosenberg (Five9) is highest-ranked non-Chinese author at #9 with 10 drafts
- Cisco authors collectively: ~25 drafts across entities
## Safety Deficit Framing
- 45 drafts touch safety/alignment (12.5%)
- 136 A2A protocol drafts (37.7%)
- 30 human-agent interaction drafts (8.3%)
- The ratio of A2A protocols to human-agent interaction: **4.5:1** — agents talking to each other, not to humans
## WG Adoption
Only 36 of 361 drafts (10%) are WG-adopted. The standards are still overwhelmingly individual submissions.

98
data/reports/blog-series/data/02-who-writes-rules-data.md Normal file
View File

@@ -0,0 +1,98 @@
# Data Package: Post 2 — Who's Writing the Rules for AI Agents?
## Geopolitical Split
| Region | Drafts | Authors | % of Drafts |
|--------|--------|---------|-------------|
| Chinese-affiliated | 152 | 218 | 42.1% |
| Western-affiliated | 94 | 81 | 26.0% |
| Other/Unclassified | 158 | 221 | - |
Note: "Other" includes universities, small companies, individuals whose affiliation doesn't map cleanly. Many drafts have co-authors from multiple regions.
## Huawei Dominance (Combined Entities)
Huawei appears under multiple entity names in the data:
- Huawei: 57 drafts, 28 authors
- Huawei Technologies: 19 drafts, 16 authors
- Huawei Technologies Co., Ltd.: 3 drafts
- Huawei Singapore: 3 drafts
Combined estimate: **~60+ unique drafts**, ~40+ unique authors (some overlap). This is approximately **16-17% of all drafts**.
## Top 15 Organizations
| Rank | Org | Drafts | Authors | Composite Score |
|------|-----|--------|---------|-----------------|
| 1 | Huawei | 57 | 28 | 3.11 |
| 2 | China Mobile | 35 | 24 | 3.21 |
| 3 | China Telecom | 23 | 22 | 2.98 |
| 4 | China Unicom | 22 | 22 | 3.02 |
| 5 | Huawei Technologies | 19 | 16 | 3.17 |
| 6 | Cisco Systems | 17 | 10 | 3.50 |
| 7 | Tsinghua University | 16 | 13 | 3.53 |
| 8 | Telefonica | 13 | 2 | 3.21 |
| 9 | ZTE Corporation | 10 | 10 | 3.02 |
| 10 | Pengcheng Laboratory | 10 | 8 | 3.30 |
| 11 | Google | 10 | 4 | 3.33 |
| 12 | Five9 | 10 | 1 | 3.75 |
| 13 | Ericsson | 9 | 4 | 3.59 |
| 14 | Sandelman Software Works | 7 | 1 | 3.46 |
| 15 | Zhongguancun Laboratory | 6 | 4 | 3.81 |
## Chinese Institutional Ecosystem Tiers
### Tier 1: Telecom Vendors
- Huawei (all entities): ~60+ drafts — networking, agent comm, autonomous netops
- ZTE Corporation: 10 drafts
### Tier 2: Telecom Operators
- China Mobile: 35 drafts
- China Telecom: 23 drafts
- China Unicom: 22 drafts
### Tier 3: Research
- Tsinghua University: 16 drafts (highest quality among Chinese orgs, composite 3.53)
- Pengcheng Laboratory: 10 drafts
- Zhongguancun Laboratory: 6 drafts (highest composite: 3.81)
- CAICT: 6 drafts (lowest composite: 2.35)
- Beijing University of Posts & Telecommunications: 4+ drafts
### Tier 4: Tech Companies
- Baidu: (part of multi-author drafts)
- Tencent: (part of multi-author drafts)
## Notable Western Absences
Major AI companies with minimal IETF presence:
- **Microsoft**: Not in top 30 orgs
- **Apple**: Not found
- **Meta/Facebook**: Not found
- **OpenAI**: Not found
- **Anthropic**: Not found
- **Google**: 10 drafts (modest given their agent ecosystem: Gemini, A2A protocol)
## Quality vs Quantity Insight
The inverse relationship is clear:
- High-volume Chinese orgs (Huawei, China Mobile, China Telecom): composite 2.98-3.21
- Lower-volume Western companies (Five9, Ericsson, Siemens, Mozilla): composite 3.59-3.81
- Exception: Tsinghua University — high volume (16) AND high quality (3.53)
- Strongest quality leaders: Aiiva.org (4.42), AWS (4.38), Mozilla (3.81) — all low volume
## Author Velocity (Oct 2025 - Mar 2026)
Top authors by recent output:
1. Bing Liu (Huawei): 23 drafts
2. Zhenbin Li (Huawei): 21 drafts (all in Nov 2025!)
3. Nan Geng (Huawei): 20 drafts
4. Qiangzhou Gao (Huawei): 20 drafts (all in Nov 2025!)
5. Xiaotong Shang (Huawei): 19 drafts (all in Nov 2025!)
The Huawei surge was concentrated in Nov 2025 — a coordinated submission campaign timed with IETF 121.
## Cross-Org Collaboration
180 ideas cross the Chinese-Western organizational divide. The strongest cross-divide convergences:
- A2A Communication: Huawei + China Mobile + CAICT on one side; Deutsche Telekom + Telefonica + Orange on the other
- Agent identity frameworks: both sides building on the same OAuth/SPIFFE foundations

62
data/reports/blog-series/data/03-oauth-wars-data.md Normal file
View File

@@ -0,0 +1,62 @@
# Data Package: Post 3 — The OAuth Wars and Other Battles
## OAuth-for-Agents Cluster (18 drafts touching OAuth + agents)
| Draft | Title | Novelty | Maturity | Relevance | Overlap |
|-------|-------|---------|----------|-----------|---------|
| draft-goswami-agentic-jwt | Secure Intent Protocol: JWT Agentic Identity | 5 | 4 | 5 | 2 |
| draft-guy-bary-stamp-protocol | Secure Task-bound Agent Message Proof (STAMP) | 5 | 4 | 5 | 1 |
| draft-oauth-ai-agents-on-behalf-of-user | On-Behalf-Of User Auth for AI Agents | 4 | 3 | 5 | 3 |
| draft-oauth-transaction-tokens-for-agents | Transaction Tokens For Agents | 4 | 4 | 5 | 3 |
| draft-chen-oauth-rar-agent-extensions | Policy & Lifecycle Extensions for OAuth RAR | 4 | 4 | 5 | 2 |
| draft-mishra-oauth-agent-grants | Delegated Agent Authorization Protocol (DAAP) | 4 | 4 | 5 | 3 |
| draft-liu-oauth-a2a-profile | A2A Profile for OAuth Transaction Tokens | 4 | 2 | 5 | 3 |
| draft-aap-oauth-profile | Agent Authorization Profile for OAuth 2.0 | 4 | 4 | 5 | 2 |
| draft-mw-spice-actor-chain | Verifiable Actor Chain for OAuth Token Exchange | 4 | 3 | 5 | 2 |
| draft-song-oauth-ai-agent-collaborate-authz | Multi-AI Agent Collaboration Auth | 4 | 3 | 4 | 3 |
| draft-rosenberg-oauth-aauth | AAuth - Agentic Authorization OAuth 2.1 | 4 | 3 | 4 | 2 |
| draft-gaikwad-south-authorization | SOUTH: Stochastic Auth for Agents | 4 | 4 | 4 | 2 |
| draft-song-oauth-ai-agent-authorization | OAuth Extension: Auth on Target | 3 | 2 | 4 | 4 |
| draft-yao-agent-auth-considerations | Considerations on Agent Auth via OAuth | 3 | 2 | 4 | 2 |
| draft-jia-oauth-scope-aggregation | Scope Aggregation for Agent Workflows | 3 | 3 | 4 | 2 |
## A2A Protocol Cluster Size: 136 drafts
The A2A space is the largest single category. Within it, competing approaches include:
- MCP-based approaches (MCP over MOQT, MCP for agents)
- Custom agent protocols (ANP, NLIP, aiproto/NACT)
- Existing protocol extensions (HTTP-based, gRPC-based)
## Identity/Auth Cluster Size: 121 drafts
Overlaps heavily with A2A. The key battleground is how agents prove identity and delegate authority.
## High-Overlap Drafts (Overlap score >= 4)
Multiple drafts flagged as high-overlap, particularly:
- `draft-hong-nmrg-agenticai-ps` — scored overlap 4, has overlap with 15+ other drafts
- Several OAuth drafts scored overlap 3-4, indicating convergent solutions
## RFC Foundation for Auth/Identity
| RFC | Cited By | What It Is |
|-----|----------|------------|
| RFC 6749 | 36 drafts | OAuth 2.0 (the foundation everyone builds on) |
| RFC 7519 | 22 drafts | JWT |
| RFC 5280 | 22 drafts | X.509 PKI |
| RFC 8392 | 18 drafts | CBOR Web Token (CWT) |
| RFC 9000 | 16 drafts | QUIC |
OAuth 2.0 is the undisputed foundation: 36 drafts explicitly cite it.
## Near-Duplicate Analysis
From embedding similarity, 25+ draft pairs have >0.98 cosine similarity. The densest cluster is around agent networking problem statements and use cases from the same author groups.
## Convergence Signals (Positive)
Despite fragmentation, some convergence exists:
1. **EDHOC** (lake WG, 5 drafts): lightweight crypto handshake gaining WG adoption
2. **SCIM** extensions for agents: building on existing identity management
3. **Verifiable Agent Conversations** (draft-birkholz): high score (4.5), unique approach
4. **STAMP protocol**: task-bound proofs (scored 4.5, overlap 1 = truly novel)

58
data/reports/blog-series/data/04-gaps-data.md Normal file
View File

@@ -0,0 +1,58 @@
# Data Package: Post 4 — What Nobody's Building (And Why It Matters)
## Updated Gap List (12 gaps, refreshed with 361-draft corpus)
### Critical (3)
1. **Agent Behavior Verification** — No mechanisms to verify agents actually behave according to declared policies. Many drafts define what agents SHOULD do, few address verification.
2. **Cross-Domain Agent Liability** — NEW in refreshed analysis. When autonomous agents operate across organizational boundaries and cause harm, who's liable? No framework exists.
3. **Human Override Protocols** — No standardized emergency override protocols. Only 30 of 361 drafts even address human-agent interaction.
### High (6)
4. **Agent Resource Exhaustion Protection** — No mechanisms to prevent agents from consuming excessive resources (compute, network, memory).
5. **Agent-Generated Data Provenance** — Despite 145 drafts on data formats, insufficient tracking of data origins as info flows between agents.
6. **Agent Capability Degradation Handling** — No approach for detecting/handling when agent capabilities degrade (model drift, data staleness).
7. **Multi-Agent Coordination Deadlocks** — With 136 A2A protocol drafts, almost no attention to preventing deadlock. Renamed from "Multi-Agent Consensus."
8. **Agent Privacy Preservation** — NEW gap. Agents process sensitive data without adequate privacy protections.
9. **Agent Firmware/Model Update Security** — 42 model serving drafts, but few address secure update mechanisms.
### Medium (3)
10. **Real-time Agent Debugging** — Missing protocols for debugging agents in production.
11. **Cross-Protocol Agent Migration** — No mechanisms for migrating agent state between different A2A protocols.
12. **Agent Energy Consumption Optimization** — No standards for energy-aware agent operation.
## Gap vs Category Contrast
| Focus Area | Drafts | Gap Coverage |
|-----------|--------|--------------|
| A2A protocols | 136 | Well-covered (too well — fragmented) |
| Identity/Auth | 121 | Well-covered |
| Autonomous netops | 98 | Moderately covered |
| Behavior verification | ~5 | CRITICAL GAP |
| Human override | ~30 | CRITICAL GAP (quantity insufficient, quality missing) |
| Resource management | ~0 explicit | CRITICAL GAP |
| Liability/accountability | ~3 (DAAP, VOLT) | CRITICAL GAP |
| Error recovery/deadlock | ~0 explicit | HIGH GAP |
## Key Contrasts for Narrative
- **136 A2A protocol drafts** vs **~5 behavior verification drafts** = 27:1 ratio
- **121 identity/auth drafts** vs **~0 resource exhaustion drafts** = infinity
- **30 human-agent interaction drafts** vs **136 A2A protocol drafts** = 4.5:1 agents-talking-to-agents vs agents-talking-to-humans
## Ideas that Address Gaps
From the 1,780 ideas, some partially address gaps:
- Behavior verification: "Verifiable Agent Conversations" (draft-birkholz), DAAP v2, VOLT
- Human override: scattered across 30 human-agent drafts but no unified approach
- Resource management: some ideas in ML traffic mgmt (74 drafts) but from network perspective, not agent perspective
- Liability: DAAP explicitly addresses accountability; VOLT addresses audit trails
## Structural Insight (from Architect)
The critical gaps are exactly the ones that require cross-team consensus: behavior verification needs input from security + A2A + safety + governance teams. But the team-bloc structure (33 blocs, mostly intra-org) makes cross-team work structurally difficult. **Gap severity correlates with coordination difficulty.**
## WG Gap Coverage
- 10 of 12 gaps have some WG coverage
- 2 gaps with ZERO WG backing: Agent Firmware/Model Update Security, Agent Energy Consumption
- Security WGs (lamps, lake, tls, emu, ace) cover 19 of 36 WG drafts — the IETF is addressing agent security through existing security WGs, not through new agent-specific WGs

89
data/reports/blog-series/data/05-ideas-data.md Normal file
View File

@@ -0,0 +1,89 @@
# Data Package: Post 5 — Where 230 Organizations Agree (And Where They Don't)
Reframed per Architect's direction: lead with cross-org convergence (628 ideas), not raw extraction count (1,780).
## Lead Metric: Cross-Organization Convergence
- **1,467 unique idea clusters** (after fuzzy dedup from 1,780 raw extractions)
- **628 ideas** appear across 2+ organizations = genuine multi-org convergence
- **628 / 1,467 = 43%** of ideas have cross-org validation
### Convergence Pyramid
| Org Count | Ideas | What It Means |
|-----------|-------|---------------|
| 14 orgs | 8 ideas | Single mega-consortium (ML infra draft) |
| 7+ orgs | 14 ideas | Strong multi-org convergence |
| 4-6 orgs | 179 ideas | Solid cross-org agreement |
| 2-3 orgs | 427 ideas | Early convergence signals |
| 1 org only | 839 ideas | Unique to one organization |
## The Real Convergence: Ideas in 2+ Independent Drafts from 2+ Orgs
These are the strongest convergence signals — ideas that different teams proposed independently:
| Idea | Drafts | Orgs | Significance |
|------|--------|------|-------------|
| AI Agent Communication Framework | 2 | 7 | Five9/Cisco AND Chinese telcos+ANP — cross-bloc convergence |
| Agent Gateway | 3 | 6 | China Telecom, Zhongguancun, AsiaInfo, Beijing U, Huawei, UnionPay |
| Distributed AI Inference Architecture | 2 | 5 | Cross-institution (Hong Kong, IRTF) |
| Network Digital Twin Support | 2 | 5 | Research + operator convergence |
| Multi-Agent Communication Protocol | 8 | 7 | AsiaInfo, BUPT, China Mobile, China Telecom, China Unicom, Huawei, Zhongguancun |
| AI Agent Communication Network (ACN) | 5 | 7 | ANP Community, China Mobile, China Telecom, China Unicom, Cisco, Five9, Huawei |
| Tool Enumeration/Invocation API | 3 | 2 | Rosenberg (Five9) — coherent toolkit across 3 drafts |
| CHEQ Protocol | 2 | 3 | Rosenberg — conversation verification |
**Key finding**: "AI Agent Communication Framework" spans the Chinese-Western divide (Five9+Cisco on one side, 4 Chinese telcos+ANP on the other). This is the strongest cross-bloc convergence signal in the dataset.
## The 14-Org Consortium (Context, Not Convergence)
8 ideas from one mega-draft (AI inference networking): Ultra-Low Latency Routing, Tensor Parallelization, FARE, Adaptive Load Balancing, etc. All 14 orgs (Hygon, Tencent, Baidu, Broadcom, Huawei, China Mobile + 8 more) are co-authors on a single draft. This is a consortium submission, not independent convergence. Still significant — it's the broadest cross-org collaboration in the dataset — but should not be presented as "14 organizations independently arrived at the same idea."
## Ideas to Watch (Top-Scored Drafts)
1. **DAAP v2** (Distributed AI Accountability Protocol) — Composite 4.75. Addresses behavior verification gap.
2. **VOLT** (Verifiable Operations Ledger and Trace) — Composite 4.75. Audit trail for agents.
3. **EDHOC Application Profiles** — WG-adopted (lake), composite 4.75. Lightweight crypto.
4. **Agentic JWT** (Secure Intent Protocol) — Composite 4.50. JWT-compatible agent identity.
5. **STAMP Protocol** — Composite 4.50, overlap=1 (truly novel). Task-bound message proofs.
6. **Verifiable Agent Conversations** — Composite 4.50. Cryptographic conversation records.
7. **Token-efficient Data Layer** — Composite 4.50. Cost-conscious agent communication.
## Idea Taxonomy (Background Context)
| Type | Count | % |
|------|-------|---|
| mechanism | 663 | 37.2% |
| architecture | 280 | 15.7% |
| pattern | 251 | 14.1% |
| protocol | 228 | 12.8% |
| requirement | 171 | 9.6% |
| extension | 168 | 9.4% |
| other | 19 | 1.1% |
Note: These are raw extraction counts (~4.9 per draft avg). Use as background taxonomy only — the convergence numbers are the lead metric.
## Convergence-Gap Tension
The punchline for Post 5: teams agree on WHAT to build but disagree on HOW. The 628 cross-org ideas show broad agreement on the problem space (agent communication, identity, infrastructure). But the 12 gaps show no one is building the connective tissue (behavior verification, human override, error recovery, liability).
| Convergence Area | Cross-Org Ideas | Corresponding Gap |
|-----------------|-----------------|-------------------|
| Agent communication | High (136 A2A drafts) | Cross-Protocol Migration (MEDIUM) |
| Agent identity | High (121 auth drafts) | Cross-Domain Liability (CRITICAL) |
| ML infrastructure | High (74 ML traffic) | Energy Optimization (MEDIUM) |
| Autonomous netops | High (98 drafts) | Capability Degradation (HIGH) |
| Safety/oversight | Low (45 drafts) | Behavior Verification (CRITICAL), Human Override (CRITICAL) |
## Gap-to-Idea Mapping
| Gap | Ideas Addressing It | Coverage Level |
|-----|-------------------|----------------|
| Behavior Verification | DAAP, VOLT, Verifiable Conversations | Partial (3 drafts) |
| Cross-Domain Liability | DAAP accountability, STAMP proofs | Minimal |
| Human Override | Scattered across 30 drafts | No unified approach |
| Resource Exhaustion | ML traffic mgmt ideas | Indirect only |
| Data Provenance | VOLT, some data format ideas | Partial |
| Capability Degradation | None explicit | Absent |
| Coordination Deadlocks | None explicit | Absent |
| Privacy Preservation | Some policy/governance ideas | Minimal |

65
data/reports/blog-series/data/06-big-picture-data.md Normal file
View File

@@ -0,0 +1,65 @@
# Data Package: Post 6 — Drawing the Big Picture
## Synthesis Numbers
- **361 drafts, 557 authors, 230 orgs, 1,780 ideas, 12 gaps**
- **136 A2A protocols** with no interoperability layer
- **121 identity/auth drafts** building on OAuth 2.0 (RFC 6749, cited by 36 drafts)
- **45 safety drafts** vs **316 capability drafts** = 7:1 ratio
- **36 WG-adopted drafts** (10%) — 19 in security WGs, 2 in aipref
## The Foundation Layer (RFC Cross-References)
The ecosystem is built on:
1. **OAuth 2.0** (RFC 6749, 36 citations) — the auth foundation
2. **TLS 1.3** (RFC 8446, 42 citations) — the security transport
3. **HTTP Semantics** (RFC 9110, 34 citations) — the API layer
4. **JWT** (RFC 7519, 22 citations) — token format
5. **X.509 PKI** (RFC 5280, 22 citations) — identity certificates
6. **COSE** (RFC 9052, 20 citations) — constrained object signing
7. **CBOR** (RFC 8949, 19 citations) — binary data format
8. **QUIC** (RFC 9000, 16 citations) — transport
This reveals the DNA: the agent ecosystem is being built on web + IoT foundations. OAuth + JWT + TLS for the web side, COSE + CBOR for the constrained/IoT side.
## WG Adoption as Traction Signal
| Category | WG Drafts | Individual Drafts | WG % |
|----------|-----------|-------------------|------|
| Security/Crypto (lamps, lake, tls, emu, ace) | 19 | - | 53% of WG |
| Agent-specific (aipref) | 2 | - | 6% of WG |
| Other (httpbis, anima, suit, etc.) | 15 | - | 42% of WG |
**Key insight**: The IETF is not building new agent WGs — it's retrofitting existing security WGs for agents. This is actually good: it builds on proven foundations.
## Five Proposed Ecosystem Drafts (from Architect)
These address the gaps:
1. **AEM** (Agent Execution Model) — DAG-based orchestration
2. **ATD** (Agent Trust and Delegation) — builds on SPIFFE/WIMSE
3. **HITL** (Human-in-the-Loop) — override protocols
4. **AEPB** (Agent Ecosystem Profile for Business) — assurance profiles
5. **APAE** (Agent Protocol Adaptation and Exchange) — interop layer
## Predictions Data Support
1. **WG consolidation is likely**: Multiple competing approaches in auth (14+ OAuth drafts) creates pressure for WG adoption
2. **Safety will lag**: Only 10% of WG drafts address safety; the structural bias toward capability continues
3. **Chinese institutional advantage**: 152 drafts from Chinese orgs, coordinated (Huawei bloc: 94% cohesion); Western response is fragmented and late
4. **The interop layer is the bottleneck**: 136 A2A drafts, no interop = the single biggest structural problem
## Two Equilibria (from Architect's Vision Document)
- **Microservices chaos**: If fragmentation persists and safety ratio holds, the agent ecosystem becomes like early microservices — technically possible but operationally painful, with each deployment requiring custom integration
- **Layered web architecture**: If WGs consolidate fragmentation and the safety ratio narrows, the ecosystem converges on a layered architecture like the web (transport -> session -> identity -> application)
The 8:1 safety ratio is the leading indicator. If it narrows toward 4:1 or better, the good equilibrium is achievable.
## Builder Guidance Data
For the "What to Do" section:
1. **Watch ECT** (Ephemeral Credential Trust) — bridges SPIFFE-WIMSE, already WG-tracked
2. **Build HITL now** — only 30 drafts in this space; early movers define the patterns
3. **Design for protocol translation** — the 136-protocol zoo means any production system needs translation layers
4. **Invest in error recovery** — zero explicit drafts on agent error recovery; this is a field-defining opportunity
5. **Participate in IETF** — only 10% of drafts are WG-adopted; there's room for new contributors to shape outcomes

175
data/reports/blog-series/data/deep-analysis-round2.md Normal file
View File

@@ -0,0 +1,175 @@
# Deep Analysis Round 2 — Tasks #23-28
## Task #23: Draft Revision Velocity
**Key finding: 55% of drafts are still at revision 00 — first submission, never iterated.**
### Overall Stats
| Metric | Value |
|--------|-------|
| Total drafts | 361 |
| At rev-00 (never iterated) | 198 (54.8%) |
| At rev-03+ (actively evolving) | 64 (17.7%) |
| Average revision | 2.21 |
### Iteration vs Fire-and-Forget by Org
| Org | Drafts | % at rev-00 | Avg Rev | Pattern |
|-----|--------|-------------|---------|---------|
| Ericsson | 9 | 11.1% | 4.8 | **Iterators** — almost everything gets revised |
| Sandelman Software | 7 | 14.3% | 14.3 | **Deep iterators** — fewer drafts, heavy revision |
| Nokia | 5 | 20.0% | 3.2 | **Iterators** |
| Siemens | 5 | 0.0% | 17.2 | **Deepest iterators** — zero fire-and-forget |
| Boeing R&T | 6 | 0.0% | 28.2 | **Extreme iterators** (mature, long-running drafts) |
| ZTE Corporation | 10 | 40.0% | 1.3 | **Mixed** |
| Telefonica | 13 | 46.2% | 1.8 | **Mixed** |
| Google | 10 | 50.0% | 1.7 | **Mixed** |
| China Unicom | 22 | 54.5% | 0.9 | **Mostly fire-and-forget** |
| China Telecom | 23 | 60.9% | 1.0 | **Mostly fire-and-forget** |
| Tsinghua | 16 | 62.5% | 0.4 | **Fire-and-forget** |
| Huawei | 57 | 64.9% | 0.6 | **Fire-and-forget** — 37 of 57 never revised |
| Huawei Technologies | 19 | 68.4% | 0.7 | **Fire-and-forget** |
| Five9 | 10 | 90.0% | 0.1 | **All new** (recent entrant) |
| Pengcheng Lab | 10 | 90.0% | 0.1 | **All new** |
**Narrative insight**: Western companies (Ericsson, Sandelman, Siemens, Boeing, Nokia) have dramatically lower fire-and-forget rates. They submit fewer drafts but iterate heavily. Chinese orgs submit more but ~60-65% are never revised. This is the "volume vs commitment" story — submitting a draft is cheap, iterating it signals genuine investment.
**Best quotable stat**: "65% of Huawei's 57 drafts have never been revised beyond their first submission."
---
## Task #24: Safety Ratio Trend Over Time
**Key finding: The safety ratio is NOT improving. It fluctuates wildly but the structural deficit persists.**
| Month | Safety | Capability-only | Total | Ratio |
|-------|--------|-----------------|-------|-------|
| 2025-07 | 2 | 3 | 5 | 1.5:1 |
| 2025-09 | 4 | 13 | 17 | 3.3:1 |
| 2025-10 | 5 | 62 | 67 | **12.4:1** |
| 2025-11 | 7 | 54 | 61 | 7.7:1 |
| 2025-12 | 3 | 13 | 16 | 4.3:1 |
| 2026-01 | 8 | 46 | 54 | 5.8:1 |
| 2026-02 | 13 | 73 | 86 | 5.6:1 |
| 2026-03 | 1 | 21 | 22 | **21:1** |
The ratio spiked to 12.4:1 during the Oct 2025 surge (IETF 121 pre-meeting rush — nearly all capability drafts). Feb 2026 shows some improvement (5.6:1) with 13 safety drafts — the best absolute month for safety. But the overall pattern is clear: safety submissions grow linearly while capability submissions grow exponentially. The gap widens during surges.
**For Post 4 (THE CLIMAX)**: The ratio data tells a story of structural neglect, not intentional choice. Nobody is anti-safety; the incentive structure just rewards capability work. Each org's submission campaign prioritizes its core protocol proposals, and safety is nobody's core.
---
## Task #25: RFC Foundation Divergence by Bloc
**Key finding: Chinese and Western blocs build on DIFFERENT foundations.**
### Chinese Bloc — Top RFCs
| RFC | Cited By | Subject |
|-----|----------|---------|
| RFC 2119 | 114 | Key words |
| RFC 8174 | 86 | Key words update |
| RFC 8259 | 11 | JSON |
| RFC 6749 | 11 | OAuth 2.0 |
| RFC 6241 | 10 | NETCONF |
| RFC 8446 | 8 | TLS 1.3 |
| RFC 8641 | 6 | YANG Push |
| RFC 8639 | 6 | Subscription to YANG Notifications |
| RFC 7950 | 5 | YANG |
| RFC 7575 | 5 | Autonomic networking |
### Western Bloc — Top RFCs
| RFC | Cited By | Subject |
|-----|----------|---------|
| RFC 2119 | 73 | Key words |
| RFC 8174 | 70 | Key words update |
| RFC 8446 | 18 | **TLS 1.3** |
| RFC 5280 | 12 | **X.509 PKI** |
| RFC 9528 | 11 | **EDHOC** |
| RFC 9110 | 11 | **HTTP Semantics** |
| RFC 9052 | 11 | **COSE** |
| RFC 8949 | 9 | **CBOR** |
| RFC 8613 | 9 | **OSCORE** |
| RFC 8392 | 9 | **CWT** |
| RFC 6749 | 7 | OAuth 2.0 |
| RFC 7252 | 7 | **CoAP** |
### The Divergence
| Foundation | Chinese | Western |
|-----------|---------|---------|
| **Network management (YANG/NETCONF)** | Strong (6241, 8639, 8641, 7950) | Absent |
| **PKI/Certificates (X.509)** | Absent | Strong (5280) |
| **IoT security (COSE/CBOR/OSCORE/CoAP)** | Absent | Strong (9052, 8949, 8613, 7252) |
| **Lightweight auth (EDHOC, CWT)** | Absent | Strong (9528, 8392) |
| **Web APIs (HTTP)** | Weak | Strong (9110) |
| **OAuth 2.0** | Present (11) | Present (7) |
| **TLS 1.3** | Moderate (8) | Strong (18) |
| **Autonomic networking** | Present (7575) | Absent |
**Narrative insight**: The Chinese bloc is building agent infrastructure on YANG/NETCONF — network management protocols for autonomous netops. The Western bloc is building on IoT security (COSE/CBOR/CoAP) and web infrastructure (HTTP/TLS/PKI). These are fundamentally different technology stacks. The ONLY shared foundation is OAuth 2.0, which both blocs cite at similar rates.
**For Post 2**: This means fragmentation goes deeper than protocol design — the two blocs are building on different technological DNA. Even if they agree on agent communication patterns, the underlying plumbing is incompatible.
---
## Task #27: Category Co-Occurrence Matrix
**Key finding: Safety IS structurally isolated from core protocol work.**
### Safety Co-Occurrence
| Safety co-occurs with | Drafts |
|----------------------|--------|
| Policy/governance | 26 |
| Agent identity/auth | 25 |
| A2A protocols | **12** |
| Data formats/interop | 7 |
| Human-agent interaction | 5 |
| Autonomous netops | 4 |
| ML traffic mgmt | 3 |
Safety co-occurs most with governance and identity — "paper" concerns. It co-occurs with A2A protocols only 12 times out of 136 A2A drafts (8.8%). Safety is essentially disconnected from the core protocol design work.
### Strongest Co-Occurrences (Top 10)
| Category Pair | Co-occurrences |
|---------------|---------------|
| A2A + Data formats | 55 |
| A2A + Agent discovery | 40 |
| Identity + Policy | 38 |
| A2A + Identity | 35 |
| A2A + Autonomous netops | 34 |
| Discovery + Data formats | 34 |
| Identity + Data formats | 33 |
| Autonomous netops + ML traffic | 28 |
| **Safety + Policy** | **26** |
| **Safety + Identity** | **25** |
**For Post 4**: Safety's strongest links are to governance and identity — abstract/policy-level work. Its weakest links are to A2A (12), ML traffic (3), and autonomous netops (4) — the categories where agents actually DO things. Safety is being thought about in the abstract, not integrated into protocol design. This is the structural version of the "highways before traffic lights" metaphor.
---
## Task #28: IETF Meeting Timing Effect
**Key finding: 51.5% of all drafts were submitted in the 4-week windows before IETF 121 and 122.**
| Window | Drafts | % of Total |
|--------|--------|------------|
| Pre-IETF 119 (Feb-Mar 2024) | 1 | 0.3% |
| Pre-IETF 120 (Jun-Jul 2024) | 0 | 0.0% |
| Pre-IETF 121 (Oct-Nov 2025) | **107** | **29.6%** |
| Pre-IETF 122 (Feb-Mar 2026) | **79** | **21.9%** |
| All other periods | 174 | 48.2% |
### Huawei's IETF 121 Campaign
| Period | Huawei Drafts |
|--------|--------------|
| Pre-IETF 121 (4-week window) | **43** |
| All other periods combined | 26 |
**62% of all Huawei drafts (43 of 69 across all entities) were submitted in the 4 weeks before IETF 121 Dublin.** This is not organic growth — this is a coordinated submission campaign timed for maximum standards-body impact.
For comparison, the entire corpus had 107 drafts in that same window. Huawei alone accounted for **40% of all pre-IETF 121 submissions**.
**For Post 1**: The growth curve isn't just organic interest — it's heavily driven by strategic submission campaigns timed to IETF meetings. The Oct-Nov 2025 spike (128 drafts in 2 months) is largely one company's coordinated push.
**For Post 2**: This is the strongest evidence of Huawei's strategic standards campaign. 43 drafts in 4 weeks from one organization is unprecedented in this dataset.

59
data/reports/blog-series/data/surprising-findings.md Normal file
View File

@@ -0,0 +1,59 @@
# Surprising Findings — Deep Analysis Phase
These findings challenge assumptions or reveal unexpected patterns in the 361-draft corpus.
## 1. The Keyword Expansion Uncovered a Different Community
The 101 new drafts from keywords (mcp, agentic, inference, generative, intelligent, aipref) brought:
- **154 new authors** (557 total, up from 403)
- **46 new organizations** (230 total, up from 184)
- Heavy skew toward ML infrastructure: "ML traffic mgmt" went from 23 to 73 drafts, "Model serving/inference" from 13 to 42
This means the original analysis systematically missed the ML infrastructure community. The "agent" keyword captured the protocol designers; "inference" and "generative" captured the infrastructure builders. These are largely separate communities working on adjacent problems.
## 2. The Safety Ratio Improved — But It's an Illusion
The safety ratio went from 4:1 (260 drafts) to ~8:1 by tag count but the improvement is because the ML infrastructure drafts have broader category tags (many touch "safety" tangentially through network reliability). The core agent protocol space remains deeply safety-deficient.
## 3. Huawei's Nov 2025 Coordinated Campaign
Five Huawei authors each submitted 19-21 drafts in a single month (Nov 2025). This is the largest coordinated submission campaign in the dataset. Zhenbin Li, Qiangzhou Gao, and Xiaotong Shang all published exclusively in Nov 2025. This looks like a strategic push timed for IETF 121 (Dublin, Nov 2025).
## 4. Quality Inversely Correlates with Quantity
| Pattern | Examples | Avg Composite |
|---------|----------|---------------|
| High volume, low quality | Huawei (57 drafts, 3.11), CAICT (6, 2.35), Futurewei (6, 2.67) | ~2.7-3.1 |
| Low volume, high quality | AWS (3, 4.38), Aiiva.org (3, 4.42), Mozilla (4, 3.81) | ~3.8-4.4 |
| Exception | Tsinghua (16, 3.53), Five9 (10, 3.75) | High both |
The top-rated organizations are nearly all low-volume Western/independent contributors. Volume does not predict quality.
## 5. The Agent Ecosystem is Being Built in Security WGs, Not Agent WGs
19 of 36 WG-adopted drafts (53%) are in security WGs (lamps, lake, tls, emu, ace). Only 2 are in the agent-specific "aipref" WG. The IETF isn't creating new infrastructure for agents — it's adapting existing security infrastructure. This is arguably the right approach but means agent-specific concerns (behavior verification, human override) have no natural WG home.
## 6. The 14-Author Mega-Draft Consortium
One draft about AI inference networking has 14 co-authors from 14 different organizations (Hygon, China Mobile, Tencent, Huawei, Broadcom, Ruijie, Metanet, Biren, Baidu, Moore Threads, Resnics, Centec, Cloudnine, Enflame). This is by far the broadest cross-org collaboration in the dataset — and it's focused on ML infrastructure, not agent protocols.
## 7. Jonathan Rosenberg Is the Western Counterweight
Five9's Jonathan Rosenberg (9 drafts, composite 3.75) is the only Western individual matching Huawei's output volume. His drafts (AAuth, NACT, aiproto) represent a coherent vision for agent communication — arguably the closest thing to a Western "ecosystem proposal" matching Huawei's breadth.
## 8. The Accountability Drafts Are the Best-Scored
The top 3 drafts by composite score are ALL about accountability/verification:
1. DAAP v2 (Distributed AI Accountability Protocol) — 4.75
2. EDHOC Application Profiles — 4.75
3. VOLT (Verifiable Operations Ledger and Trace) — 4.75
The market is hungry for safety/accountability solutions — when they appear, they're rated highest. The problem isn't that safety work is unwanted; it's that few teams are doing it.
## 9. OAuth 2.0 Is the Undisputed Foundation
RFC 6749 (OAuth 2.0) is cited by 36 drafts — more than any non-boilerplate RFC. The agent identity ecosystem is essentially an OAuth ecosystem. Any agent auth approach that doesn't build on OAuth will face adoption headwinds.
## 10. Two Gaps Have Zero Institutional Backing
"Agent Firmware/Model Update Security" and "Agent Energy Consumption Optimization" have zero WG-adopted drafts addressing them. These represent the intersection of importance and neglect — critical infrastructure needs that no working group has prioritized.

127
data/reports/blog-series/state-of-ecosystem.md Normal file
View File

@@ -0,0 +1,127 @@
# State of the IETF AI Agent Ecosystem: Where We Are and Where We're Going
*A vision document synthesizing 361 drafts, 557 authors, 628 cross-org convergent ideas, and 12 gaps into a picture of the AI agent standards landscape in 2026 and its trajectory through 2028.*
---
## I. The Current State: A Landscape in Formation
The IETF's AI agent standardization landscape in March 2026 resembles a city under construction: cranes everywhere, foundations going in, multiple development teams building in parallel -- but no master plan, no zoning, and the safety inspectors have not been hired yet.
The numbers tell the story. In nine months, from June 2025 to February 2026, the rate of AI/agent-related Internet-Draft submissions grew from 2 per month to 72 -- a 36x increase. The corpus now contains **361 drafts** from **557 authors** representing **230 organizations**. Our cross-organization analysis found **628 technical ideas** independently proposed by multiple organizations -- genuine consensus signals amid the noise -- and identified **12 standardization gaps**, three of them critical.
This is not incremental growth. This is a phase transition, comparable to the IoT draft surge of 2014-2016 or the early web standards push of the mid-1990s. The IETF is being asked to standardize the infrastructure for a new class of internet participant: the autonomous software agent.
But the landscape that has emerged is not converging. It is fragmenting.
### The Structural Problems
**Fragmentation without coordination.** The 361 drafts cluster into at least 42 topically overlapping groups. The most crowded area -- OAuth extensions for AI agents -- has 14 competing drafts, each proposing a different approach to the same problem: how does an autonomous agent authenticate and obtain authorization? In the agent-to-agent communication space, 120 drafts propose protocols with no interoperability layer between them. We found 25 near-duplicate pairs where teams independently wrote essentially the same specification.
**Concentration without diversity.** One organization -- Huawei -- accounts for 53 authors and 66 drafts, 18% of the entire corpus. A single 13-person team within Huawei co-authors 22 drafts at 94% internal cohesion. The broader Chinese institutional ecosystem (Huawei, China Mobile, China Telecom, China Unicom, Tsinghua University, ZTE, BUPT, CAICT, Zhongguancun Lab) collectively fields over 160 authors. Meanwhile, Google, Microsoft, and Apple are largely absent from AI agent protocol work. The standards that will govern how AI agents identify, authenticate, and communicate on the internet are being written by a remarkably narrow group.
**Capability without safety.** For every draft addressing AI safety, alignment, or human oversight, approximately four drafts build new agent capabilities. Only 44 of 361 drafts touch safety. Only 30 address human-agent interaction, compared to 120 A2A protocols and 93 autonomous network operations drafts. The three critical gaps we identified -- behavior verification, resource management, and error recovery -- all concern what happens when agents fail or misbehave. These gaps have received minimal attention.
---
## II. The Missing Architecture
The deepest problem is not fragmentation or concentration. It is the absence of connective tissue.
The 361 drafts contain the pieces of an agent ecosystem. What they lack is a shared model of how those pieces fit together. Consider what a deployed multi-agent system actually needs:
1. **An execution model**: How are agent tasks organized, sequenced, and tracked? What is the unit of work? How do dependencies between tasks get expressed? Today: no standard. Every draft assumes its own task model.
2. **Human oversight primitives**: When does a human need to approve, intervene, or override an agent's decision? How does the override propagate? How is the decision recorded for audit? Today: 30 drafts touch this, none define standard primitives.
3. **Error recovery and rollback**: When an autonomous agent makes a bad decision, how do you undo it? When a cascade of failures ripples through an agent network, how do you contain the blast radius? Today: one draft (draft-yue-anima-agent-recovery-networks) partially addresses this. The rest of the 360 ignore it.
4. **Protocol interoperability**: With 120 competing A2A protocols, how does an agent speaking Protocol A communicate with an agent speaking Protocol B? Today: zero ideas in the entire corpus for cross-protocol translation. This gap is entirely unaddressed.
5. **Assurance profiles**: How does the same agent ecosystem work in a fast development environment (acceptable risk, minimal overhead) AND a regulated production environment (proofs, attestations, compliance)? Today: the discussion is split between safety-oriented drafts and capability-oriented drafts with no bridge between them.
These five needs map precisely to the five most critical and high-severity gaps in our analysis. They are not exotic requirements; they are the basic infrastructure that any production agent deployment will need. The fact that 361 drafts have been written without addressing them is the landscape's defining weakness.
---
## III. What 2027 Will Look Like: Three Scenarios
Based on current trajectories, three scenarios emerge for the IETF AI agent ecosystem over the next 18-24 months.
### Scenario A: Fragmentation Wins (most likely without intervention)
The current trajectory continues. Draft volume doubles again. The OAuth-for-agents cluster grows from 14 to 25+ proposals. No interoperability layer emerges. Working groups adopt a handful of individual drafts but not a cohesive architecture. Safety work remains a sideshow.
**Result**: Implementers face a multi-protocol landscape with no clear choices. Large platforms (those with the engineering resources to build their own stacks) proceed anyway, creating de facto standards through market power rather than consensus. The IETF's role diminishes to retroactively documenting what platforms already deployed.
**Probability without intervention**: High. This is the default path.
### Scenario B: Consolidation Through Working Groups
The IETF establishes one or more focused working groups specifically for AI agent architecture (not just individual protocols). These WGs force consolidation: the 14 OAuth proposals get down to 2-3. The 120 A2A protocols get mapped against a common requirements document. Gap-filling work gets explicitly chartered.
**Result**: A more coherent landscape emerges by mid-2027. Not a single standard, but a small number of complementary standards with defined interfaces between them. Safety work gets a mandate.
**Conditions required**: A champion organization (or coalition) willing to do the coordination work. A BoF or side meeting at an upcoming IETF meeting that gains enough momentum to charter a WG. Active participation from implementers (cloud providers, agent framework builders) who can provide deployment reality checks.
**Probability**: Moderate. The raw material exists -- 628 cross-org convergent ideas show that organizations already agree on the building blocks. What is needed is organizational will to connect them.
### Scenario C: Architecture-First Design
Someone -- a coalition of authors, a proposed WG, or an influential design team -- produces a holistic agent ecosystem architecture document. This document defines the execution model (DAG-based), the oversight primitives (HITL as first-class), the interoperability layer (protocol-agnostic bindings), and the assurance framework (dual regime from relaxed to regulated). Individual drafts then map themselves to roles within this architecture.
**Result**: The fastest path to a deployable agent infrastructure. The architecture does not replace existing drafts; it organizes them. The 5-draft ecosystem proposal (AEM/ATD/HITL/AEPB/APAE) outlined in our analysis represents one possible realization of this approach.
**Conditions required**: The architecture must build on work that already has momentum (WIMSE, ECT, SPIFFE). It must be protocol-agnostic -- prescribing the execution model and semantics, not the wire format. It must address the dual-regime problem (same model works in K8s and in regulated deployments).
**Probability**: Lower, but this is the scenario that produces the best outcome.
---
## IV. What Builders Should Do Today
For anyone building agent systems, deploying multi-agent workflows, or participating in IETF standards, the data suggests five concrete actions:
### 1. Watch the execution model space
The most critical missing piece is a shared execution model for agent tasks. Execution Context Tokens (ECT, draft-nennemann-wimse-ect) are the most promising candidate -- they define a JWT-based DAG for tracking task execution, building on WIMSE. If ECT gains WG adoption, it becomes the substrate on which orchestration, recovery, and audit are built. Monitor this draft.
### 2. Build human oversight in now, not later
The 30-vs-120 human-agent-to-A2A ratio is not just a standards problem; it is an engineering problem. Systems being designed today without human override primitives will need to be retrofitted. The CHEQ protocol (draft-rosenberg-aiproto-cheq) and the LLM-assisted network management framework (draft-cui-nmrg-llm-nm) both propose HITL models. Pick one and build to it, or design your own -- but do not ship agent systems without override capability.
### 3. Assume protocol diversity, design for translation
The 120-protocol landscape is not going to consolidate to one protocol. Design agent systems with protocol abstraction layers. Assume that agents in your ecosystem will eventually need to communicate with agents speaking different protocols. The gateway pattern (draft-agent-gw, draft-li-dmsc-macp) is emerging as the pragmatic solution.
### 4. Invest in error recovery
The near-total absence of error recovery standards means you are on your own. Draft-yue-anima-agent-recovery-networks offers a task-oriented recovery framework; the ECT DAG model provides rollback semantics. Implement checkpointing and rollback in your agent workflows now. When the standards catch up, you will be ahead.
### 5. Participate in the standards process
The landscape's concentration problem is only solved by broader participation. If your organization deploys AI agents, you have a stake in how these standards develop. The most impactful contribution right now is gap-filling: behavior verification, resource management, error recovery, and cross-protocol translation. These are areas where new drafts would face minimal competition and maximal impact.
---
## V. The 2028 Endgame
Two years from now, the IETF AI agent landscape will have resolved into one of two equilibria.
In the first equilibrium, the landscape looks like today's microservices ecosystem: a chaotic but functional collection of protocols, libraries, and frameworks, held together by platform-specific integrations and de facto standards from the largest cloud providers. The IETF's work exists but is incomplete, and the real interoperability happens at higher layers (agent frameworks like LangChain, Semantic Kernel, or their successors). Safety is bolted on after deployment.
In the second equilibrium, the landscape looks more like the web: a layered architecture where identity (like TLS), communication (like HTTP), and semantics (like HTML) are cleanly separated, with standardized interfaces between them. Agents identify via WIMSE, execute via ECT-based DAGs, communicate via protocol-agnostic bindings, and operate under assurance profiles that scale from development to regulated production. Safety is built in, not bolted on.
The data we have analyzed -- 361 drafts, 628 cross-org convergent ideas, 12 gaps, 18 team blocs -- contains the building blocks for the second equilibrium. The question is whether the IETF community organizes itself to assemble them before market reality imposes the first.
The history of internet standards suggests that both happen: a messy market reality emerges first, followed by standards that rationalize and improve it. The web started with browser wars and incompatible HTML, then converged on HTML5. Mobile started with a zoo of protocols, then converged on LTE/5G. The AI agent ecosystem may follow the same path.
But the gap between "messy first deployment" and "rationalized standards" matters enormously for safety. When the thing being standardized is autonomous software that makes decisions, executes actions, and interacts with humans and infrastructure, getting the safety architecture wrong during the messy phase has consequences that are harder to fix retroactively.
The 4:1 ratio is the number to watch. If it narrows -- if safety and oversight work accelerates to match capability work -- the second equilibrium becomes achievable. If it stays at 4:1 or widens, the first equilibrium is where we land, and the safety work becomes remediation rather than prevention.
The drafts are being written. The race is on. The outcome depends on whether coordination catches up to creativity.
---
*Analysis based on 361 IETF Internet-Drafts, 557 authors, 628 cross-org convergent ideas, and 12 identified gaps, current as of March 2026. Written by the Architect agent as input for the blog series and as a standalone reference document.*

101
data/reports/centrality.md Normal file
View File

@@ -0,0 +1,101 @@
# Author Network Centrality Report
*Generated 2026-03-03 20:14 UTC — 491 authors, 1142 co-authorship edges*
## Network Overview
- **Authors (nodes)**: 491
- **Co-authorship edges**: 1142
- **Intra-org edges**: 388 (35.1%)
- **Cross-org edges**: 718 (64.9%)
- **Cross Chinese-Western edges**: 167
- **Clustering coefficient**: 0.794
- **Connected components**: 68, largest: 165
## Top 30 Authors by Betweenness Centrality
Betweenness centrality measures how often an author lies on the shortest path between other authors — high BC = key connector in the network.
| # | Author | Organization | BC Score | Degree | CN Neighbors | Western Neighbors |
|--:|:-------|:-------------|--------:|-------:|-------------:|------------------:|
| 1 | Luis M. Contreras | Telefonica | 0.0351 | 14 | 11 | 3 |
| 2 | Qin Wu | Huawei | 0.0349 | 23 | 12 | 11 |
| 3 | Aijun Wang | China Telecom | 0.0323 | 17 | 17 | 0 |
| 4 | Mengyao Han | China Unicom | 0.0282 | 20 | 19 | 1 |
| 5 | Xueting Li | China Telecom | 0.0230 | 4 | 4 | 0 |
| 6 | Muhammad Awais Jadoon | InterDigital | 0.0229 | 13 | 9 | 4 |
| 7 | Menghan Yu | China Telecom | 0.0171 | 7 | 6 | 1 |
| 8 | Chenguang Du | Zhongguancun Laboratory | 0.0129 | 7 | 7 | 0 |
| 9 | Diego Lopez | Telefonica | 0.0127 | 15 | 6 | 9 |
| 10 | Arashmid Akhavain | Huawei | 0.0120 | 15 | 13 | 2 |
| 11 | Chenchen Yang | Huawei | 0.0107 | 14 | 12 | 2 |
| 12 | Kehan Yao | China Mobile | 0.0105 | 11 | 8 | 3 |
| 13 | Bo Wu | Huawei | 0.0104 | 9 | 6 | 3 |
| 14 | Giuseppe Fioccola | Huawei | 0.0092 | 10 | 2 | 8 |
| 15 | Ran Pang | China Unicom | 0.0083 | 16 | 16 | 0 |
| 16 | Bing Liu | Huawei | 0.0082 | 19 | 14 | 5 |
| 17 | Yi Yue | China Unicom | 0.0077 | 14 | 12 | 2 |
| 18 | Zhenbin Li | Huawei | 0.0076 | 18 | 16 | 2 |
| 19 | Qiangzhou Gao | Huawei | 0.0076 | 18 | 16 | 2 |
| 20 | Quan Xiong | ZTE Corporation | 0.0074 | 14 | 12 | 2 |
| 21 | Zongpeng Du | China Mobile | 0.0073 | 10 | 5 | 5 |
| 22 | Sun Qiong | China Telecom | 0.0071 | 10 | 5 | 5 |
| 23 | Michael Richardson | Sandelman Software Works | 0.0060 | 18 | 1 | 17 |
| 24 | Xiaotong Shang | Huawei | 0.0051 | 16 | 14 | 2 |
| 25 | Chongfeng Xie | China Telecom | 0.0050 | 9 | 7 | 2 |
| 26 | Yong Cui | Tsinghua University | 0.0040 | 8 | 8 | 0 |
| 27 | Roland Schott | Deutsche Telekom | 0.0040 | 7 | 2 | 5 |
| 28 | XingZhao | CAICT | 0.0040 | 8 | 7 | 1 |
| 29 | Jun Liu | BUPT | 0.0040 | 6 | 6 | 0 |
| 30 | Lianhua Zhang | AsiaInfo | 0.0040 | 6 | 6 | 0 |
## Cross-Divide Bridge-Builders (115 authors)
Authors who co-author with people from both Chinese and Western organizations.
| # | Author | Organization | BC Score | CN Neighbors | Western Neighbors |
|--:|:-------|:-------------|--------:|-------------:|------------------:|
| 1 | Luis M. Contreras | Telefonica | 0.0351 | 11 | 3 |
| 2 | Qin Wu | Huawei | 0.0349 | 12 | 11 |
| 3 | Mengyao Han | China Unicom | 0.0282 | 19 | 1 |
| 4 | Muhammad Awais Jadoon | InterDigital | 0.0229 | 9 | 4 |
| 5 | Menghan Yu | China Telecom | 0.0171 | 6 | 1 |
| 6 | Diego Lopez | Telefonica | 0.0127 | 6 | 9 |
| 7 | Arashmid Akhavain | Huawei | 0.0120 | 13 | 2 |
| 8 | Chenchen Yang | Huawei | 0.0107 | 12 | 2 |
| 9 | Kehan Yao | China Mobile | 0.0105 | 8 | 3 |
| 10 | Bo Wu | Huawei | 0.0104 | 6 | 3 |
| 11 | Giuseppe Fioccola | Huawei | 0.0092 | 2 | 8 |
| 12 | Bing Liu | Huawei | 0.0082 | 14 | 5 |
| 13 | Yi Yue | China Unicom | 0.0077 | 12 | 2 |
| 14 | Zhenbin Li | Huawei | 0.0076 | 16 | 2 |
| 15 | Qiangzhou Gao | Huawei | 0.0076 | 16 | 2 |
| 16 | Quan Xiong | ZTE Corporation | 0.0074 | 12 | 2 |
| 17 | Zongpeng Du | China Mobile | 0.0073 | 5 | 5 |
| 18 | Sun Qiong | China Telecom | 0.0071 | 5 | 5 |
| 19 | Michael Richardson | Sandelman Software Works | 0.0060 | 1 | 17 |
| 20 | Xiaotong Shang | Huawei | 0.0051 | 14 | 2 |
## Organization-Level Centrality (>= 3 authors)
| # | Organization | Authors | Avg BC | Max BC |
|--:|:-------------|--------:|-------:|-------:|
| 1 | China Telecom | 23 | 0.0037 | 0.0323 |
| 2 | Zhongguancun Laboratory | 4 | 0.0032 | 0.0129 |
| 3 | China Unicom | 22 | 0.0023 | 0.0282 |
| 4 | Huawei | 53 | 0.0022 | 0.0349 |
| 5 | Siemens | 5 | 0.0011 | 0.0032 |
| 6 | AsiaInfo | 4 | 0.0010 | 0.0040 |
| 7 | China Mobile | 24 | 0.0010 | 0.0105 |
| 8 | Ericsson | 3 | 0.0009 | 0.0018 |
| 9 | ZTE Corporation | 12 | 0.0009 | 0.0074 |
| 10 | Tsinghua University | 13 | 0.0006 | 0.0040 |
| 11 | CAICT | 8 | 0.0006 | 0.0040 |
| 12 | BUPT | 14 | 0.0003 | 0.0040 |
| 13 | Amazon | 5 | 0.0003 | 0.0013 |
| 14 | Inria | 6 | 0.0001 | 0.0004 |
| 15 | Google | 5 | 0.0000 | 0.0001 |
| 16 | Department of Computer Science & Engineering | 4 | 0.0000 | 0.0001 |
| 17 | Cisco | 23 | 0.0000 | 0.0001 |
| 18 | Pengcheng Laboratory | 8 | 0.0000 | 0.0001 |
| 19 | IBM | 6 | 0.0000 | 0.0000 |
| 20 | Futurewei | 3 | 0.0000 | 0.0000 |

91
data/reports/co-occurrence.md Normal file
View File

@@ -0,0 +1,91 @@
# Category Co-occurrence Report
*Generated 2026-03-03 20:15 UTC — 361 drafts, 318 (88.1%) multi-category*
## Category Counts
| Category | Count | % of Drafts |
|:---------|------:|------------:|
| Data formats/interop | 148 | 41.0% |
| A2A protocols | 136 | 37.7% |
| Agent identity/auth | 121 | 33.5% |
| Autonomous netops | 98 | 27.1% |
| Policy/governance | 93 | 25.8% |
| Agent discovery/reg | 79 | 21.9% |
| ML traffic mgmt | 74 | 20.5% |
| AI safety/alignment | 45 | 12.5% |
| Model serving/inference | 42 | 11.6% |
| Human-agent interaction | 30 | 8.3% |
| Other AI/agent | 26 | 7.2% |
## Co-occurrence Matrix
Number of drafts assigned to both categories simultaneously.
| | Data | A2A | IdAuth | Auto | Policy | Disc | ML | Safe | Model | Human | Other |
|:---|---:|---:|---:|---:|---:|---:|---:|---:|---:|---:|---:|
| **Data** | **148** | 58 | 33 | 24 | 26 | 35 | 19 | 7 | 14 | 14 | 3 |
| **A2A** | 58 | **136** | 43 | 39 | 23 | 51 | 15 | 12 | 9 | 8 | 3 |
| **IdAuth** | 33 | 43 | **121** | 7 | 40 | 27 | 2 | 26 | 4 | 6 | 1 |
| **Auto** | 24 | 39 | 7 | **98** | 19 | 21 | 29 | 4 | 11 | 8 | 9 |
| **Policy** | 26 | 23 | 40 | 19 | **93** | 4 | 10 | 27 | 4 | 10 | 2 |
| **Disc** | 35 | 51 | 27 | 21 | 4 | **79** | 6 | - | 4 | 2 | 2 |
| **ML** | 19 | 15 | 2 | 29 | 10 | 6 | **74** | 3 | 23 | 4 | 4 |
| **Safe** | 7 | 12 | 26 | 4 | 27 | - | 3 | **45** | - | 5 | 1 |
| **Model** | 14 | 9 | 4 | 11 | 4 | 4 | 23 | - | **42** | - | 3 |
| **Human** | 14 | 8 | 6 | 8 | 10 | 2 | 4 | 5 | - | **30** | 1 |
| **Other** | 3 | 3 | 1 | 9 | 2 | 2 | 4 | 1 | 3 | 1 | **26** |
## Top 20 Co-occurrences
| # | Category A | Category B | Count | Jaccard Index |
|--:|:-----------|:-----------|------:|--------------:|
| 1 | A2A protocols | Data formats/interop | 58 | 0.257 |
| 2 | A2A protocols | Agent discovery/reg | 51 | 0.311 |
| 3 | A2A protocols | Agent identity/auth | 43 | 0.201 |
| 4 | Agent identity/auth | Policy/governance | 40 | 0.230 |
| 5 | A2A protocols | Autonomous netops | 39 | 0.200 |
| 6 | Agent discovery/reg | Data formats/interop | 35 | 0.182 |
| 7 | Agent identity/auth | Data formats/interop | 33 | 0.140 |
| 8 | Autonomous netops | ML traffic mgmt | 29 | 0.203 |
| 9 | AI safety/alignment | Policy/governance | 27 | 0.243 |
| 10 | Agent discovery/reg | Agent identity/auth | 27 | 0.156 |
| 11 | AI safety/alignment | Agent identity/auth | 26 | 0.186 |
| 12 | Data formats/interop | Policy/governance | 26 | 0.121 |
| 13 | Autonomous netops | Data formats/interop | 24 | 0.108 |
| 14 | ML traffic mgmt | Model serving/inference | 23 | 0.247 |
| 15 | A2A protocols | Policy/governance | 23 | 0.112 |
| 16 | Agent discovery/reg | Autonomous netops | 21 | 0.135 |
| 17 | Autonomous netops | Policy/governance | 19 | 0.110 |
| 18 | Data formats/interop | ML traffic mgmt | 19 | 0.094 |
| 19 | A2A protocols | ML traffic mgmt | 15 | 0.077 |
| 20 | Data formats/interop | Model serving/inference | 14 | 0.080 |
## AI Safety/Alignment Coupling Analysis (45 drafts)
Is AI safety structurally isolated from other categories?
| Co-occurring Category | Count | % of Safety Drafts | Jaccard |
|:----------------------|------:|-------------------:|--------:|
| Policy/governance | 27 | 60.0% | 0.243 |
| Agent identity/auth | 26 | 57.8% | 0.186 |
| A2A protocols | 12 | 26.7% | 0.071 |
| Data formats/interop | 7 | 15.6% | 0.038 |
| Human-agent interaction | 5 | 11.1% | 0.071 |
| Autonomous netops | 4 | 8.9% | 0.029 |
| ML traffic mgmt | 3 | 6.7% | 0.026 |
| Other AI/agent | 1 | 2.2% | 0.014 |
**Verdict**: AI safety drafts have 85 co-occurrence links across 8 categories (1.9 avg links per safety draft).
Safety is **well-coupled** with other categories, particularly policy/governance and identity/auth.
## Category Clusters
Groups of categories that form natural clusters based on co-occurrence.
- **A2A protocols** clusters with: Agent discovery/reg (lift 1.7x)
- **Agent identity/auth** clusters with: AI safety/alignment (lift 1.7x)
- **Policy/governance** clusters with: AI safety/alignment (lift 2.3x)
- **Agent discovery/reg** clusters with: A2A protocols (lift 1.7x)
- **ML traffic mgmt** clusters with: Model serving/inference (lift 2.7x)
- **AI safety/alignment** clusters with: Policy/governance (lift 2.3x), Agent identity/auth (lift 1.7x)
- **Model serving/inference** clusters with: ML traffic mgmt (lift 2.7x)

405
data/reports/dev-journal.md Normal file
View File

@@ -0,0 +1,405 @@
# Development Journal — IETF Draft Analyzer
*This journal tracks development milestones across sessions. It serves as source material for the meta blog post about using Claude agent teams to build this analysis.*
---
### 2026-02-28 — v0.2.0 Release
**What**: Built full analysis pipeline — fetch, analyze, rate, embed, ideas, gaps, visualize, report. 13 CLI commands, 13+ visualizations, 11 report types.
**Why**: Needed a systematic way to map the exploding IETF AI/agent landscape.
**Result**: 260 drafts analyzed, 403 authors mapped, 1,262 ideas extracted, 12 gaps identified. Total cost ~$3.16 on Claude Sonnet.
**Surprise**: The 4:1 safety deficit — only 36 of 260 drafts address safety/alignment while 92+ focus on A2A protocols.
### 2026-03-01 — Full Pipeline Run
**What**: Ran complete pipeline on 260 drafts — ratings, embeddings, ideas, gap analysis, all visualizations and reports.
**Result**: All 11 reports generated. First blog post draft written ("The IETF's AI Agent Gold Rush"). arXiv paper drafted (13 pages).
### 2026-03-03 — Keyword Expansion
**What**: Added 6 new search keywords (mcp, agentic, inference, generative, intelligent, aipref). Fetched 101 new drafts, bringing total to 361.
**Why**: Original 6 keywords missed important categories — MCP-related drafts, generative AI infrastructure, intelligent networking.
**Result**: 361 drafts total. New drafts not yet processed (need analyze, authors, ideas, embed, gaps).
### 2026-03-03 — Agent Team Design
**What**: Designed a 4-agent team (Architect, Analyst, Coder, Writer) to elevate the project. Created team prompt, 4 agent definitions, CLAUDE.md with journaling requirements, and a 7+1 blog series plan.
**Why**: The project had powerful data but fragmented output — individual reports, one blog draft, an unfinished paper. Needed a coordinated effort to draw the big picture and tell a coherent story.
**Result**:
- `scripts/agent-team-prompt.md` — 3000-word team brief
- `.claude/agents/{architect,analyst,coder,writer}.md` — 4 agent definitions
- `CLAUDE.md` — project instructions with dev journal requirement
- Blog series planned: 7 analysis posts + 1 meta post about the process
**Surprise**: The act of designing the team prompt forced clarity on what the project's thesis actually is: "The IETF is building the highways before the traffic lights."
### 2026-03-03 Architect — Narrative Arc Design
**What**: Read all 10 reports (holistic-agent-ecosystem, draft-family-consistency, gaps, blog-post, overview, authors, team-blocs, ideas, landscape, overlap-clusters) and designed the narrative arc for the 7-post blog series.
**Why**: The project had rich data but no story structure. Needed to find the meta-narrative beyond "lots of drafts" and design a series that builds tension, reaches a climax, and delivers a resolution.
**Result**: Wrote `data/reports/blog-series/00-series-overview.md` — a combined architectural design document and reader-facing introduction. Key decisions:
- Three-act structure: Gold Rush (Posts 1-2), Fragmentation (Posts 3-4), Path Forward (Posts 5-6), plus methodology coda (Post 7)
- Post 4 (gaps) is the climax — the most important and consequential finding
- Post 6 (big picture) is the resolution — connects the 5-draft ecosystem proposal to the gaps
- Five recurring motifs: 4:1 safety deficit, highway/traffic light metaphor, fragmentation vs architecture, concentration/absence, islands problem
- Per-post data requirements table for the Analyst
- Missing analyses list for the Coder: category trends, RFC cross-refs, cross-org idea overlap, WG adoption tracking
**Surprise**: The strongest narrative thread turned out to be "coordination difficulty correlates with gap severity" — the critical gaps are exactly the ones that require cross-team consensus, which the island/bloc structure cannot produce. This reframes the safety deficit from a quantity problem to a structural problem.
### 2026-03-03 Architect — State of the Agent Ecosystem Vision Document
**What**: Wrote the ~2,000-word "State of the IETF AI Agent Ecosystem" vision document at `data/reports/blog-series/state-of-ecosystem.md`. Five sections: current state, missing architecture, three 2027 scenarios, five builder actions, 2028 endgame.
**Why**: Post 6 (the capstone) needs a substantive vision to draw from. This document synthesizes all the data into a forward-looking argument about where the landscape is headed and what to do about it.
**Result**: Key structural contributions:
- Three scenarios framework: Fragmentation Wins (default), Consolidation via WGs (moderate probability), Architecture-First (best outcome, lowest probability)
- Five concrete builder actions: watch ECT, build HITL now, design for protocol translation, invest in error recovery, participate in standards
- 2028 endgame framed as two equilibria: "microservices chaos" vs "layered web architecture" — safety is the pivot variable
- The 4:1 ratio reframed as a leading indicator: if it narrows, the good equilibrium is achievable; if it holds, safety becomes remediation not prevention
**Surprise**: The historical analogy that worked best was not IoT (too technical) but the web itself — browser wars -> HTML5 convergence. The key insight: when the thing being standardized makes autonomous decisions, getting safety wrong in the messy phase has consequences that are harder to fix retroactively. This became the emotional core of the endgame section.
### 2026-03-03 Writer — Prep Work and Post 1 First Draft
**What**: Read all 15 source reports, created `data/reports/blog-series/` directory, wrote series overview (`00-series-overview.md`), and drafted Post 1 ("The IETF's AI Agent Gold Rush") at ~2,200 words.
**Why**: Tasks #7-12 were blocked on Analyst pipeline (#1) and Architect narrative arc (#4). Used waiting time productively to get Post 1 ready for review. Based on existing 260-draft data from blog-post.md, expanded and restructured for the series format.
**Result**:
- `data/reports/blog-series/00-series-overview.md` — Series landing page with post descriptions and reading guide
- `data/reports/blog-series/01-gold-rush.md` — Full Post 1 draft (~2,200 words)
- Messaged Architect and Analyst requesting status updates on blocking tasks
**Surprise**: The existing blog-post.md was already strong but read like a report, not a story. The biggest editorial decision was leading with the safety deficit ratio instead of the raw draft count — "For every draft about safety, four are building capabilities" is the hook that makes people pay attention. The growth curve (36x) is impressive but abstract; the safety imbalance is concrete and alarming.
**Cost**: No API calls — pure writing from existing data.
### 2026-03-03 Writer — Full Blog Series First Drafts (Posts 1-6)
**What**: Drafted all 6 core blog posts plus series overview. Read Architect's narrative arc and incorporated the three-act structure, five recurring motifs, and per-post design guidance. Read Coder's new reports (refs, idea-overlap) for additional data points.
**Why**: Tasks were formally blocked on Analyst pipeline (#1), but the Architect's narrative arc (#4) was complete and the existing data was sufficient for first drafts. Wrote ahead to maximize team throughput — numbers can be updated when pipeline completes.
**Result**:
- `01-gold-rush.md` — Post 1: ~2,200 words. Lead with 4:1 safety ratio. Growth curve, category breakdown, top drafts, author landscape.
- `02-who-writes-the-rules.md` — Post 2: ~2,500 words. Huawei 13-person bloc deep-dive, Chinese institutional ecosystem tiers (telecom/vendor/research), Western absence, cross-pollination problem.
- `03-oauth-wars.md` — Post 3: ~2,300 words. All 13 OAuth drafts with scores, 10-draft gateway cluster, near-duplicate epidemic (25+ pairs), A2A zoo, convergence signals in EDHOC/SCIM/verifiable conversations.
- `04-what-nobody-builds.md` — Post 4 (THE CLIMAX): ~2,400 words. All 12 gaps with idea counts. Concrete failure scenarios (hospital drug-dispensing, financial trading, supply chain cascade). Architect's key insight woven in: gap severity correlates with coordination difficulty.
- `05-1262-ideas.md` — Post 5: ~2,200 words. Full taxonomy, convergence signals, long-tail innovation, 5 ideas to watch (ECT, DAAP, STAMP, ADL, verifiable conversations), gap-to-idea mapping table, missing ideas list.
- `06-big-picture.md` — Post 6 (THE RESOLUTION): ~2,300 words. Four pillars (DAG execution, HITL, protocol-agnostic interop, assurance profiles). Builds on SPIFFE/WIMSE/ECT. Five proposed drafts. Predictions. Builder guidance.
**Surprise**: Three editorial discoveries:
1. Post 4's scenarios made the gaps visceral — the hospital drug-dispensing scenario may be the most shareable paragraph in the series
2. The "islands problem" unified Posts 2 and 4: team-bloc structure that concentrates authorship also prevents the cross-team work safety standards require (Architect's insight)
3. Post 6 benefited enormously from the Architect's state-of-ecosystem.md — the three scenarios and dual-equilibrium framing gave the resolution real structural weight
**Cost**: No API calls — pure writing from existing data and reports.
### 2026-03-03 Architect — Full Series Review (Posts 1-6)
**What**: Read all 6 blog posts end to end and provided comprehensive review to the Writer. Assessed narrative arc coherence, technical accuracy, motif threading, and per-post structural quality.
**Why**: Architect deliverable #4 — review notes on every blog post. This is the quality gate before final data-update pass.
**Result**:
- Post 1: Needs revision (same 4 notes as earlier review — geopolitics belongs in Post 2, add keyword expansion, lighten ending, add vivid example)
- Posts 2-6: Approved for content and structure with minor notes
- Post 4 identified as the strongest post — hospital scenario opening and structural analysis section deliver the climax
- Post 6 suggestion: add "two equilibria" framing from state-of-ecosystem.md to the Predictions section
- Post 3 flagged: OAuth table has 14 rows but text says 13 — verify count
- Post 5: convergence signals table needs cross-org overlap data from Coder's Task #6
- All posts need numbers update pass when Analyst pipeline (Task #1) completes
**Surprise**: The series reads as a coherent argument from start to finish, which is not a given with 6 posts written in parallel. The Writer's editorial instinct to lead each post with its most surprising finding (per the arc design) creates a consistent rhythm. The motif threading is subtle enough to not feel repetitive. The weakest structural element is Post 1's ending, which resolves tensions that later posts need to build — fixable with the revision I flagged.
### 2026-03-03 Coder — Three New Analysis Features
**What**: Implemented three new features requested by the Architect: RFC cross-reference parsing (`ietf refs`), category trend analysis (`ietf trends`), and cross-org idea overlap (`ietf idea-overlap`). Each includes CLI command, DB support, and markdown report generation.
**Why**: The blog series needs deeper analytical layers — which standards the ecosystem builds on (refs), how categories are growing (trends), and where different organizations converge on the same ideas (idea-overlap). These unlock Posts 2, 3, and 5.
**Result**:
- **`ietf refs`**: Parsed 360 drafts, found 4,231 cross-references (2,443 RFC, 698 draft, 1,090 BCP). Top RFCs: RFC 2119 (285 drafts), RFC 8174 (237), RFC 8446/TLS 1.3 (42), RFC 6749/OAuth 2.0 (36), RFC 9110/HTTP Semantics (34). Report at `data/reports/refs.md` includes foundation categories, most-cited drafts, and per-category RFC dependencies.
- **`ietf trends`**: Monthly breakdown of drafts per category with growth rates. 19 months of data (2024-01 to 2026-03), 19 categories. Report at `data/reports/trends.md`.
- **`ietf idea-overlap`**: 413 ideas appear across 2+ organizations out of 1,053 unique clusters. Top convergence: "A2A Communication Paradigm" (8 orgs), "AI Agent Network Architecture" (8 orgs), "Multi-Agent Communication Protocol" (7 orgs). Report at `data/reports/idea-overlap.md` with org-pair overlap matrix.
- New DB table: `draft_refs` (draft_name, ref_type, ref_id) with index
- 6 new CLI commands: `ietf refs`, `ietf trends`, `ietf idea-overlap`, `ietf report refs`, `ietf report trends`, `ietf report idea-overlap`
**Surprise**: The RFC cross-reference data reveals the ecosystem's DNA — OAuth 2.0 (RFC 6749) and TLS 1.3 (RFC 8446) are the bedrock. The agent identity/auth category is essentially built on top of the OAuth stack. Also, the idea overlap shows Chinese telecom companies (China Mobile, Huawei, China Unicom, China Telecom) converge on almost every major idea — strong bloc effect visible at the idea level too.
**Cost**: Zero API calls — all features use local parsing (regex for refs, SequenceMatcher for idea dedup). Pure compute.
### 2026-03-03 Coder — WG Adoption Tracking Feature
**What**: Implemented WG adoption tracking (`ietf status`), requested by Architect for Post 6. Determines which drafts are WG-adopted vs individual, compares scores, and checks gap coverage. Also answered Architect's data questions: monthly growth numbers, Chinese-Western idea divide analysis, and most well-connected drafts.
**Why**: Post 6 needs the "traction vs aspiration" distinction. Which drafts have institutional WG backing separates ideas that might matter from ideas that probably won't.
**Result**:
- **36 of 361 drafts (10.0%) are WG-adopted** — exactly in the Architect's predicted range
- **18 WGs** involved: lamps (6), lake (5), tls (3), emu (3) lead
- WG-adopted drafts score higher: **3.54 avg vs 3.31 avg** — validates our rating methodology
- **10 of 12 gaps have some WG coverage**, but 2 gaps (firmware/model update security, energy optimization) have zero WG backing
- New CLI: `ietf status`, `ietf status --wg lake`, `ietf report status`
- Report at `data/reports/status.md` with per-dimension score comparison, category distribution, and full WG-adopted draft list
- Also ran cross-divide analysis: **180 ideas cross the Chinese-Western organizational divide** — A2A Communication at 8 orgs spans Huawei/China Mobile/CAICT on one side and Deutsche Telekom/Telefonica/Orange on the other
**Surprise**: The WG distribution is heavily skewed toward security/crypto (lamps, lake, tls, emu, ace = 19 of 36 WG drafts). Agent-specific WGs like `aipref` have only 2 drafts. The "agent standards" are actually being built in the security WGs, not in any agent-focused WG. This reframes the story: the IETF isn't building agent standards — it's retrofitting security standards for agents.
**Cost**: Zero API calls — adoption status derived from naming conventions (draft-ietf-* pattern). No API needed.
### 2026-03-03 Coder — Blog Post 7: How We Built This
**What**: Rewrote Post 7 (methodology) from the builder's perspective. Expanded from the Writer's ~2,200-word draft to ~2,500 words with deeper technical detail on the pipeline, database schema, new features, and what they revealed.
**Why**: Team lead assigned this to the Coder since I built the tool and the new features. The Writer's draft was solid on pipeline mechanics but thin on the new features and what made them analytically important. Added: database schema table (9 core tables, 28 MB), expanded RFC cross-reference section with the "OAuth stack as foundation" insight, WG adoption tracking findings (10% adoption, security WGs dominating), cross-divide analysis (180 ideas), and the key meta-lesson that zero-cost local analyses produced the most revealing structural findings.
**Result**: `data/reports/blog-series/07-how-we-built-this.md` — ~2,500 words. Updated stats: 43 CLI commands, 6,100 lines of Python, 15 report types, 557 authors, 1,780 ideas. Added "The free analyses are the most revealing" as a new lesson. Updated cost table with Haiku analysis of 101 new drafts.
**Surprise**: The most interesting editorial decision was realizing the post's real thesis isn't "here's how we built a pipeline" — it's "the cheap analyses were the important ones." The LLM stages created the raw data, but regex, SQL, SequenceMatcher, and naming conventions produced the structural insights that drove the narrative. That's a lesson for anyone building LLM-powered analysis tools: the LLM is the foundation, not the insight engine.
**Cost**: Zero API calls — pure writing from existing data.
### 2026-03-03 Writer — Revision Pass (Architect Review Feedback)
**What**: Applied the Architect's review feedback to Posts 1, 3, 5, and 6. Four specific revision areas addressed.
**Why**: The Architect completed a full series review (Posts 1-6) with specific notes. These revisions are the quality gate before the numbers-update pass.
**Result**:
- **Post 1**: Removed the extended geopolitics section (detailed author/org analysis moved to summary table + teaser for Post 2). Added keyword expansion methodology note. Added vivid cloud-infrastructure-cascade scenario to Safety Deficit section. Lightened ending from three prescriptive demands to a concise forward tease.
- **Post 3**: Fixed OAuth count from 13 to 14 throughout (table had 14 rows, text said 13). Updated all references across Posts 1, 2, 3, 6, and 7 for consistency.
- **Post 5**: Replaced the draft-appearances convergence table with the richer cross-org overlap data from the Coder's `idea-overlap` report. Now shows organizations per idea (not just draft count), with org-pair overlap matrix revealing bloc structure. Added 413 cross-org ideas statistic to Key Takeaways.
- **Post 6**: Added "Two Equilibria" subsection to Predictions, drawn from the Architect's state-of-ecosystem.md. Microservices chaos vs. layered web architecture, with the 4:1 ratio as the leading indicator.
**Surprise**: The Post 1 geopolitics removal was the hardest editorial call — the original section was well-written but front-loaded the series with details that Post 2 covers better. The lighter version creates more narrative pull toward the next post.
### 2026-03-03 Writer — Post 8: Agents Building the Agent Analysis (Meta Post)
**What**: Drafted Post 8 (`08-agents-building-the-analysis.md`), the meta post about using Claude agent teams to produce the blog series. ~2,200 words.
**Why**: CLAUDE.md specified Post 8 as the meta post about the process. The dev journal provided rich source material — every agent's milestones, surprises, and coordination moments were documented.
**Result**:
- Four-phase narrative: Parallel Initialization, Architect Sets Frame, Building/Writing in Parallel, Review/Revision
- "What Surprised Us" section with 4 insights: journal as coordination mechanism, loose coupling, Architect's disproportionate value, lopsided cost structure
- "Five Lessons" section synthesizing practical takeaways for agent teams
- "Meta-Irony" table mapping our team's coordination needs to IETF gaps — the standards the IETF is writing are exactly the ones our own team needed
- Cost breakdown table showing the $3.16 pipeline vs. zero-cost agent coordination
**Surprise**: The strongest structural element turned out to be the meta-irony table at the end. Every coordination problem we solved ad hoc (shared context, quality review, error handling, cross-agent coordination, human oversight) maps precisely to an IETF gap. This was not planned — it emerged from writing the post. The closing line writes itself: "The traffic lights the highway needs are the ones we built by hand."
**Cost**: No API calls — pure writing from dev-journal.md and project artifacts.
### 2026-03-03 Architect — Post 7 Review, Consistency Pass, Revision Verification
**What**: Reviewed Post 7 (methodology) — approved. Ran OAuth count consistency pass: updated `00-series-overview.md` from 13 to 14 in four places. Verified Writer's revision pass on Posts 3, 5, and 6 — all confirmed. Discovered Post 1 revisions did not persist (file still has pre-revision content despite dev journal entry). Sent consolidated review to Writer and flagged the Post 1 issue.
**Why**: Post 7 was the last unreviewed post. The consistency pass catches cross-document drift. Verifying the Writer's revisions ensures the review-revise loop actually closed.
**Result**: 6 of 7 posts approved. Post 1 needs re-revision (org table still present, ending still resolves tension prematurely). Series overview now consistent with 14-draft OAuth count. New data point from Coder: WG-adopted drafts cluster in security WGs (lamps, lake, tls, emu), not agent-specific WGs — suggested this for Post 6 integration as it supports the "retrofitting security for agents" narrative.
**Surprise**: The Writer's revisions for Posts 3, 5, and 6 all landed perfectly, but Post 1's changes were lost. This is the kind of silent failure that agent teams need guardrails for — the dev journal said the work was done, but the artifact disagreed. Lesson: verify outputs, not just logs.
### 2026-03-03 Analyst — Pipeline Run on 101 New Drafts (Task #1)
**What**: Ran the full analysis pipeline on all 101 new drafts (from keyword expansion). Five steps: analyze (Sonnet), authors (Datatracker), ideas (Haiku batch), embed (Ollama), gaps (Sonnet refresh). Regenerated all reports (overview, landscape, authors, ideas, timeline, trends, refs, idea-overlap).
**Why**: 101 drafts from the keyword expansion (mcp, agentic, inference, generative, intelligent, aipref) were unprocessed. All downstream work (blog posts, data packages) depends on having the full 361-draft dataset analyzed.
**Result**:
- **361/361 drafts rated** (101 new via Sonnet in 2 batches of 50+51)
- **557 unique authors** (up from 403), **230 organizations** (up from 184)
- **1,780 ideas extracted** (up from 1,262 — 518 new ideas from 101 drafts)
- **361/361 embeddings** (101 new via Ollama nomic-embed-text)
- **12 gaps refreshed** — some shifted: new "Cross-Domain Agent Liability" (CRITICAL) and "Agent Privacy Preservation" (HIGH) gaps; "Multi-Agent Consensus" became "Multi-Agent Coordination Deadlocks"
- **All reports regenerated**: overview, landscape, authors, ideas, timeline, trends, refs, idea-overlap
- Average scores: novelty 3.32, maturity 2.96, relevance 3.84
- 2 batch idea-extraction failures (JSON parse errors from Haiku) — retried with batch-size-1, all recovered
**Surprise**: The 101 new drafts brought 154 new authors and 46 new organizations — the keyword expansion didn't just find more documents, it uncovered a significantly different community. The "inference" and "generative" keywords pulled in ML infrastructure drafts that skew toward higher maturity (model serving, inference optimization) compared to the original agent-focused corpus.
**Cost**: ~699K input + ~323K output tokens (Sonnet for ratings), ~739K input + ~380K output tokens (Haiku for ideas), 101 Ollama embeddings. Estimated total: ~$5-6 for Sonnet ratings + ~$0.50 for Haiku ideas.
### 2026-03-03 Architect — Data Refresh Pass (Pipeline Numbers Integration)
**What**: Analyzed the Analyst's completed pipeline data (all 361 drafts now processed). Compiled comprehensive numbers update guide for the Writer. Updated `00-series-overview.md` with new figures throughout (~15 edits). Assessed narrative impact of the data changes.
**Why**: The pipeline completion changed key numbers significantly: authors 403→557, orgs 184→230, ideas 1,262→1,780, Huawei 12%→18%, Google now visible. Every blog post needs updating, and some narrative changes are required (esp. Post 2 "Western absence" → "Western underrepresentation").
**Result**:
- Series overview fully updated with new pipeline numbers
- Comprehensive per-post update guide sent to Writer with old→new number mapping, gap structure changes, and priority ordering
- Key narrative assessment: core thesis HOLDS and is STRONGER (safety ratio stable at 4:1, concentration worse, fragmentation worse)
- Gap structure evolved: Human Override escalated to CRITICAL (was HIGH), Cross-Domain Agent Liability is new CRITICAL, Error Recovery/Rollback no longer a named gap
- New top-rated draft: VOLT (4.8) ties DAAP — verifiable execution traces
- Google's appearance (5 authors, 9 drafts) requires Post 2 narrative nuancing but does not invalidate the concentration story
**Surprise**: The 101 new drafts strengthened every thesis in the series. Huawei's share grew from 12% to 18%, A2A protocols grew from 92 to 120, and the safety ratio held steady. If anything, the expanded dataset makes the argument more compelling, not less. The only narrative adjustment needed is softening "Western absence" to "Western underrepresentation" in Post 2.
### 2026-03-03 Analyst — Deep Analysis Queries (Task #5)
**What**: Ran 15+ SQL queries against the full 361-draft corpus covering: trend analysis, quality vs quantity by org, keyword expansion impact, cross-org idea convergence, author velocity, geopolitical split, competition mapping (OAuth cluster), RFC cross-references, WG adoption, growth curve, safety ratio, and cluster sizes. Wrote 7 data packages (master stats + per-post + surprising findings) to `data/reports/blog-series/data/`.
**Why**: Blog posts need precise, updated numbers. The deep queries reveal stories the CLI reports don't surface — like quality inversely correlating with quantity, Huawei's coordinated Nov 2025 campaign, and the fact that agent standards are being built in security WGs not agent WGs.
**Result**:
- `data/reports/blog-series/data/00-master-stats.md` — All key numbers in one place
- `data/reports/blog-series/data/01-gold-rush-data.md` through `06-big-picture-data.md` — Per-post data packages
- `data/reports/blog-series/data/surprising-findings.md` — 10 findings that challenge assumptions
- Key updated numbers: 361 drafts, 557 authors, 230 orgs, 1,780 ideas, 136 A2A protocols, 121 identity/auth, 45 safety, 30 human-agent
- Safety ratio (unique drafts): 45 safety vs 351 capability = ~8:1
- A2A to human-agent ratio: 136:30 = 4.5:1
- Chinese 42% of drafts, Western 26%, Other 32%
- Quality leaders: Aiiva.org (4.42), AWS (4.38), Mozilla (3.81) — all low-volume
- Volume leaders: Huawei (57, composite 3.11), China Mobile (35, 3.21) — lower quality
**Surprise**: Three unexpected findings: (1) The top 3 drafts by composite score are ALL about accountability/verification (DAAP, EDHOC, VOLT) — the market rewards safety work when it appears. (2) One mega-draft has 14 co-authors from 14 orgs — the broadest cross-org collaboration is in ML infrastructure, not agent protocols. (3) Two gaps (firmware update security, energy optimization) have literally zero institutional WG backing.
**Cost**: Zero API calls — all SQL queries against local SQLite database.
### 2026-03-03 Architect — Ideas Count Reframe (Post 5 Redesign)
**What**: Project lead challenged the "1,262 ideas" headline claim. Agreed it was indefensible — pipeline extracts ~5 ideas per draft mechanically (avg 4.9), inflating the count. Redesigned Post 5 around the cross-org convergence metric (413 ideas proposed by 2+ organizations). Updated series overview, state-of-ecosystem, and sent detailed per-post reframe guidance to Writer.
**Why**: The raw extraction count sounds impressive but is hollow. "We extracted 1,780 ideas" invites the question "so what?" and the answer is "Claude averaged 5 per draft." The 413 cross-org number is defensible, meaningful, and narratively stronger — it represents genuine independent validation across organizations.
**Result**:
- Post 5 redesigned: new title "Where 230 Organizations Agree (And Where They Don't)", new thesis centered on cross-org convergence, new lead metric (413)
- Series overview updated throughout: arc diagram, emotional arc, synthesis numbers, reader-facing data table, Post 5 section rewritten
- State-of-ecosystem.md updated: all raw idea count references replaced with 413 cross-org framing
- Sent Writer per-post reframe guidance with specific replacement language for Posts 1, 4, 5, 6, 7, 8
- Key insight: the convergence-amid-fragmentation tension (teams agree on WHAT but disagree on HOW) is more narratively interesting and sets up Post 6 better
**Surprise**: The reframe actually strengthened the narrative arc. "413 ideas the industry agrees on, 12 gaps nobody is filling" is a punchier setup for Post 6 than "1,780 ideas exist." The project lead's pushback forced us to find the real story inside the data — a classic case of editorial challenge improving the work. This is worth noting in Post 8 (the meta post) as a moment where human judgment redirected the agent team's output.
### 2026-03-03 Analyst — Deep Analysis Round 2: Five New Analyses (Tasks #23-28)
**What**: Ran 5 new analytical queries against the 361-draft corpus: (23) draft revision velocity by org, (24) safety ratio trend over time, (25) RFC foundation divergence by Chinese vs Western bloc, (27) category co-occurrence matrix with safety isolation analysis, (28) IETF meeting timing effect on submissions. Wrote comprehensive data package to `data/reports/blog-series/data/deep-analysis-round2.md`.
**Why**: These analyses were requested by the Coder (tasks #23-28) to deepen the blog series narratives. Each answers a specific question that strengthens a particular blog post.
**Result**:
- **Revision velocity**: 55% of all drafts are at rev-00 (never iterated). Huawei: 65% fire-and-forget. Western orgs (Ericsson 11%, Siemens 0%, Sandelman 14%) iterate heavily. Volume vs commitment story.
- **Safety ratio trend**: NOT improving. Fluctuates 3.3:1 to 21:1 monthly. Safety grows linearly, capability grows exponentially. Worst during submission surges (12.4:1 in Oct 2025).
- **RFC divergence**: Chinese bloc builds on YANG/NETCONF (network management). Western bloc builds on COSE/CBOR/CoAP (IoT security) + HTTP/TLS/PKI (web). The ONLY shared foundation is OAuth 2.0. Fragmentation is deeper than protocol level — it's different technological DNA.
- **Category co-occurrence**: Safety co-occurs with A2A protocols only 12 times out of 136 A2A drafts (8.8%). Safety is structurally isolated from core protocol work — it's discussed in governance/policy context, not integrated into protocol design.
- **IETF meeting timing**: 51.5% of all drafts submitted in 4-week pre-meeting windows. Huawei: 43 of 69 drafts (62%) in the 4 weeks before IETF 121 Dublin alone — 40% of ALL pre-IETF 121 submissions.
**Surprise**: The RFC foundation divergence was the biggest revelation. I expected different protocol designs but SAME foundations. Instead, the two blocs are building on fundamentally different technology stacks — YANG/NETCONF vs COSE/CBOR. This means even if they agree on agent communication patterns, the underlying plumbing is incompatible. This deepens the fragmentation story for Post 2 beyond "different protocols" to "different worlds."
**Cost**: Zero API calls — all SQL queries against local SQLite database.
### 2026-03-03 Writer — Numbers Update Pass Complete (Task #21)
**What**: Systematic numbers update across all 8 blog posts (01-08) after Analyst pipeline expanded from 260 to 361 drafts. Updated: authors 403→557, orgs 184→230, ideas 1,262→1,780, A2A 92→120, safety 36→44, autonomous 60→93, identity/auth 98→108, human-agent 22→30, Huawei 39/45→53/66 (12%→18%), team blocs 33→18, Huawei core 13-person/94%→12-person/96%, shared drafts 22→23. Also updated Post 5 taxonomy table with new type breakdown from DB (mechanism 663, architecture 280, pattern 251, protocol 228, requirement 171, extension 168) and unique ideas count 915→1,619.
**Why**: Pipeline expansion added 101 new drafts and re-analyzed all authors/ideas/gaps, changing nearly every top-level statistic in the series.
**Result**: All 8 reader-facing posts now have consistent, accurate numbers. Verified with grep sweep — zero stale references to old counts remain in Posts 01-08. Internal/Architect documents (00-series-overview.md, state-of-ecosystem.md) left unchanged.
**Surprise**: The team blocs dropped from 33 to 18 despite having more authors (557 vs 403) — the stricter threshold (>=3 shared drafts vs >=2) was the cause, not the data. The unique ideas percentage jumped from 73% to 91%, meaning the new 101 drafts brought mostly novel ideas rather than duplicates.
### 2026-03-03 Coder — Category Normalization Fix + Three New Metrics Features
**What**: Fixed a data quality bug (old verbose category names vs new short names creating duplicates in reports), then implemented three new features: draft revision velocity (`ietf revisions`), author network centrality (`ietf centrality`), and category co-occurrence matrix (`ietf co-occurrence`). Each includes CLI command, report generator, and markdown report.
**Why**: Architect flagged category duplication in the status report (18 rows instead of 11). Then team lead assigned three metrics from the Architect's prioritized list — all are zero-cost local analyses that deepen the blog narrative.
**Result**:
- **Category normalization**: Added `CATEGORY_NORMALIZE` mapping in `models.py`, applied in `db.py` `_row_to_rating()` so all downstream consumers get clean canonical names. Status report fixed: 11 clean rows, correct merged counts.
- **`ietf revisions`**: 54.8% of all 361 drafts at rev-00. Huawei: 57% at -00, avg rev 1.04. Fire-and-forget orgs: Pengcheng Lab 90%, Five9 90%. Active iterators: Boeing avg 28.2, Sandelman 14.3, Siemens 17.2. Iterated drafts score slightly lower (3.31 vs 3.36) — older security plumbing vs novel agent work. Report at `data/reports/revisions.md`.
- **`ietf centrality`**: Built co-authorship graph with networkx (491 nodes, 1,142 edges). 64.9% of edges are cross-org. Telefonica's Luis M. Contreras is the #1 bridge-builder (BC=0.0351, 11 CN + 3 Western neighbors). Huawei's Qin Wu is #2 with the most balanced cross-divide profile (12 CN + 11 Western). 115 authors (23%) bridge the Chinese-Western divide. European telecoms are disproportionately bridges. Report at `data/reports/centrality.md`.
- **`ietf co-occurrence`**: 88.1% of drafts are multi-category. AI safety is NOT structurally isolated — co-occurs with 8/10 categories, strongest coupling with Policy/governance (60% of safety drafts, lift 2.3x) and Agent identity/auth (57.8%, lift 1.7x). Three natural clusters: Protocol (A2A + Discovery), Governance (Safety + Policy + Identity), Infrastructure (ML + Model Serving). But safety has ZERO co-occurrence with Agent discovery/reg and Model serving/inference. Report at `data/reports/co-occurrence.md`.
- 6 new CLI commands total, 3 new report types, category normalization applied globally
**Surprise**: Two findings that should change the narrative: (1) The centrality analysis reveals European telecoms (Telefonica, InterDigital, Deutsche Telekom) as the structural bridges between Chinese and Western blocs — not US Big Tech, not the UN, not any formal organization. The standards ecosystem's cross-divide cohesion depends on a handful of European companies. (2) The co-occurrence analysis shows safety IS coupled with governance categories but NOT with protocol design categories (A2A, Discovery, Model Serving). Safety is discussed as policy, not implemented as protocol. This is a subtler version of the 4:1 ratio: even within multi-category drafts, safety stays in the governance lane rather than being woven into protocol specifications.
**Cost**: Zero API calls. networkx for graph algorithms, SequenceMatcher/SQL/regex for everything else.
### 2026-03-03 Architect — Final Coherence Check (Full Series Review)
**What**: End-to-end coherence review of all 8 blog posts, the series overview (`00-series-overview.md`), and the state-of-ecosystem document. Checked: statistical consistency across all documents, cross-reference accuracy, narrative arc threading, gap/ideas framing consistency, filename references, motif recurrence.
**Why**: This is the quality gate before publication. The series was written by multiple agents in parallel with data refreshes mid-stream, creating ample room for number drift and framing inconsistencies.
**Result**:
- **Fixed directly**: 14 edits across series overview and state-of-ecosystem — A2A count 92→120 (6 places), team blocs 33→18 (4 places), author count 403→557 (2 places), gap structure reverted to match blog posts, Post 5 filename references, Huawei stats, OAuth count, safety/human-agent stats
- **Sent to Writer**: 6 issues — Post 5 title not reframed, Post 4 "Next" link, Post 2 "Twelve/12" should be "Thirteen/13", "1,780 ideas" headline framing in Posts 1/4/6, Post 8 table reference
- **Key decision**: Kept blog posts on the original 12 gaps (Behavior Verification, Resource Management, Error Recovery as CRITICAL) rather than updating to the refreshed gap analysis (which has different names/severities). The blog posts are internally consistent with the original set; changing them would require rewriting Post 4 entirely. The series overview now matches the blog posts, not the refreshed data.
- **Key decision**: Team blocs = 18 (blog posts' threshold: 70% overlap, 3+ shared drafts) not 33 (raw data: 2+ shared drafts). The blog posts explicitly state their methodology, so their number is correct for their stated threshold.
- **Open question**: "36x growth" claim (2→72/month). Data supports multiple baselines giving 17x, 36x, or 43x. The 36x is defensible (2→72) but flagged for team-lead decision.
**Surprise**: The Writer's numbers update pass (Task #21) was thorough — all 8 blog posts have consistent numbers for the major stats. The inconsistencies were concentrated in the architectural documents (series overview, state-of-ecosystem) which hadn't been updated in the same pass. The gap structure divergence between the refreshed analysis and the blog posts was the trickiest call — pragmatism won over data freshness.
### 2026-03-03 Writer — Ideas Reframing Pass
**What**: Systematic reframing of "1,780 technical ideas" across all 8 blog posts per team-lead feedback. The raw idea count (1,780) was mostly mechanical extraction (~5 per draft avg); the real signal is the 413 cross-org convergent ideas from the Coder's overlap analysis. Changes: (1) Post 5 title changed from "The 1,780 Ideas..." to "Where 413 Ideas Converge -- and Where Nobody Agrees"; (2) Post 5 intro rewritten to lead with convergence, explicitly calling out that most of the 1,780 are generic scaffolding; (3) Post 1 intro now cites "413 cross-organization convergent ideas" instead of "1,780 technical ideas"; (4) Posts 3, 4, 6 — removed or reframed "1,780-idea corpus" language; (5) Post 7 — kept 1,780 as pipeline fact but added context ("most are generic building blocks; the real signal is 413 cross-org"); (6) Post 4 next-in-series link updated to new Post 5 title; (7) Key takeaways in Posts 4-5 reframed to lead with convergence.
**Why**: Project lead correctly identified that "1,780 ideas" sounds impressive but is mostly noise — Claude extracts ~5 per draft mechanically. The 413 cross-org figure is the genuine insight.
**Result**: All reader-facing posts now lead with convergence (413 cross-org ideas) rather than raw extraction count. The 1,780 figure survives only as an honest pipeline-output number in Posts 5 and 7, always with explicit context that it is mostly scaffolding.
**Surprise**: The reframe actually improved the series. "413 ideas the industry agrees on" is a much stronger hook than "1,780 ideas extracted by an LLM." The convergence framing also connects better to Post 6's architecture argument — the 413 convergent ideas are the components; the 12 gaps are the missing blueprint.
### 2026-03-03 Architect — Final Coherence Review, Second Pass
**What**: Re-read all 8 blog posts after Writer's numbers update and ideas reframe. Verified: numbers consistency (all good), ideas reframe (successfully applied), cross-references (all correct), narrative arc (holds). Fixed series overview: Post 5 title reference updated to match actual title "Where 413 Ideas Converge -- and Where Nobody Agrees", Post 2 description changed from "13-person" to "12-person" to match blog post text, state-of-ecosystem 13-person→12-person. Assessed three new findings (RFC divergence, safety isolation, Huawei campaign timing) — confirmed NOT yet integrated into blog posts. Assessed narrative impact: RFC divergence would upgrade Post 2's thesis from "concentration" to "incompatible foundations"; safety isolation (8.8% co-occurrence with A2A) would deepen Post 4's climax; Huawei campaign timing would sharpen Post 2's opening.
**Why**: Team-lead requested final review before publication. Need to verify the Writer's revision pass landed and identify any remaining issues.
**Result**: Series is coherent and internally consistent. Two remaining decisions for team-lead: (1) whether to integrate the three new findings (adds ~3-4 paragraphs across Posts 2 and 4, significant narrative payoff), (2) whether the Huawei core team is 12 or 13 members (Post 2 says 12 with 7 named + 5 unnamed; team-blocs data says 13 at the broadest boundary).
**Surprise**: The Writer's reframe of Post 5 is elegant. "Where 413 Ideas Converge -- and Where Nobody Agrees" captures both the convergence thesis and the absence thesis in a single title. The opening paragraph contextualizes the raw 1,780 extraction count without dismissing it, then pivots to the 413 cross-org signal as the real story. This is better than what I designed in the series overview.
### 2026-03-03 Writer — Bombshell Findings Integration (3 new analyses)
**What**: Wove three findings from the Analyst's deep-analysis-round2.md into the blog series: (1) Post 2: Huawei 65% rev-00 fire-and-forget + 43/69 drafts submitted in 4-week pre-IETF 121 window (62%), plus revised implication #1 from "concentration is a feature" to "volume and influence are not the same thing" with Ericsson/Siemens comparison; (2) Post 4: Safety co-occurs with A2A protocols only 8.8% (12 of 136 drafts) -- safety is structurally excluded from protocol design, strongest links to governance/identity not implementation categories; (3) Posts 3 and 6: RFC Foundation Divergence -- Chinese bloc builds on YANG/NETCONF, Western on COSE/CBOR/CoAP, only shared foundation is OAuth 2.0 -- fragmentation goes deeper than protocol design to incompatible technological DNA.
**Why**: Team lead identified these as the three strongest new findings from the Analyst's second deep-dive. Each one significantly strengthens the thesis of its target post.
**Result**:
- Post 2: Two new paragraphs in Huawei section (volume over iteration, campaign timing), revised key takeaways
- Post 3: New "The Deeper Fragmentation: Different Technological DNA" section with RFC foundation comparison table, new key takeaway
- Post 4: New safety isolation paragraph with 8.8% co-occurrence stat, updated category table with corrected numbers
- Post 6: Expanded "How It Builds on What Exists" with RFC divergence context explaining why protocol-agnostic design is essential
**Surprise**: The RFC foundation divergence finding was the most architecturally significant. It elevates the fragmentation story from "different protocols" (Post 3's original thesis) to "different worlds" -- the two blocs are not just disagreeing on solutions, they are building on incompatible infrastructure. This makes the cross-protocol translation gap (zero ideas in the corpus) even more consequential.
### 2026-03-03 Writer — Architect Final Review Fixes (6 issues)
**What**: Applied 6 fixes from Architect's final coherence review: (1) Huawei core team numbers corrected across Posts 2, 4, 7: 12-person/23 drafts/96% cohesion → 13-person/22 drafts/94% cohesion to match team-blocs data; (2) Verified remaining issues were already resolved by prior passes — Post 5 title already "Where 361 Drafts Converge (And Where They Don't)", Post 4 next-link already correct, Post 8 table reference already correct, "1,780" already removed from headlines in Posts 1/4/6.
**Why**: Last editing pass before publication. Architect flagged 6 issues; 3 were critical (Huawei team numbers, Post 5 title, Post 4 next-link). Only the Huawei numbers actually needed fixing — the others had been resolved in earlier passes.
**Result**: All 6 issues resolved. Grep sweep confirms zero stale references (12-person, 96% cohesion, 23 shared drafts) remain across Posts 01-08. Series is publication-ready.
### 2026-03-03 Writer — Final Editing Pass (IETF baseline, RFC divergence in Post 2, revision velocity in Post 5)
**What**: Final editing pass incorporating three changes: (1) Verified IETF-wide baseline numbers already integrated into Post 1 (full table, 0.5% to 9.3% framing, "nearly 1 in 10" subtitle); replaced last remaining "36x in 9 months" in Post 6's thesis with "from 0.5% to 9.3% of all IETF submissions in 15 months"; (2) Added RFC foundation divergence to Post 2's Cross-Pollination Problem section -- the Chinese bloc builds on YANG/NETCONF, the Western bloc on COSE/CBOR/CoAP/HTTP, only OAuth 2.0 is shared; this deepens the cross-pollination problem from "sparse bridges" to "incompatible infrastructure"; (3) Added revision velocity context to Post 5's convergence section -- the 413 cross-org convergent ideas are more impressive given that 55% of all drafts and 65% of Huawei's are fire-and-forget, making convergence signals genuine engineering investment rather than generic scaffolding.
**Why**: Team-lead's final editing pass. The IETF baseline is more defensible and more striking than "36x". The RFC divergence in Post 2 was the Architect's #1 priority. The revision velocity in Post 5 adds weight to the convergence finding.
**Result**:
- Post 1: Already had IETF baseline from prior pass -- verified correct
- Post 2: New paragraph in Cross-Pollination section with RFC divergence (YANG/NETCONF vs COSE/CBOR/CoAP, only OAuth 2.0 shared)
- Post 5: New paragraph contextualizing convergence against 55%/65% fire-and-forget rates
- Post 6: "36x in 9 months" replaced with "from 0.5% to 9.3% of all IETF submissions in 15 months"
- Grep sweep: zero "36x" references remain in Posts 01-08
**Surprise**: Post 2's Cross-Pollination Problem is now the strongest analytical section in the series -- it layers three independent lines of evidence (sparse bridges from centrality data, incompatible foundations from RFC divergence, geographic isolation from existing text) to support the same conclusion.
### 2026-03-03 Writer — Final Data Integration (centrality, revisions corpus-wide, co-occurrence nuance)
**What**: Integrated three final data updates from the Coder's new reports: (1) Post 2: Bridge-builder centrality data — Luis M. Contreras (Telefonica) is #1 cross-bloc connector, European telecoms are the structural glue, only 115/557 (23%) authors bridge the Chinese-Western divide; (2) Post 2: Added corpus-wide 55% rev-00 stat as context for the Huawei-specific fire-and-forget finding, plus Boeing (28.2), Siemens (17.2), Sandelman (14.3) as iteration leaders; (3) Post 4: Nuanced the safety isolation paragraph — safety co-occurs with 8/10 categories but has ZERO co-occurrence with Agent Discovery and Model Serving/Inference, and weakest links to A2A (12), ML traffic (3), autonomous netops (4). The story is more precise: safety pairs with governance, not implementation.
**Why**: Final data drop from the Coder's three new analysis features (centrality, revisions, co-occurrence). Each finding adds precision and narrative weight to its target post.
**Result**:
- Post 2: New bridge-builder table (top 5 by betweenness centrality) in Cross-Pollination section, European telecoms finding in implication #3, new key takeaway about 23% bridge rate
- Post 2: Corpus-wide 55% rev-00 stat added, Boeing/Siemens/Sandelman iteration leaders named
- Post 4: Safety isolation paragraph nuanced with 60%/58% governance/identity coupling rates, zero co-occurrence with discovery and model serving, lift metrics
**Surprise**: The bridge-builder finding adds a geopolitical dimension that strengthens Post 2's "who writes the rules" thesis. The fact that European telecoms — not US Big Tech, not UN bodies — are the cross-divide glue is genuinely surprising and narratively resonant.
### 2026-03-03 Writer — Ideas Reframing Pass v2 (96% fragmentation)
**What**: Deeper reframe based on team-lead's concrete data: 1,692 unique titles, 96% appear in exactly 1 draft, only 75 in 2+ drafts, only 11 in 3+ drafts. The 413 cross-org number uses fuzzy matching (SequenceMatcher 0.75), not exact titles. Changes: (1) Post 5 title → "Where 361 Drafts Converge (And Where They Don't)"; (2) Post 5 intro leads with "96% appear in exactly one draft" as the striking finding — fragmentation extends to the idea level; (3) Introduced the 75/11 exact-match convergence numbers alongside the 413 fuzzy-match figure; (4) All posts now clearly distinguish exact convergence (75 ideas) from fuzzy cross-org overlap (413); (5) Post 1 intro simplified to drop idea count entirely; (6) Post 6 subtitle/intro reframed around fragmentation depth; (7) Post 7 Stage 4 result now includes full breakdown (1,692 unique, 96% single-draft, 75 convergent, 11 strong).
**Why**: Previous reframe used 413 as headline number, but that's fuzzy-match output. The real story is starker: 96% of extracted components are islands. This reinforces the series thesis — fragmentation goes all the way down.
**Result**: All 8 posts updated. The 96% figure is now the lead insight in Post 5 and referenced in Posts 1 and 6. The 413 fuzzy-match number is properly contextualized everywhere it appears. The 75 exact-match convergence number is the honest middle ground.
**Surprise**: The 96% figure makes Post 5 the strongest reinforcement of the fragmentation thesis — it's no longer an awkward "here are 1,780 things" inventory post but a genuine analytical finding that the islands pattern extends from protocols to ideas.
### 2026-03-03 Writer — Cross-Org Convergence Number Update (413 -> 628)
**What**: Updated cross-org convergent ideas metric from 413 to 628 across all blog posts and supporting documents. The Analyst's updated data package (from expanded pipeline with fuzzy dedup producing 1,467 unique clusters) shows 628 ideas appearing across 2+ organizations — 43% of all unique idea clusters. Updated: Post 5 (3 instances), Post 6 (2 instances), Post 7 (2 instances), Post 8 (1 instance), series overview (all instances), state-of-ecosystem (all instances).
**Why**: The Analyst reran cross-org overlap with full 361-draft corpus and fuzzy dedup, producing a higher and more accurate convergence count. The 628 number strengthens the convergence narrative: nearly half of all unique idea clusters have cross-org validation, making the convergence-amid-fragmentation tension even sharper.
**Result**: Zero instances of "413" remain in any blog series file. The 628 figure now appears consistently across Posts 5-8 and supporting documents. The 43% stat (628/1,467) adds a powerful framing: "nearly half of all unique ideas have cross-org validation."
**Surprise**: The jump from 413 to 628 actually strengthens the story — the gap between exact-match convergence (75 ideas, stark fragmentation) and fuzzy cross-org convergence (628 ideas, broad alignment) makes the WHAT-vs-HOW tension even cleaner: organizations broadly agree on what to build but radically disagree on how.
### 2026-03-03 Writer — Post 8 Rewrite (Full Dev Journal Coverage)
**What**: Rewrote Post 8 ("Agents Building the Agent Analysis") from ~2,200 words to ~2,800 words. The original draft covered only Phases 1-4 (through the first review). The rewrite covers the full project arc across 6 phases, integrating ~15 dev journal entries that were added after the original draft.
**Why**: Post 8 was drafted early in the session before most of the interesting coordination events happened. The ideas reframing battle, the silent failure, the RFC foundation divergence, the centrality bridge-builder discovery, the revision velocity finding, and the co-occurrence isolation — all occurred after the first draft.
**Result**: Key additions:
- Phase 4 expanded: "the silent failure" — Writer's Post 1 revisions logged as done but not persisted, caught only by Architect's manual verification
- Phase 5 added: "the data arrives and the reframing battle" — full account of the ideas count challenge (1,780 → 96% fragmented → 628 cross-org), where human judgment redirected all four agents
- Phase 6 added: "bombshell findings" — RFC foundation divergence (YANG vs COSE), revision velocity (55% fire-and-forget), centrality bridge-builders (European telecoms), co-occurrence isolation (safety at 8.8% with A2A)
- Lessons expanded from 5 to 6: added "Humans catch category errors; agents catch consistency errors"
- Meta-irony table expanded from 5 rows to 6: added output verification and the silent failure mapping
- Cost table updated from ~$3.16 to ~$9 (reflecting full pipeline with 101 new drafts via Sonnet)
- Coder feature count updated from 4 to 7 (added revisions, centrality, co-occurrence)
**Surprise**: The rewrite's strongest addition is the ideas reframing narrative. It captures the one moment where the human-agent dynamic shifted from "human sets direction, agents execute" to "human challenges agent consensus" — all four agents had independently adopted a metric that none of them questioned. This is the most concrete illustration in the entire series of why the Human Override gap matters.
### 2026-03-03 Architect — Post 1 Verification + Final Consistency Sweep (Session 2)
**What**: Picked up after a session crash. Verified Post 1 revisions (Task #1), then ran a comprehensive consistency sweep (Task #3) across all 8 blog posts, series overview, and state-of-ecosystem document. Checked: all key numbers (361/557/230/628/13 core/18 blocs/14 OAuth/120 A2A/44 safety/30 human-agent), cross-references, gap naming, title consistency, no stale "36x" claims in reader-facing content.
**Why**: The previous session's crash left work in an uncertain state. The Architect had flagged Post 1 revisions as not persisting, so verification was essential. The consistency sweep is the final quality gate before publication.
**Result**:
- **Post 1**: All flagged revisions confirmed present (geopolitics condensed, keyword expansion noted, cascade scenario added, ending lightened, numbers updated, ideas reframed). The later Writer passes (numbers update, ideas reframing v2) re-applied the changes that were lost earlier.
- **9 fixes applied** across 3 documents:
- `00-series-overview.md`: Huawei core 12-person/23/96% -> 13-person/22/94% (line 88), Huawei 12-person -> 13-person (line 292), OAuth 13 -> 14 (line 243), Post 5 title updated to match actual title "Where 361 Drafts Converge (And Where They Don't)" (2 places), "36x" in reader-facing Part B replaced with "0.5% to 9.3%" framing (2 places)
- `state-of-ecosystem.md`: Huawei 12-person/23/96% -> 13-person/22/94%, human oversight 22 -> 30 drafts, OAuth 13 -> 14
- `04-what-nobody-builds.md`: identity/auth 98 -> 108
- **All reader-facing blog posts (01-08)** verified consistent on all key numbers
- **No stale "36x"** in any blog post or reader-facing content (only remains in internal Part A of series overview)
- **No stale "413"** anywhere
- **No stale "1,262"** in any headline position
**Surprise**: The inconsistencies were all in the architectural/support documents (series overview, state-of-ecosystem), not in the blog posts themselves. The Writer's systematic numbers-update pass on Posts 01-08 was thorough, but the support documents were updated piecemeal by multiple agents and accumulated drift. Lesson: when a numbers refresh happens, ALL documents need the same pass — not just the primary deliverables.
### 2026-03-03 Writer — Final Editorial Polish (All 8 Posts)
**What**: Final editorial polish pass across all 8 blog posts, series overview, and supporting documents. Systematic check of: opening hooks, Key Takeaways boxes, next-post teasers, data table consistency, cost figures, number alignment, cross-references, closing attributions, and artifacts from multiple editing passes.
**Why**: Task #4 — the last quality gate before publication. Six revision passes by different agents left the series with small inconsistencies that needed catching.
**Result**: 8 fixes applied:
- Post 7: Cost table corrected — 101 new drafts were analyzed with Sonnet (~$5.50), not Haiku (~$0.16). Total updated from $3.16 to ~$9. Subtitle and Key Takeaways updated to match.
- Post 7: Added "Next in this series" teaser linking to Post 8 — was the only post missing one.
- Post 2: Key Takeaways — removed percentage (62%) that was inconsistent with the 66-draft denominator, replaced with absolute count (43 drafts).
- Post 5: "Next in this series" teaser updated from "75 convergent ideas" to "628 cross-org convergent ideas" to match the series' primary convergence metric.
- Post 6: Subtitle updated from "75 convergent ideas" to "628 cross-org convergent ideas" for consistency.
- Post 6: Closing attribution removed internal file path reference that wouldn't make sense to external readers.
- Post 8: Softened Huawei draft count reference (69 → general) to avoid conflict with 66 used everywhere else.
- Series overview: Analysis cost $8.66 → ~$9 to match blog posts.
- Verified: all 8 posts have Key Takeaways boxes, all 7 non-final posts have "Next in this series" teasers, all posts have closing attributions, no stale numbers remain in reader-facing content.
**Surprise**: The Post 7 cost table was the most significant error — it showed the 101-draft analysis as Haiku at $0.16 when the Analyst's dev journal clearly documented using Sonnet at ~$5-6. This discrepancy was introduced by the Coder (who wrote Post 7) and survived two Architect review passes. The cost section is the least scrutinized part of a methodology post — a reminder that factual accuracy requires verifying numbers against source data, not just checking narrative flow.
### 2026-03-03 Planner — 3-Sprint Roadmap
**What**: Designed a 3-sprint plan covering Publication & Outreach (Sprint 1), arXiv Paper Update (Sprint 2), and Open-Source Release (Sprint 3). Read all key project artifacts: team prompt, dev journal, CLAUDE.md, arXiv paper (13 pages), CLI source (1,643 lines), pyproject.toml, and blog series word counts.
**Why**: The blog series is nearly publication-ready, the pipeline is complete, and 7 new features were built — but no work had been published, the paper is frozen at 260 drafts, and the tool isn't packaged for others. Needed a concrete roadmap to turn internal assets into external impact.
**Result**: `data/reports/sprint-plan.md` — 3 sprints, 17 tasks total:
- **Sprint 1** (3-5 days): 5 tasks. Finish editorial polish, choose platform, publish Post 1, social media/IETF outreach, fetch IETF 122 drafts, commit v0.3.0. Key insight: the data pipeline and blog numbers update are ALREADY DONE (reflected in the plan).
- **Sprint 2** (5-7 days): 6 tasks. Process new drafts, generate paper figures, update paper text (260->361+), add 1-2 new analysis sections (cross-org convergence, team blocs), submit to arXiv, continue blog publication.
- **Sprint 3** (7-10 days): 7 tasks. Tests (pytest, >=70% coverage), CI/CD (GitHub Actions), code cleanup (config portability, error handling, version bump), README rewrite, LICENSE (MIT), PyPI package, public repo setup.
- Includes cross-sprint dependency diagram, parallelization plan, risk register, and value-delivery timeline.
**Surprise**: The biggest planning insight was realizing Sprint 1 is much lighter than expected — the agent team already completed Tasks 1.1-1.3 from the original plan (pipeline, reports, blog numbers). Sprint 1 is now purely about publication and outreach, which means the blog could be live within 2-3 days. The bottleneck isn't data or writing — it's the publication platform decision.
### 2026-03-03 Team Lead — Session 2 Wrap-Up + Sprint Decisions
**What**: Recovered from a session crash and ran a 4-agent team (Architect, Writer, Planner + Team Lead) to finish the blog series and plan next steps. All 5 tasks completed: Post 1 verified, Post 8 expanded, consistency sweep (9 fixes), editorial polish (8 fixes), sprint plan written.
**Why**: Previous session crashed mid-work. Needed to verify nothing was lost, finish remaining polish, and plan the path from "blog series done" to "published, cited, and open-sourced."
**Result**:
- Blog series: **publication-ready** (8 posts, ~23K words, all numbers verified, all posts polished)
- Sprint plan: 3 sprints, 17 tasks at `data/reports/sprint-plan.md`
- Decisions made: **GitHub Pages** for publication, **staggered 1/day** cadence, **MIT license**
- Agent utilization: Architect (2 tasks, shut down), Writer (2 tasks, shut down), Planner (1 task, shut down)
**Surprise**: The crash recovery was seamless — the dev journal served exactly its intended purpose. Every agent could read the journal and understand the full state without any human explanation. The journal-as-coordination-mechanism is the strongest vindication of the CLAUDE.md journaling requirement. This should feature prominently in Post 8.

138
data/reports/draft-family-consistency.md Normal file
View File

@@ -0,0 +1,138 @@
# Draft Family Consistency Guide
*Lead artifact — governs ATD, HITL, AEPB, APAE. Updated at -01.*
---
## 1. Canonical Term Table
Every term that appears in more than one draft. The **Authoritative Draft** column is
where the definitive definition lives; all others MUST reference it normatively.
| Term | Definition | Auth. Draft | Also used in |
|------|-----------|-------------|-------------|
| **Agent** | Autonomous software entity performing tasks, making decisions, communicating with peers or humans. | AEM §3 | ATD, HITL, AEPB, APAE |
| **Task** | Discrete unit of work performed by one agent, recorded as a single ECT node. | AEM §3 | ATD, HITL |
| **Workflow** | Set of tasks linked by dependencies, forming a DAG. Identified by ECT `wid` claim. | AEM §3 | ATD, AEPB |
| **DAG** | Directed acyclic graph of ECT parent references (`par` claims). Execution graph AND delegation graph (ACP-DAG-HITL). | AEM §3 | ATD, HITL, AEPB, APAE |
| **Checkpoint** | ECT node recording agent state before a consequential action, enabling rollback. | AEM §3 / ATD §4 | APAE |
| **HITL Point** | Position in workflow where human intervention is required or available. | AEM §3 | ATD, HITL |
| **Override** | Human-initiated command altering agent autonomous operation, taking precedence over agent decisions. | AEM §3 / HITL §3 | ATD |
| **Trust Score** | Float in [0.0, 1.0] representing assessed reliability of one agent by another. AIMD update model. | AEM §3 / APAE §4 | ATD (constraint), AEPB |
| **Protocol Binding** | Mapping between ecosystem semantics and a specific A2A communication protocol. | AEM §3 / AEPB §1 | ATD, HITL |
| **Assurance Level** | Degree of cryptographic/audit protection on ECTs: L1 (unsigned), L2 (signed JWT), L3 (signed + ledger). | AEM §3 (via ECT) | HITL, AEPB, APAE |
| **Assurance Profile** | Named configuration selecting which trust/verification/provenance mechanisms are required. | APAE §7 | AEM, AEPB |
| **Blast Radius** | Set of agents and systems affected by a single failure. | ATD §3 | — |
| **Circuit Breaker** | Mechanism preventing cascading failures by stopping requests to a failing downstream. | ATD §3/§6 | — |
| **Rollback** | Process of reverting agent actions and state to a prior checkpoint. | ATD §3/§7 | APAE |
| **Operator** | Human user authorized to issue override commands. | HITL §3 | APAE |
| **Approval Gate** | DAG node blocking workflow until human approves. | HITL §3/§8 | AEM |
| **Translation Gateway** | Service converting messages between two agent protocols; records each hop as ECT node. | AEPB §3/§6 | AEM |
| **Capability Document** | JSON object describing protocols an agent supports, served at `/.well-known/aepb`. | AEPB §3/§4 | — |
| **Trust Event** | Interaction outcome causing trust score adjustment; derived from ECTs. | APAE §3/§4 | — |
| **Behavior Specification** | Machine-readable declaration of permitted agent actions and constraints. | APAE §3/§5 | — |
| **Provenance Chain** | Sequence of ECT nodes recording how data was produced, transformed, consumed. | APAE §3/§6 | AEM |
| **Lifecycle State** | One of: `active`, `deprecated`, `draining`, `retired`. | AEPB §7 | — |
---
## 2. ECT Extension Namespace Table
All `ext` claim prefixes used across the family. Each companion draft owns one namespace.
AEM §4 (How ECT Extensions Work) is the authoritative cross-reference table.
| Namespace | Owner | Example claims |
|-----------|-------|----------------|
| `atd.*` | ATD | `atd.reversible`, `atd.severity`, `atd.circuit_state`, `atd.rollback_uri`, `atd.ttl`, `atd.resource_cpu`, `atd.resource_memory_mb` |
| `hitl.*` | HITL | `hitl.level`, `hitl.operator_id`, `hitl.prior_state`, `hitl.scope`, `hitl.constraints`, `hitl.ttl`, `hitl.reason` |
| `aepb.*` | AEPB | `aepb.source_protocol`, `aepb.dest_protocol`, `aepb.gateway_id`, `aepb.translation_warnings`, `aepb.agent_version` |
| `apae.*` | APAE | `apae.trust_score`, `apae.confidence`, `apae.hops`, `apae.subject`, `apae.compliance_status`, `apae.data_source`, `apae.data_classification` |
**Rule**: No draft may use another draft's `ext` namespace prefix without a normative
cross-reference to that draft.
---
## 3. ACP-DAG-HITL Constraint Namespace Table
All `constraints` field names used in ACP-DAG-HITL DAG node policies.
| Namespace | Owner | Example fields |
|-----------|-------|----------------|
| `atd.*` | ATD | `atd.checkpoint_policy`, `atd.circuit_threshold`, `atd.circuit_window_s`, `atd.resource_cpu`, `atd.resource_memory_mb`, `atd.resource_timeout_s`, `atd.resource_priority` |
| `hitl.*` | HITL | `hitl.required_role`, `hitl.timeout_s`, `hitl.timeout_action` (via ACP-DAG-HITL natively) |
| `aepb.*` | AEPB | `aepb.allowed_source_protocols`, `aepb.allowed_dest_protocols`, `aepb.max_translation_hops` |
| `apae.*` | APAE | `apae.min_trust`, `apae.min_confidence`, `apae.assurance_profile` |
---
## 4. `exec_act` Value Registry (Family)
All `exec_act` values registered or requested by drafts in this family.
IANA registry requested by AEM; each companion draft populates it.
| Value | Owner | Meaning |
|-------|-------|---------|
| `atd:checkpoint` | ATD | State snapshot before consequential action |
| `atd:error` | ATD | Error signal with severity and type |
| `atd:circuit_open` | ATD | Circuit breaker opened |
| `atd:circuit_close` | ATD | Circuit breaker returned to CLOSED |
| `atd:rollback_request` | ATD | Initiate rollback to checkpoint |
| `atd:rollback_result` | ATD | Result of rollback attempt |
| `atd:workflow_start` | ATD | Workflow began execution |
| `atd:workflow_complete` | ATD | Workflow reached terminal state |
| `hitl:override` | HITL | Human override command |
| `hitl:ack` | HITL | Agent acknowledgment of override |
| `hitl:resume` | HITL | Resume from PAUSE |
| `hitl:lift` | HITL | Lift any active override |
| `hitl:approval_request` | HITL | Workflow blocked at approval gate |
| `hitl:approval_granted` | HITL | Human approved continuation |
| `hitl:approval_denied` | HITL | Human denied continuation |
| `aepb:translate` | AEPB | Protocol translation hop |
| `aepb:translate_error` | AEPB | Translation failed |
| `aepb:shutdown` | AEPB | Agent completed graceful shutdown |
| `aepb:lifecycle_change` | AEPB | Agent lifecycle state transition |
| `apae:trust_assertion` | APAE | Sharing trust score for a peer |
| `apae:trust_revoke` | APAE | Revoking delegations due to low trust |
| `apae:compliance_check` | APAE | Behavior verification result |
| `apae:quarantine` | APAE | Agent quarantined (trust below floor) |
---
## 5. Cross-Reference Rules
Which drafts MUST cite which others, and for what claims.
| Draft | MUST normatively cite | For what |
|-------|----------------------|---------|
| ATD | AEM | Terminology (agent, task, workflow, DAG, assurance level) |
| ATD | ECT (I-D.nennemann-wimse-ect) | Token format, DAG structure, `exec_act` registry |
| ATD | ACP-DAG-HITL (I-D.nennemann-agent-dag-hitl-safety) | Policy layer, HITL escalation |
| ATD | HITL (this family) | HITL escalation on irreversible error/failed rollback |
| HITL | AEM | Terminology |
| HITL | ECT | Override/ack as ECT nodes |
| HITL | ACP-DAG-HITL | Trigger conditions, required roles, decision records |
| AEPB | AEM | Terminology, layered architecture |
| AEPB | ECT | Translation ECT format, `Execution-Context` header |
| AEPB | ACP-DAG-HITL | Protocol constraints as node constraints |
| AEPB | HITL (this family) | HITL callback routing through protocol bindings |
| APAE | AEM | Assurance levels (L1/L2/L3), assurance profiles |
| APAE | ECT | Trust events from ECT outcomes, audit ledger at L3 |
| APAE | ACP-DAG-HITL | Trust thresholds and profile as node constraints |
| APAE | ATD | Checkpoint requirement in profiles; rollback as trust event |
| APAE | HITL (this family) | HITL requirement in Standard/Regulated profiles |
---
## 6. Inconsistencies Found in -00 Drafts
Issues identified during review; fixed in -01 versions.
| # | Issue | Location | Fix in -01 |
|---|-------|----------|-----------|
| 1 | AEM §3 defines "Assurance Level" as "Defined by ECT" but does not list L1/L2/L3 inline; APAE §7 table is the clearest definition. | AEM -00 §3 | AEM -01 §3 adds inline L1/L2/L3 table. |
| 2 | ATD uses `atd.severity` levels (info/warning/error/critical) in §4 but no other draft references these values; they need to be in the canonical table. | ATD -00 §4 | Added to §4 normative list; noted in this guide. |
| 3 | HITL defines 4 override levels (PAUSE/CONSTRAIN/STOP/TAKEOVER) but AEM §4 table only calls them "HITL" without distinguishing levels. | AEM -00, HITL -00 | AEM -01 adds override level reference; HITL -01 adds an L0-L3 HITL intensity table to complement override levels. |
| 4 | AEPB well-known URI is `/.well-known/aepb` but HITL uses `/.well-known/hitl/...` — two different sub-path patterns. Fine, but should be noted for implementors. | AEPB -00, HITL -00 | Both -01s add a note about the well-known URI structure. |
| 5 | APAE references `apae.peer_trust_score` in a HITL rule (§4.5) but the term `peer_trust_score` is not defined as an `ext` claim elsewhere. | APAE -00 §4.5 | APAE -01 clarifies this is a runtime context value derived from the trust table, not an ECT claim. |
| 6 | ATD rollback endpoint is `POST /atd/rollback` (not a well-known URI), while HITL uses well-known URIs. Inconsistency in endpoint naming convention. | ATD -00 §7, HITL -00 §5 | ATD -01 updates rollback endpoint to `/.well-known/atd/rollback` for consistency. |
| 7 | No draft defines a `wf_id` / `wid` claim format. AEM mentions `wid` from ECT but ECT draft details need to be normatively cited. | AEM -00 §3 | All -01s add normative reference to ECT for `wid`. |

679
data/reports/gaps.md
View File

@@ -1,80 +1,629 @@
# Gap Analysis: IETF AI/Agent Draft Landscape
*Generated 2026-02-28 12:14 UTC — analyzing 260 drafts*
*Generated 2026-03-03 19:58 UTC — analyzing 361 drafts, 1780 technical ideas*
### 1. Agent Resource Management
**Severity:** CRITICAL
**Category:** autonomous netops
**Description:** No comprehensive framework for managing computational resources, memory, and processing power across distributed AI agents. Current drafts focus on communication but ignore how agents compete for and share limited resources in multi-agent environments.
**Evidence:** Real deployments will face resource contention, but no drafts address scheduling, quotas, or fair allocation mechanisms
## Overview
### 2. Agent Behavior Verification
**Severity:** CRITICAL
**Category:** AI safety/alignment
**Description:** No mechanisms to verify that deployed agents actually behave according to their declared policies or specifications. Gap between stated capabilities and runtime behavior validation.
**Evidence:** Only 36 safety drafts vs 260 total, and no mention of runtime behavior verification in technical ideas
This report identifies **12 gaps** — areas, problems, or technical challenges not adequately addressed by the current 361 IETF AI/agent drafts. Each gap is cross-referenced with related drafts and extracted technical ideas to show partial coverage.
### 3. Agent Error Recovery and Rollback
**Severity:** CRITICAL
**Category:** autonomous netops
**Description:** Missing standards for how agents handle and recover from errors, particularly cascading failures across agent networks. No rollback mechanisms for autonomous decisions gone wrong.
**Evidence:** Autonomous operations imply unsupervised decisions, but no error recovery mechanisms identified
| Severity | Count |
|----------|------:|
| **CRITICAL** | 3 |
| **HIGH** | 6 |
| **MEDIUM** | 3 |
### 4. Cross-Protocol Translation
**Severity:** HIGH
**Category:** A2A protocols
**Description:** With 92 A2A protocol drafts and high overlap, there's no standard way for agents using different communication protocols to interoperate. Missing universal translation layer or protocol negotiation mechanism.
**Evidence:** Multiple competing A2A protocols with no interoperability framework suggests fragmentation problem
### Safety Deficit
### 5. Agent Lifecycle Management
**Severity:** HIGH
**Category:** agent discovery/reg
**Description:** Missing standards for agent deployment, versioning, updates, and retirement. No clear protocols for how agents evolve or get replaced without disrupting dependent services.
**Evidence:** Registration covered but no mention of versioning, updates, or graceful shutdown procedures
Only **44** of 361 drafts address AI safety/alignment, while **120** focus on A2A protocols and **93** on autonomous operations. The ratio of capability-building to safety is roughly **4:1**.
### 6. Multi-Agent Consensus Mechanisms
**Severity:** HIGH
**Category:** A2A protocols
**Description:** No frameworks for how groups of AI agents reach consensus on conflicting decisions or priorities. Critical for autonomous systems that must coordinate without human intervention.
**Evidence:** Autonomous netops requires coordination but no consensus mechanisms appear in technical ideas list
---
### 7. Human Override and Intervention
**Severity:** HIGH
**Category:** human-agent interaction
**Description:** Only 22 human-agent interaction drafts but no clear emergency override protocols. Missing standardized ways for humans to intervene in autonomous agent operations during critical situations.
**Evidence:** Disproportionately low human interaction focus (22 drafts) compared to autonomous operations (60 drafts)
## 1. Agent Behavior Verification
### 8. Cross-Domain Security Boundaries
**Severity:** HIGH
**Category:** agent identity/auth
**Description:** While identity management exists, missing frameworks for agents operating across security domains with different trust levels. No clear isolation or privilege escalation prevention.
**Evidence:** Cross-domain identity mentioned but no corresponding security boundary enforcement mechanisms
| | |
|---|---|
| **Severity** | CRITICAL |
| **Category** | AI safety/alignment |
| **Drafts in category** | 44 |
### 9. Dynamic Trust and Reputation
**Severity:** HIGH
**Category:** agent identity/auth
**Description:** Missing frameworks for agents to build, assess, and revoke trust relationships dynamically based on behavior history. Static authentication insufficient for long-running autonomous systems.
**Evidence:** Certificate authorities mentioned but no dynamic trust or reputation systems in technical ideas
While many drafts address agent identity and authentication, few tackle how to verify that an agent is actually behaving according to its declared capabilities and policies. There's a critical gap in runtime behavioral attestation and compliance monitoring mechanisms.
### 10. Agent Performance Monitoring
**Severity:** MEDIUM
**Category:** autonomous netops
**Description:** No standardized metrics or monitoring frameworks for tracking agent performance, efficiency, or drift over time. Missing observability standards for production agent deployments.
**Evidence:** ML traffic management only has 24 drafts but no performance monitoring in technical ideas
**Evidence:** High overlap in identity/auth (108 drafts) but only 44 drafts on safety/alignment, with no specific focus on behavioral verification
### 11. Agent Explainability Standards
**Severity:** MEDIUM
**Category:** AI safety/alignment
**Description:** No protocols for agents to explain their decisions or reasoning to other agents or humans. Critical gap for debugging and compliance in regulated environments.
**Evidence:** Low safety/alignment focus suggests governance requirements not fully addressed
### Related Drafts
### 12. Agent Data Provenance
**Severity:** MEDIUM
**Category:** data formats/interop
**Description:** No standards for tracking data lineage and provenance as information flows between agents. Critical for compliance and debugging in complex agent networks.
**Evidence:** 102 data format drafts but no provenance tracking mechanisms identified in technical ideas
**Keyword matches** (drafts mentioning gap topic):
## Summary by Severity
- [draft-li-dmsc-macp](https://datatracker.ietf.org/doc/draft-li-dmsc-macp/) (score 4.2) — Multi-agent Collaboration Protocol Suite
- [draft-zheng-agent-identity-management](https://datatracker.ietf.org/doc/draft-zheng-agent-identity-management/) (score 3.7) — Agent Identity Managenment
- [draft-zheng-dispatch-agent-identity-management](https://datatracker.ietf.org/doc/draft-zheng-dispatch-agent-identity-management/) (score 3.3) — Agent Identity Managenment
- [draft-fu-nmop-agent-communication-framework](https://datatracker.ietf.org/doc/draft-fu-nmop-agent-communication-framework/) (score 3.0) — Agent Communication Framework for Network AIOps
- [draft-zyyhl-agent-networks-framework](https://datatracker.ietf.org/doc/draft-zyyhl-agent-networks-framework/) (score 3.6) — Framework for AI Agent Networks
- [draft-ruan-spring-priority-flow-control-sid](https://datatracker.ietf.org/doc/draft-ruan-spring-priority-flow-control-sid/) (score 3.1) — SRv6 behavior extention for Flow Control in WAN
- **Critical:** 3 gaps
- **High:** 6 gaps
- **Medium:** 3 gaps
**Top-rated in AI safety/alignment** (44 drafts):
- [draft-cowles-volt](https://datatracker.ietf.org/doc/draft-cowles-volt/) (4.8) — Defines tamper-evident execution trace format for AI agent workflows using hash chains and cryptogra
- [draft-aylward-daap-v2](https://datatracker.ietf.org/doc/draft-aylward-daap-v2/) (4.8) — Defines comprehensive protocol for AI agent accountability including authentication, monitoring, and
- [draft-guy-bary-stamp-protocol](https://datatracker.ietf.org/doc/draft-guy-bary-stamp-protocol/) (4.6) — Defines STAMP protocol for cryptographic delegation and proof in AI agent systems. Provides task-bou
- [draft-drake-email-tpm-attestation](https://datatracker.ietf.org/doc/draft-drake-email-tpm-attestation/) (4.6) — Defines hardware attestation for email using TPM verification chains to prevent spam and provide Syb
- [draft-goswami-agentic-jwt](https://datatracker.ietf.org/doc/draft-goswami-agentic-jwt/) (4.5) — Extends OAuth 2.0 with Agentic JWT to address authorization challenges in autonomous AI systems. Int
### Partially Addressing Ideas
53 extracted ideas touch on this gap:
| Idea | Draft | Type |
|------|-------|------|
| Verifiable Agent Behavior Attestation | draft-birkholz-verifiable-agent-conversations | requirement |
| Behavioral Trustworthiness Assessment | draft-chen-agent-decoupled-authorization-model | mechanism |
| Multi-Vendor TEE Attestation (M-TACE) | draft-aylward-aiga-1 | mechanism |
| Multi-Vendor TEE Attestation (M-TACE) | draft-aylward-aiga-2 | mechanism |
| Cryptographic Identity Verification | draft-aylward-daap-v2 | mechanism |
| Behavioral Monitoring Framework | draft-aylward-daap-v2 | mechanism |
| Post-Discovery Authorization Handshake | draft-barney-caam | protocol |
| Five Enforcement Pillars with Typed Schemas | draft-berlinai-vera | pattern |
*...and 45 more*
---
## 2. Cross-Domain Agent Liability
| | |
|---|---|
| **Severity** | CRITICAL |
| **Category** | Policy/governance |
| **Drafts in category** | 91 |
When autonomous agents operate across organizational boundaries and cause harm or make decisions with legal implications, there's no standardized framework for liability attribution. The policy/governance drafts don't address cross-jurisdictional legal accountability.
**Evidence:** 91 policy/governance drafts but legal liability for cross-domain autonomous actions remains unaddressed
### Related Drafts
**Keyword matches** (drafts mentioning gap topic):
- [draft-diaconu-agents-authz-info-sharing](https://datatracker.ietf.org/doc/draft-diaconu-agents-authz-info-sharing/) (score 3.2) — Cross-Domain AuthZ Information sharing for Agents
- [draft-cui-dmsc-agent-cdi](https://datatracker.ietf.org/doc/draft-cui-dmsc-agent-cdi/) (score 3.0) — Cross-Domain Interoperability Framework for AI Agent Collaboration
- [draft-han-rtgwg-agent-gateway-intercomm-framework](https://datatracker.ietf.org/doc/draft-han-rtgwg-agent-gateway-intercomm-framework/) (score 3.6) — Agent Gateway Intercommunication Framework
- [draft-ni-a2a-ai-agent-security-requirements](https://datatracker.ietf.org/doc/draft-ni-a2a-ai-agent-security-requirements/) (score 3.7) — Security Requirements for AI Agents
- [draft-intellinode-ai-semantic-contract](https://datatracker.ietf.org/doc/draft-intellinode-ai-semantic-contract/) (score 3.2) — Semantic-Driven Traffic Shaping Contract for AI Networks
- [draft-li-dmsc-macp](https://datatracker.ietf.org/doc/draft-li-dmsc-macp/) (score 4.2) — Multi-agent Collaboration Protocol Suite
**Top-rated in Policy/governance** (91 drafts):
- [draft-cowles-volt](https://datatracker.ietf.org/doc/draft-cowles-volt/) (4.8) — Defines tamper-evident execution trace format for AI agent workflows using hash chains and cryptogra
- [draft-aylward-daap-v2](https://datatracker.ietf.org/doc/draft-aylward-daap-v2/) (4.8) — Defines comprehensive protocol for AI agent accountability including authentication, monitoring, and
- [draft-goswami-agentic-jwt](https://datatracker.ietf.org/doc/draft-goswami-agentic-jwt/) (4.5) — Extends OAuth 2.0 with Agentic JWT to address authorization challenges in autonomous AI systems. Int
- [draft-wang-cats-odsi](https://datatracker.ietf.org/doc/draft-wang-cats-odsi/) (4.5) — Specifies framework for decentralized LLM inference across untrusted participants with layer-aware e
- [draft-birkholz-verifiable-agent-conversations](https://datatracker.ietf.org/doc/draft-birkholz-verifiable-agent-conversations/) (4.5) — Defines CDDL-based data format for verifiable agent conversation records using COSE signing. Support
### Partially Addressing Ideas
26 extracted ideas touch on this gap:
| Idea | Draft | Type |
|------|-------|------|
| Cross-Domain Agent Identity Management | draft-abbey-scim-agent-extension | protocol |
| Multi-level Inference Protocol | draft-chuyi-nmrg-agentic-network-inference | protocol |
| Cross-Domain Agent Coordination | draft-chuyi-nmrg-agentic-network-inference | mechanism |
| Cross-Domain Agent Discovery | draft-cui-dmsc-agent-cdi | mechanism |
| Federated Agent Identity Framework | draft-cui-dmsc-agent-cdi | architecture |
| Agent Capability Negotiation Protocol | draft-cui-dmsc-agent-cdi | protocol |
| Federated Policy Enforcement | draft-cui-dmsc-agent-cdi | architecture |
| Cross-Domain Authorization Information Sharing | draft-diaconu-agents-authz-info-sharing | mechanism |
*...and 18 more*
---
## 3. Human Override Protocols
| | |
|---|---|
| **Severity** | CRITICAL |
| **Category** | Human-agent interaction |
| **Drafts in category** | 30 |
Critical gap in standardized protocols for humans to safely interrupt, override, or take control of autonomous agents in emergency situations. Only 30 drafts address human-agent interaction, with no focus on emergency takeover procedures.
**Evidence:** Only 30 human-agent interaction drafts compared to 213+ autonomous operation drafts, with no emergency override standards
### Related Drafts
**Keyword matches** (drafts mentioning gap topic):
- [draft-dhir-http-agent-profile](https://datatracker.ietf.org/doc/draft-dhir-http-agent-profile/) (score 4.2) — HTTP Agent Profile (HAP): Authenticated and Monetized Agent Traffic on the Web
- [draft-irtf-nmrg-llm-nm](https://datatracker.ietf.org/doc/draft-irtf-nmrg-llm-nm/) (score 3.5) — A Framework for LLM-Assisted Network Management with Human-in-the-Loop
- [draft-cui-nmrg-llm-nm](https://datatracker.ietf.org/doc/draft-cui-nmrg-llm-nm/) (score 4.1) — A Framework for LLM Agent-Assisted Network Management with Human-in-the-Loop
- [draft-zeng-opsawg-applicability-mcp-a2a](https://datatracker.ietf.org/doc/draft-zeng-opsawg-applicability-mcp-a2a/) (score 3.5) — When NETCONF Is Not Enough: Applicability of MCP and A2A for Advanced Network Ma
- [draft-wmz-nmrg-agent-ndt-arch](https://datatracker.ietf.org/doc/draft-wmz-nmrg-agent-ndt-arch/) (score 4.2) — Network Digital Twin and Agentic AI based Architecture for AI driven Network Ope
- [draft-ietf-suit-firmware-encryption](https://datatracker.ietf.org/doc/draft-ietf-suit-firmware-encryption/) (score 3.7) — Encrypted Payloads in SUIT Manifests
**Top-rated in Human-agent interaction** (30 drafts):
- [draft-drake-email-tpm-attestation](https://datatracker.ietf.org/doc/draft-drake-email-tpm-attestation/) (4.6) — Defines hardware attestation for email using TPM verification chains to prevent spam and provide Syb
- [draft-ietf-aipref-vocab](https://datatracker.ietf.org/doc/draft-ietf-aipref-vocab/) (4.4) — Defines a standardized vocabulary for expressing preferences about how digital assets should be used
- [draft-dhir-http-agent-profile](https://datatracker.ietf.org/doc/draft-dhir-http-agent-profile/) (4.2) — Defines HTTP Agent Profile for authenticating agent traffic, separating human from agent traffic, an
- [draft-song-tsvwg-camp](https://datatracker.ietf.org/doc/draft-song-tsvwg-camp/) (4.2) — Proposes CAMP, a multipath transport protocol for interactive multimodal LLM systems that maintains
- [draft-liu-agent-operation-authorization](https://datatracker.ietf.org/doc/draft-liu-agent-operation-authorization/) (4.1) — Specifies framework for verifiable delegation of actions from humans to AI agents using JWT tokens.
### Partially Addressing Ideas
7 extracted ideas touch on this gap:
| Idea | Draft | Type |
|------|-------|------|
| LLM-Human Collaborative Framework | draft-irtf-nmrg-llm-nm | architecture |
| CHEQ Protocol | draft-rosenberg-aiproto-cheq | protocol |
| Signed Confirmation Objects | draft-rosenberg-aiproto-cheq | mechanism |
| Cross-Protocol Integration Pattern | draft-rosenberg-aiproto-cheq | pattern |
| CHEQ Protocol | draft-rosenberg-cheq | protocol |
| Signed Decision Objects | draft-rosenberg-cheq | mechanism |
| Protocol Integration Pattern | draft-rosenberg-cheq | pattern |
---
## 4. Agent Resource Exhaustion Protection
| | |
|---|---|
| **Severity** | HIGH |
| **Category** | Autonomous netops |
| **Drafts in category** | 93 |
Missing standardized mechanisms to prevent malicious or poorly designed agents from consuming excessive network, compute, or storage resources. Current drafts focus on traffic management but not on agent-specific resource quotas and enforcement.
**Evidence:** 93 autonomous netops drafts and 73 ML traffic management drafts lack agent-specific resource protection mechanisms
### Related Drafts
**Keyword matches** (drafts mentioning gap topic):
- [draft-li-dmsc-macp](https://datatracker.ietf.org/doc/draft-li-dmsc-macp/) (score 4.2) — Multi-agent Collaboration Protocol Suite
- [draft-zheng-agent-identity-management](https://datatracker.ietf.org/doc/draft-zheng-agent-identity-management/) (score 3.7) — Agent Identity Managenment
- [draft-zheng-dispatch-agent-identity-management](https://datatracker.ietf.org/doc/draft-zheng-dispatch-agent-identity-management/) (score 3.3) — Agent Identity Managenment
- [draft-fu-nmop-agent-communication-framework](https://datatracker.ietf.org/doc/draft-fu-nmop-agent-communication-framework/) (score 3.0) — Agent Communication Framework for Network AIOps
- [draft-zyyhl-agent-networks-framework](https://datatracker.ietf.org/doc/draft-zyyhl-agent-networks-framework/) (score 3.6) — Framework for AI Agent Networks
- [draft-jia-oauth-scope-aggregation](https://datatracker.ietf.org/doc/draft-jia-oauth-scope-aggregation/) (score 3.5) — OAuth 2.0 Scope Aggregation for Multi-Step AI Agent Workflows
**Top-rated in Autonomous netops** (93 drafts):
- [draft-cui-nmrg-llm-benchmark](https://datatracker.ietf.org/doc/draft-cui-nmrg-llm-benchmark/) (4.3) — Provides comprehensive evaluation framework for LLM-based network configuration agents. Includes emu
- [draft-wmz-nmrg-agent-ndt-arch](https://datatracker.ietf.org/doc/draft-wmz-nmrg-agent-ndt-arch/) (4.2) — Comprehensive architecture combining Network Digital Twin with Agentic AI for intent-based network o
- [draft-yue-anima-agent-recovery-networks](https://datatracker.ietf.org/doc/draft-yue-anima-agent-recovery-networks/) (4.1) — Defines task-oriented multi-agent framework for fault recovery in converged mobile networks. Targets
- [draft-cui-nmrg-llm-nm](https://datatracker.ietf.org/doc/draft-cui-nmrg-llm-nm/) (4.1) — Defines framework for collaborative network management between LLM agents and human operators. Intro
- [draft-jadoon-nmrg-agentic-ai-autonomous-networks](https://datatracker.ietf.org/doc/draft-jadoon-nmrg-agentic-ai-autonomous-networks/) (4.1) — Introduces architectural principles for integrating AI agents into IP protocol stack layers while pr
### Partially Addressing Ideas
40 extracted ideas touch on this gap:
| Idea | Draft | Type |
|------|-------|------|
| Agent Resource Type | draft-abbey-scim-agent-extension | extension |
| Agentic Application Resource Type | draft-abbey-scim-agent-extension | extension |
| Collaborative Inference Acceleration (KDN) | draft-agent-gw | mechanism |
| Data and Agent Aware-Inference and Training Network (DA-ITN) | draft-akhavain-moussa-ai-network | architecture |
| Agent-to-Agent (A2A) Communication Paradigm | draft-an-nmrg-i2icf-cits | protocol |
| Network-Level Quarantine Protocol | draft-aylward-aiga-1 | protocol |
| Agent Task Negotiation | draft-cui-ai-agent-task | protocol |
| Multi-Agent Security Protection | draft-fu-nmop-agent-communication-framework | mechanism |
*...and 32 more*
---
## 5. Agent-Generated Data Provenance
| | |
|---|---|
| **Severity** | HIGH |
| **Category** | Data formats/interop |
| **Drafts in category** | 145 |
While 145 drafts address data formats for AI interop, there's insufficient attention to tracking the provenance and lineage of data generated by agents. This creates trust and auditability issues in agent-to-agent data exchanges.
**Evidence:** 145 data format drafts with high overlap but no clear standards for agent-generated data provenance tracking
### Related Drafts
**Keyword matches** (drafts mentioning gap topic):
- [draft-romanchuk-normative-admissibility](https://datatracker.ietf.org/doc/draft-romanchuk-normative-admissibility/) (score 3.4) — Normative Admissibility Framework for Agent Speech Acts
- [draft-li-semantic-routing-architecture](https://datatracker.ietf.org/doc/draft-li-semantic-routing-architecture/) (score 3.6) — Semantic Routing Architecture for AI Agents Communication
- [draft-cui-nmrg-llm-nm](https://datatracker.ietf.org/doc/draft-cui-nmrg-llm-nm/) (score 4.1) — A Framework for LLM Agent-Assisted Network Management with Human-in-the-Loop
- [draft-mpsb-agntcy-messaging](https://datatracker.ietf.org/doc/draft-mpsb-agntcy-messaging/) (score 2.6) — An Overview of Messaging Systems and Their Applicability to Agentic AI
- [draft-gaikwad-south-authorization](https://datatracker.ietf.org/doc/draft-gaikwad-south-authorization/) (score 3.7) — SOUTH: Stochastic Authorization for Agent and Service Requests
- [draft-abaris-aicdh](https://datatracker.ietf.org/doc/draft-abaris-aicdh/) (score 2.8) — AI Content Disclosure Header
**Top-rated in Data formats/interop** (145 drafts):
- [draft-cowles-volt](https://datatracker.ietf.org/doc/draft-cowles-volt/) (4.8) — Defines tamper-evident execution trace format for AI agent workflows using hash chains and cryptogra
- [draft-williams-netmod-lm-hierarchy-topology](https://datatracker.ietf.org/doc/draft-williams-netmod-lm-hierarchy-topology/) (4.6) — Defines YANG data model for hierarchical language model coordination across tiny, small, and large L
- [draft-ietf-lake-app-profiles](https://datatracker.ietf.org/doc/draft-ietf-lake-app-profiles/) (4.6) — Defines canonical CBOR representation for EDHOC application profiles and coordination mechanisms for
- [draft-chang-agent-token-efficient](https://datatracker.ietf.org/doc/draft-chang-agent-token-efficient/) (4.5) — Defines ADOL (Agentic Data Optimization Layer) to address token bloat in agent communication protoco
- [draft-birkholz-verifiable-agent-conversations](https://datatracker.ietf.org/doc/draft-birkholz-verifiable-agent-conversations/) (4.5) — Defines CDDL-based data format for verifiable agent conversation records using COSE signing. Support
### Partially Addressing Ideas
4 extracted ideas touch on this gap:
| Idea | Draft | Type |
|------|-------|------|
| Context-Enhanced Training Data | draft-improving-data-quality-tags | extension |
| Training Data Provenance Claims | draft-messous-eat-ai | mechanism |
| Sentinel Evidence Package | draft-reilly-sentinel-protocol | architecture |
| AI Lifecycle Provenance Tracking | draft-reilly-sentinel-protocol | architecture |
---
## 6. Agent Capability Degradation Handling
| | |
|---|---|
| **Severity** | HIGH |
| **Category** | AI safety/alignment |
| **Drafts in category** | 44 |
No standardized approaches for detecting and handling when an agent's capabilities degrade due to model drift, data corruption, or hardware issues. Systems need graceful degradation protocols rather than silent failures.
**Evidence:** Only 44 safety/alignment drafts don't address capability degradation, while 213+ drafts assume stable agent performance
### Related Drafts
**Keyword matches** (drafts mentioning gap topic):
- [draft-li-dmsc-macp](https://datatracker.ietf.org/doc/draft-li-dmsc-macp/) (score 4.2) — Multi-agent Collaboration Protocol Suite
- [draft-zheng-agent-identity-management](https://datatracker.ietf.org/doc/draft-zheng-agent-identity-management/) (score 3.7) — Agent Identity Managenment
- [draft-zheng-dispatch-agent-identity-management](https://datatracker.ietf.org/doc/draft-zheng-dispatch-agent-identity-management/) (score 3.3) — Agent Identity Managenment
- [draft-fu-nmop-agent-communication-framework](https://datatracker.ietf.org/doc/draft-fu-nmop-agent-communication-framework/) (score 3.0) — Agent Communication Framework for Network AIOps
- [draft-zyyhl-agent-networks-framework](https://datatracker.ietf.org/doc/draft-zyyhl-agent-networks-framework/) (score 3.6) — Framework for AI Agent Networks
- [draft-li-dmsc-inf-architecture](https://datatracker.ietf.org/doc/draft-li-dmsc-inf-architecture/) (score 3.1) — Dynamic Multi-agent Secured Collaboration Infrastructure Architecture
**Top-rated in AI safety/alignment** (44 drafts):
- [draft-cowles-volt](https://datatracker.ietf.org/doc/draft-cowles-volt/) (4.8) — Defines tamper-evident execution trace format for AI agent workflows using hash chains and cryptogra
- [draft-aylward-daap-v2](https://datatracker.ietf.org/doc/draft-aylward-daap-v2/) (4.8) — Defines comprehensive protocol for AI agent accountability including authentication, monitoring, and
- [draft-guy-bary-stamp-protocol](https://datatracker.ietf.org/doc/draft-guy-bary-stamp-protocol/) (4.6) — Defines STAMP protocol for cryptographic delegation and proof in AI agent systems. Provides task-bou
- [draft-drake-email-tpm-attestation](https://datatracker.ietf.org/doc/draft-drake-email-tpm-attestation/) (4.6) — Defines hardware attestation for email using TPM verification chains to prevent spam and provide Syb
- [draft-goswami-agentic-jwt](https://datatracker.ietf.org/doc/draft-goswami-agentic-jwt/) (4.5) — Extends OAuth 2.0 with Agentic JWT to address authorization challenges in autonomous AI systems. Int
### Partially Addressing Ideas
45 extracted ideas touch on this gap:
| Idea | Draft | Type |
|------|-------|------|
| Semantic Routing | draft-agent-gw | mechanism |
| Semantic Routing | draft-ainp-protocol | mechanism |
| Capability-based Discovery | draft-ainp-protocol | pattern |
| Complex Delegation Relationship Management | draft-chen-ai-agent-auth-new-requirements | architecture |
| Capability-Based Discovery Mechanism | draft-cui-ai-agent-discovery-invocation | mechanism |
| Agent Capability Negotiation Protocol | draft-cui-dmsc-agent-cdi | protocol |
| Agent Capability-Based Routing | draft-du-catalist-routing-considerations | mechanism |
| Agent Monitoring and Tracking | draft-fu-nmop-agent-communication-framework | mechanism |
*...and 37 more*
---
## 7. Multi-Agent Coordination Deadlocks
| | |
|---|---|
| **Severity** | HIGH |
| **Category** | A2A protocols |
| **Drafts in category** | 120 |
With 120+ A2A protocol drafts, there's insufficient attention to preventing deadlock situations where multiple agents create circular dependencies or resource conflicts. Missing are standardized deadlock detection and resolution mechanisms.
**Evidence:** 120 A2A protocol drafts with high internal overlap but no systematic deadlock prevention frameworks
### Related Drafts
**Keyword matches** (drafts mentioning gap topic):
- [draft-li-dmsc-mcps-agw](https://datatracker.ietf.org/doc/draft-li-dmsc-mcps-agw/) (score 3.5) — Multi-agent Collaboration Protocol Suite based on Agent Gateway
- [draft-li-dmsc-inf-architecture](https://datatracker.ietf.org/doc/draft-li-dmsc-inf-architecture/) (score 3.1) — Dynamic Multi-agent Secured Collaboration Infrastructure Architecture
- [draft-yue-anima-agent-recovery-networks](https://datatracker.ietf.org/doc/draft-yue-anima-agent-recovery-networks/) (score 4.1) — Task-Oriented Multi-Agent Recovery Framework for High-Reliability in Converged M
- [draft-chang-agent-context-interaction](https://datatracker.ietf.org/doc/draft-chang-agent-context-interaction/) (score 2.9) — Agent Context Interaction Optimizations
- [draft-fu-nmop-agent-communication-framework](https://datatracker.ietf.org/doc/draft-fu-nmop-agent-communication-framework/) (score 3.0) — Agent Communication Framework for Network AIOps
- [draft-cui-ai-agent-task](https://datatracker.ietf.org/doc/draft-cui-ai-agent-task/) (score 3.0) — Task-oriented Coordination Requirements for AI Agent Protocols
**Top-rated in A2A protocols** (120 drafts):
- [draft-guy-bary-stamp-protocol](https://datatracker.ietf.org/doc/draft-guy-bary-stamp-protocol/) (4.6) — Defines STAMP protocol for cryptographic delegation and proof in AI agent systems. Provides task-bou
- [draft-williams-netmod-lm-hierarchy-topology](https://datatracker.ietf.org/doc/draft-williams-netmod-lm-hierarchy-topology/) (4.6) — Defines YANG data model for hierarchical language model coordination across tiny, small, and large L
- [draft-chang-agent-token-efficient](https://datatracker.ietf.org/doc/draft-chang-agent-token-efficient/) (4.5) — Defines ADOL (Agentic Data Optimization Layer) to address token bloat in agent communication protoco
- [draft-chen-oauth-rar-agent-extensions](https://datatracker.ietf.org/doc/draft-chen-oauth-rar-agent-extensions/) (4.2) — Extends OAuth RAR with policy_context and lifecycle_binding members for AI agent environments. Enabl
- [draft-mallick-muacp](https://datatracker.ietf.org/doc/draft-mallick-muacp/) (4.2) — Resource-efficient messaging protocol specifically designed for constrained IoT/Edge devices with de
### Partially Addressing Ideas
11 extracted ideas touch on this gap:
| Idea | Draft | Type |
|------|-------|------|
| Multi-Agent Task Coordination | draft-du-ai-agent-communication-6g-aspect | mechanism |
| AI Gateway | draft-fu-nmop-agent-communication-framework | architecture |
| DMSC Infrastructure Architecture | draft-li-dmsc-inf-architecture | architecture |
| Multi-agent Collaboration Protocol Suite | draft-li-dmsc-macp | protocol |
| Task-based Multi-Agent Coordination | draft-li-dmsc-mcps-agw | pattern |
| Cognitive Networking Substrate | draft-li-semantic-routing-architecture | architecture |
| Agent Communication Use Cases | draft-stephan-ai-agent-6g | pattern |
| Structured Responsibility and Traceability Architecture (SRTA) | draft-takagi-srta-trinity | architecture |
*...and 3 more*
---
## 8. Agent Privacy Preservation
| | |
|---|---|
| **Severity** | HIGH |
| **Category** | Agent identity/auth |
| **Drafts in category** | 108 |
Agents often process sensitive data but current drafts don't adequately address privacy-preserving computation, differential privacy, or secure multi-party computation for agent interactions. This is critical for deployment in regulated industries.
**Evidence:** 108 identity/auth drafts focus on authentication but lack privacy preservation mechanisms for agent data processing
### Related Drafts
**Keyword matches** (drafts mentioning gap topic):
- [draft-li-dmsc-macp](https://datatracker.ietf.org/doc/draft-li-dmsc-macp/) (score 4.2) — Multi-agent Collaboration Protocol Suite
- [draft-zheng-agent-identity-management](https://datatracker.ietf.org/doc/draft-zheng-agent-identity-management/) (score 3.7) — Agent Identity Managenment
- [draft-zheng-dispatch-agent-identity-management](https://datatracker.ietf.org/doc/draft-zheng-dispatch-agent-identity-management/) (score 3.3) — Agent Identity Managenment
- [draft-fu-nmop-agent-communication-framework](https://datatracker.ietf.org/doc/draft-fu-nmop-agent-communication-framework/) (score 3.0) — Agent Communication Framework for Network AIOps
- [draft-zyyhl-agent-networks-framework](https://datatracker.ietf.org/doc/draft-zyyhl-agent-networks-framework/) (score 3.6) — Framework for AI Agent Networks
- [draft-kale-agntcy-federated-privacy](https://datatracker.ietf.org/doc/draft-kale-agntcy-federated-privacy/) (score 3.2) — Privacy-Preserving Federated Learning Architecture for Multi-Tenant AI Agent Sys
**Top-rated in Agent identity/auth** (108 drafts):
- [draft-cowles-volt](https://datatracker.ietf.org/doc/draft-cowles-volt/) (4.8) — Defines tamper-evident execution trace format for AI agent workflows using hash chains and cryptogra
- [draft-aylward-daap-v2](https://datatracker.ietf.org/doc/draft-aylward-daap-v2/) (4.8) — Defines comprehensive protocol for AI agent accountability including authentication, monitoring, and
- [draft-guy-bary-stamp-protocol](https://datatracker.ietf.org/doc/draft-guy-bary-stamp-protocol/) (4.6) — Defines STAMP protocol for cryptographic delegation and proof in AI agent systems. Provides task-bou
- [draft-drake-email-tpm-attestation](https://datatracker.ietf.org/doc/draft-drake-email-tpm-attestation/) (4.6) — Defines hardware attestation for email using TPM verification chains to prevent spam and provide Syb
- [draft-williams-netmod-lm-hierarchy-topology](https://datatracker.ietf.org/doc/draft-williams-netmod-lm-hierarchy-topology/) (4.6) — Defines YANG data model for hierarchical language model coordination across tiny, small, and large L
### Partially Addressing Ideas
11 extracted ideas touch on this gap:
| Idea | Draft | Type |
|------|-------|------|
| Agent Card Structure | draft-nandakumar-agent-sd-jwt | protocol |
| Pseudonymous Key Generation | draft-bradleylundberg-cfrg-arkg | mechanism |
| Privacy-Preserving Human Tokens | draft-dhir-http-agent-profile | mechanism |
| Cryptographic Erasure Compliance | draft-gaikwad-aps-profile | mechanism |
| Privacy-Respecting Capability Attestation | draft-huang-rats-agentic-eat-cap-attest | pattern |
| Differential Privacy for Agent Models | draft-kale-agntcy-federated-privacy | mechanism |
| Agent Identity Preservation | draft-liu-oauth-a2a-profile | pattern |
| Inference-Time Data Access Policy Claims | draft-messous-eat-ai | mechanism |
*...and 3 more*
---
## 9. Agent Firmware/Model Update Security
| | |
|---|---|
| **Severity** | HIGH |
| **Category** | Model serving/inference |
| **Drafts in category** | 42 |
While model serving is addressed in 42 drafts, there's insufficient focus on secure update mechanisms for agent models and firmware. Missing are standards for cryptographically verified, rollback-capable agent updates.
**Evidence:** 42 model serving drafts but no comprehensive security standards for agent software/model updates
### Related Drafts
**Keyword matches** (drafts mentioning gap topic):
- [draft-li-dmsc-macp](https://datatracker.ietf.org/doc/draft-li-dmsc-macp/) (score 4.2) — Multi-agent Collaboration Protocol Suite
- [draft-zheng-agent-identity-management](https://datatracker.ietf.org/doc/draft-zheng-agent-identity-management/) (score 3.7) — Agent Identity Managenment
- [draft-zheng-dispatch-agent-identity-management](https://datatracker.ietf.org/doc/draft-zheng-dispatch-agent-identity-management/) (score 3.3) — Agent Identity Managenment
- [draft-fu-nmop-agent-communication-framework](https://datatracker.ietf.org/doc/draft-fu-nmop-agent-communication-framework/) (score 3.0) — Agent Communication Framework for Network AIOps
- [draft-zyyhl-agent-networks-framework](https://datatracker.ietf.org/doc/draft-zyyhl-agent-networks-framework/) (score 3.6) — Framework for AI Agent Networks
- [draft-ietf-tls-extended-key-update](https://datatracker.ietf.org/doc/draft-ietf-tls-extended-key-update/) (score 4.2) — Extended Key Update for Transport Layer Security (TLS) 1.3
**Top-rated in Model serving/inference** (42 drafts):
- [draft-williams-netmod-lm-hierarchy-topology](https://datatracker.ietf.org/doc/draft-williams-netmod-lm-hierarchy-topology/) (4.6) — Defines YANG data model for hierarchical language model coordination across tiny, small, and large L
- [draft-chang-agent-token-efficient](https://datatracker.ietf.org/doc/draft-chang-agent-token-efficient/) (4.5) — Defines ADOL (Agentic Data Optimization Layer) to address token bloat in agent communication protoco
- [draft-calabria-bmwg-ai-fabric-inference-bench](https://datatracker.ietf.org/doc/draft-calabria-bmwg-ai-fabric-inference-bench/) (4.5) — Defines benchmarking methodology for AI inference network fabrics. Establishes KPIs and test procedu
- [draft-wang-cats-odsi](https://datatracker.ietf.org/doc/draft-wang-cats-odsi/) (4.5) — Specifies framework for decentralized LLM inference across untrusted participants with layer-aware e
- [draft-wmz-nmrg-agent-ndt-arch](https://datatracker.ietf.org/doc/draft-wmz-nmrg-agent-ndt-arch/) (4.2) — Comprehensive architecture combining Network Digital Twin with Agentic AI for intent-based network o
### Partially Addressing Ideas
79 extracted ideas touch on this gap:
| Idea | Draft | Type |
|------|-------|------|
| Multi-layered Security Architecture | draft-aylward-daap-v2 | architecture |
| VERA Zero Trust Reference Architecture | draft-berlinai-vera | architecture |
| Evidence-Based Maturity Runtime | draft-berlinai-vera | mechanism |
| Five Enforcement Pillars with Typed Schemas | draft-berlinai-vera | pattern |
| AI Agent Structured Threat Model | draft-berlinai-vera | requirement |
| Cryptographic Proof-Based Autonomy | draft-berlinai-vera | mechanism |
| Pseudonymous Key Generation | draft-bradleylundberg-cfrg-arkg | mechanism |
| Multi-Agent Security Protection | draft-fu-nmop-agent-communication-framework | mechanism |
*...and 71 more*
---
## 10. Real-time Agent Debugging
| | |
|---|---|
| **Severity** | MEDIUM |
| **Category** | Other AI/agent |
| **Drafts in category** | 26 |
Missing standardized protocols for debugging autonomous agents in production environments. When agents make unexpected decisions, there are no standard interfaces for real-time introspection without disrupting operations.
**Evidence:** 26 other AI/agent drafts suggest various approaches but no standardized debugging protocols for production agents
### Related Drafts
**Keyword matches** (drafts mentioning gap topic):
- [draft-an-nmrg-i2icf-cits](https://datatracker.ietf.org/doc/draft-an-nmrg-i2icf-cits/) (score 3.7) — Interface to In-Network Computing Functions for Cooperative Intelligent Transpor
- [draft-zhao-detnet-enhanced-use-cases](https://datatracker.ietf.org/doc/draft-zhao-detnet-enhanced-use-cases/) (score 3.2) — Enhanced Use Cases for Scaling Deterministic Networks
- [draft-zhang-rvp-problem-statement](https://datatracker.ietf.org/doc/draft-zhang-rvp-problem-statement/) (score 3.5) — Problem Statements and Requirements of Real-Virtual Agent Protocol (RVP): Commun
- [draft-yuan-rtgwg-traffic-agent-usecase](https://datatracker.ietf.org/doc/draft-yuan-rtgwg-traffic-agent-usecase/) (score 3.7) — Use cases of the AI Network Traffic Optimization Agent
- [draft-hong-nmrg-agenticai-ps](https://datatracker.ietf.org/doc/draft-hong-nmrg-agenticai-ps/) (score 3.0) — Motivations and Problem Statement of Agentic AI for network management
- [draft-li-dmsc-macp](https://datatracker.ietf.org/doc/draft-li-dmsc-macp/) (score 4.2) — Multi-agent Collaboration Protocol Suite
**Top-rated in Other AI/agent** (26 drafts):
- [draft-calabria-bmwg-ai-fabric-inference-bench](https://datatracker.ietf.org/doc/draft-calabria-bmwg-ai-fabric-inference-bench/) (4.5) — Defines benchmarking methodology for AI inference network fabrics. Establishes KPIs and test procedu
- [draft-ietf-tls-ecdhe-mlkem](https://datatracker.ietf.org/doc/draft-ietf-tls-ecdhe-mlkem/) (4.4) — Defines hybrid post-quantum key agreement mechanisms for TLS 1.3 that combine ML-KEM with traditiona
- [draft-wmz-nmrg-agent-ndt-arch](https://datatracker.ietf.org/doc/draft-wmz-nmrg-agent-ndt-arch/) (4.2) — Comprehensive architecture combining Network Digital Twin with Agentic AI for intent-based network o
- [draft-an-nmrg-i2icf-cits](https://datatracker.ietf.org/doc/draft-an-nmrg-i2icf-cits/) (3.7) — Defines framework for orchestrating In-Network Computing Functions in Cooperative Intelligent Transp
- [draft-cui-nmrg-auto-test](https://datatracker.ietf.org/doc/draft-cui-nmrg-auto-test/) (3.6) — Framework for AI-assisted network protocol testing using LLMs and automated test generation. Defines
### Partially Addressing Ideas
23 extracted ideas touch on this gap:
| Idea | Draft | Type |
|------|-------|------|
| A2A Protocol Transport over MOQT | draft-a2a-moqt-transport | protocol |
| QUIC-based Publish/Subscribe for AI Agents | draft-a2a-moqt-transport | mechanism |
| Streaming Capabilities Integration | draft-a2a-moqt-transport | mechanism |
| Action-Based Authorization | draft-aylward-aiga-2 | mechanism |
| Multi-layered Security Architecture | draft-aylward-daap-v2 | architecture |
| Behavioral Monitoring Framework | draft-aylward-daap-v2 | mechanism |
| Context-Aware Task Scheduling | draft-cui-ai-agent-task | mechanism |
| Real-Time Task Adaptability | draft-cui-ai-agent-task | requirement |
*...and 15 more*
---
## 11. Cross-Protocol Agent Migration
| | |
|---|---|
| **Severity** | MEDIUM |
| **Category** | A2A protocols |
| **Drafts in category** | 120 |
No standardized mechanisms for migrating agent state and context when moving between different A2A protocols or infrastructure providers. This creates vendor lock-in and limits agent mobility.
**Evidence:** 120 A2A protocol drafts with high overlap suggest competing approaches but no migration standards between them
### Related Drafts
**Keyword matches** (drafts mentioning gap topic):
- [draft-cowles-volt](https://datatracker.ietf.org/doc/draft-cowles-volt/) (score 4.8) — Verifiable Operations Ledger and Trace (VOLT) Protocol
- [draft-han-ai-agent-impact-infra](https://datatracker.ietf.org/doc/draft-han-ai-agent-impact-infra/) (score 2.3) — The Impact of AI Agent to Network Infrastructure
- [draft-narajala-ans](https://datatracker.ietf.org/doc/draft-narajala-ans/) (score 4.2) — Agent Name Service (ANS): A Universal Directory for Secure AI Agent Discovery an
- [draft-ietf-emu-eap-edhoc](https://datatracker.ietf.org/doc/draft-ietf-emu-eap-edhoc/) (score 3.2) — Using the Extensible Authentication Protocol (EAP) with Ephemeral Diffie-Hellman
- [draft-howe-sipcore-mcp-extension](https://datatracker.ietf.org/doc/draft-howe-sipcore-mcp-extension/) (score 3.7) — SIP Extension for Model Context Protocol (MCP)
- [draft-li-dmsc-macp](https://datatracker.ietf.org/doc/draft-li-dmsc-macp/) (score 4.2) — Multi-agent Collaboration Protocol Suite
**Top-rated in A2A protocols** (120 drafts):
- [draft-guy-bary-stamp-protocol](https://datatracker.ietf.org/doc/draft-guy-bary-stamp-protocol/) (4.6) — Defines STAMP protocol for cryptographic delegation and proof in AI agent systems. Provides task-bou
- [draft-williams-netmod-lm-hierarchy-topology](https://datatracker.ietf.org/doc/draft-williams-netmod-lm-hierarchy-topology/) (4.6) — Defines YANG data model for hierarchical language model coordination across tiny, small, and large L
- [draft-chang-agent-token-efficient](https://datatracker.ietf.org/doc/draft-chang-agent-token-efficient/) (4.5) — Defines ADOL (Agentic Data Optimization Layer) to address token bloat in agent communication protoco
- [draft-chen-oauth-rar-agent-extensions](https://datatracker.ietf.org/doc/draft-chen-oauth-rar-agent-extensions/) (4.2) — Extends OAuth RAR with policy_context and lifecycle_binding members for AI agent environments. Enabl
- [draft-mallick-muacp](https://datatracker.ietf.org/doc/draft-mallick-muacp/) (4.2) — Resource-efficient messaging protocol specifically designed for constrained IoT/Edge devices with de
### Partially Addressing Ideas
3 extracted ideas touch on this gap:
| Idea | Draft | Type |
|------|-------|------|
| Transport-Independent Attestation Format | draft-drake-email-tpm-attestation | extension |
| Cross-Protocol Integration Pattern | draft-rosenberg-aiproto-cheq | pattern |
| Agent Mobility with IPv6 MIPv6 | draft-yc-ipv6-for-ioa | mechanism |
---
## 12. Agent Energy Consumption Optimization
| | |
|---|---|
| **Severity** | MEDIUM |
| **Category** | ML traffic mgmt |
| **Drafts in category** | 73 |
Missing standards for energy-aware agent deployment and operation. As AI workloads are energy-intensive, there's no framework for agents to optimize their energy consumption or for infrastructure to enforce energy budgets.
**Evidence:** 73 ML traffic management drafts focus on performance but lack energy consumption considerations for sustainable AI deployment
### Related Drafts
**Keyword matches** (drafts mentioning gap topic):
- [draft-li-dmsc-macp](https://datatracker.ietf.org/doc/draft-li-dmsc-macp/) (score 4.2) — Multi-agent Collaboration Protocol Suite
- [draft-zheng-agent-identity-management](https://datatracker.ietf.org/doc/draft-zheng-agent-identity-management/) (score 3.7) — Agent Identity Managenment
- [draft-zheng-dispatch-agent-identity-management](https://datatracker.ietf.org/doc/draft-zheng-dispatch-agent-identity-management/) (score 3.3) — Agent Identity Managenment
- [draft-fu-nmop-agent-communication-framework](https://datatracker.ietf.org/doc/draft-fu-nmop-agent-communication-framework/) (score 3.0) — Agent Communication Framework for Network AIOps
- [draft-zyyhl-agent-networks-framework](https://datatracker.ietf.org/doc/draft-zyyhl-agent-networks-framework/) (score 3.6) — Framework for AI Agent Networks
- [draft-ahc-green-smartpdu-yang](https://datatracker.ietf.org/doc/draft-ahc-green-smartpdu-yang/) (score 2.9) — A YANG Model for SmartPDU Monitoring and Control
**Top-rated in ML traffic mgmt** (73 drafts):
- [draft-calabria-bmwg-ai-fabric-inference-bench](https://datatracker.ietf.org/doc/draft-calabria-bmwg-ai-fabric-inference-bench/) (4.5) — Defines benchmarking methodology for AI inference network fabrics. Establishes KPIs and test procedu
- [draft-dhir-http-agent-profile](https://datatracker.ietf.org/doc/draft-dhir-http-agent-profile/) (4.2) — Defines HTTP Agent Profile for authenticating agent traffic, separating human from agent traffic, an
- [draft-calabria-bmwg-ai-fabric-terminology](https://datatracker.ietf.org/doc/draft-calabria-bmwg-ai-fabric-terminology/) (4.2) — Defines comprehensive benchmarking terminology for AI network fabrics including collective communica
- [draft-li-spring-rdma-multicast-over-srv6](https://datatracker.ietf.org/doc/draft-li-spring-rdma-multicast-over-srv6/) (4.2) — Specifies SRv6 extensions for RDMA multicast delivery with new End.MT behavior and ACK/NACK aggregat
- [draft-song-tsvwg-camp](https://datatracker.ietf.org/doc/draft-song-tsvwg-camp/) (4.2) — Proposes CAMP, a multipath transport protocol for interactive multimodal LLM systems that maintains
### Partially Addressing Ideas
17 extracted ideas touch on this gap:
| Idea | Draft | Type |
|------|-------|------|
| SmartPDU Telemetry Framework | draft-ahc-green-smartpdu-yang | mechanism |
| Agent Context Distribution | draft-chang-agent-context-interaction | mechanism |
| Context Distribution Optimization Procedures | draft-chang-agent-context-interaction | protocol |
| Schema Deduplication via JSON References | draft-chang-agent-token-efficient | mechanism |
| Agentic Data Optimization Layer (ADOL) | draft-chang-agent-token-efficient | architecture |
| Information Exchange Efficiency | draft-chuyi-nmrg-agentic-network-inference | mechanism |
| Vector Index Workload Optimization | draft-gaikwad-aps-profile | pattern |
| Collaboration Tunnel Protocol (TCT) | draft-jurkovikj-collab-tunnel | protocol |
*...and 9 more*
---
## Cross-Cutting Analysis
### Gaps by Category
| Category | Drafts | Gaps | Gap Topics |
|----------|-------:|-----:|------------|
| a2a protocols | 120 | 2 | Multi-Agent Coordination Deadlocks; Cross-Protocol Agent Migration |
| agent identity/auth | 108 | 1 | Agent Privacy Preservation |
| ai safety/alignment | 44 | 2 | Agent Behavior Verification; Agent Capability Degradation Handling |
| autonomous netops | 93 | 1 | Agent Resource Exhaustion Protection |
| data formats/interop | 145 | 1 | Agent-Generated Data Provenance |
| human-agent interaction | 30 | 1 | Human Override Protocols |
| ml traffic mgmt | 73 | 1 | Agent Energy Consumption Optimization |
| model serving/inference | 42 | 1 | Agent Firmware/Model Update Security |
| other ai/agent | 26 | 1 | Real-time Agent Debugging |
| policy/governance | 91 | 1 | Cross-Domain Agent Liability |
## Recommendations
Based on the gap analysis, the highest-impact areas for new standardization work:
1. **Runtime behavior verification** — The most critical safety gap. Agents declare policies but nothing validates compliance at runtime.
2. **Error recovery and rollback** — Autonomous operations need standardized failure handling before real deployment at scale.
3. **Protocol interoperability layer** — 92 competing A2A protocols need a translation/negotiation framework to avoid fragmentation.
4. **Dynamic trust systems** — Static certificates cannot scale to long-running agent ecosystems. Trust must be earned and revocable.
5. **Human emergency override** — The 7:1 ratio of autonomous capability to human oversight drafts is concerning for production deployments.

268
data/reports/holistic-agent-ecosystem-draft-outlines.md Normal file
View File

@@ -0,0 +1,268 @@
# Holistic Agent Ecosystem: Analysis and Draft Outlines
*Derived from IETF draft analyzer gaps (12), overlap matrix (260 drafts), and 1,262 extracted ideas. Goal: a unified agent ecosystem with DAG orchestration and HITL built in, agnostic and extensible, applicable to both fast/relaxed (e.g. K8s) and regulated/proof-heavy environments.*
---
## 1. Vision Summary
| Pillar | Meaning | Gap / Overlap Evidence |
|--------|---------|------------------------|
| **DAG** | Task/workflow as directed acyclic graph: dependencies, execution order, checkpoints, rollback along the graph. | **Gap 3** (Error Recovery/Rollback), **Gap 1** (Resource Management — scheduling/quotas). Ideas: "Task-Oriented Multi-Agent Recovery", "Working Memory", "Execution Context Token (ECT)". No single draft defines *agent task DAG* as a first-class construct. |
| **HITL** | Human-in-the-loop as a first-class primitive: approval gates, escalation, emergency override, explainability. | **Gap 7** (Human Override); only 22 human-agent drafts vs 60 autonomous netops. Ideas: CHEQ (confirmation), "Human Oversight Requirements", "Level 4 Autonomous Network Architecture". |
| **Agnostic + extensible** | Protocol- and transport-agnostic; works over any A2A protocol; extensible via profiles. | **Gap 4** (Cross-Protocol Translation) — 92 A2A drafts, no universal translation/negotiation. Overlap matrix: high within-category similarity (0.75+) but no interoperability layer. |
| **Dual regime** | Same model works in "fast/relaxed" (K8s, dev) and "regulated" (proofs, attestation, audit). | **Gaps 2, 8, 9, 12**: Behavior verification, cross-domain security, dynamic trust, data provenance. Ideas: STAMP, DAAP, verifiable conversations, ECT — all additive assurance. |
---
## 2. How This Fits With WIMSE and ECT (Differentiation)
**SPIFFE** (CNCF) defines the *identifier* for a workload (`spiffe://trust-domain/path`) and its ecosystem (SVIDs, etc.). So **"who" at the identifier level is already SPIFFE** (or similar URI schemes).
**WIMSE** (Workload Identity in a *Multi System Environment* — [draft-ietf-wimse-arch](https://datatracker.ietf.org/doc/draft-ietf-wimse-arch/)) is the **IETF architecture** for how workload identity and **security context** are conveyed and used across systems. It is **not only "who"**. It covers:
- **Workload identity**: identifier (WIMSE uses a URI; SPIFFE ID is one conforming example), credentials (WIT, X.509), trust domains.
- **Security context**: "information needed for a workload to perform its function" — authorization, accounting, auditing, user info, what processing has already happened, propagation along the call chain.
- **Identity proxy**: inspect, replace, or augment identity and context (e.g. at gateways).
- **Use cases**: bootstrapping, service auth, **authorization**, **audit trails**, **security context establishment and propagation**, delegation, cross-boundary, **AI/ML intermediaries**.
So: **SPIFFE = identifier (who). WIMSE = architecture for conveying identity + security context in protocols (who + context + propagation + authz + audit).**
**ECT** (Execution Context Tokens), in [draft-nennemann-wimse-ect](https://datatracker.ietf.org/doc/draft-nennemann-wimse-ect/), is a **JWT-based extension** that records *what* each task did: each ECT is a signed record of one task, linked to predecessors via a DAG (`par` / `jti`). ECT reuses the WIMSE signing model (same key as WIT) and adds: token format, HTTP transport (Execution-Context header), DAG validation, audit-ledger interface. So **ECT = execution evidence (what happened)** built on WIMSE identity/signing.
### Fit in (recommended)
Our ecosystem drafts **do not compete with SPIFFE, WIMSE, or ECT**. They **build on** them:
| Layer | SPIFFE / WIMSE / ECT | Our drafts (AEM, AERR, HEOP, DATS, CPAT, etc.) |
|-------|----------------------|-----------------------------------------------|
| **Identifier** | SPIFFE (or URI): "who" | We use existing identifiers (e.g. `iss` / SPIFFE ID in ECT). |
| **Identity + context** | WIMSE: credentials, security context, propagation, authz, audit | We assume WIMSE (or equivalent) for auth and context; we do not redefine it. |
| **Evidence** | ECT: token format, DAG linkage, signing, audit | We **use ECT as the carrier**: checkpoints, errors, overrides, trust assertions, translation hops are **new ECT node types** (new `exec_act` values and optional claims). |
| **Semantics** | ECT: “a task happened, here are parents” | We define **orchestration and operations**: dependencies, checkpoints, rollback protocol, HITL points, resource hints, assurance profiles, protocol binding. |
Concretely:
- **AERR** (Error Recovery/Rollback): Checkpoints, errors, and rollback results are **ECTs** with specific `exec_act` and extension claims. Rollback walks the **ECT DAG**; no second DAG format.
- **HEOP** (Human Emergency Override): Override and acknowledgment are **ECTs** that link into the same ECT DAG for audit.
- **DATS** (Dynamic Trust): Trust events are derived from **ECT outcomes**; trust assertions are **ECTs**.
- **CPAT** (Cross-Protocol Translation): Each translation hop produces an **ECT**, so the cross-protocol path is one continuous ECT DAG.
- **Agent DAG HITL** ([draft-nennemann-agent-dag-hitl-safety](https://datatracker.ietf.org/doc/draft-nennemann-agent-dag-hitl-safety/)): Policy for when HITL is required; decisions and overrides still record as ECTs.
So the **execution model** (DAG of tasks, checkpoints, rollback, HITL) is **implemented using ECT** as the token and DAG format. We add **semantics and protocols** on top, not a new token or DAG structure.
### Differentiate (what we add)
| Concern | WIMSE/ECT | Our ecosystem |
|---------|-----------|----------------|
| **DAG** | ECT defines *how* nodes link (`par`, `jti`, validation). | We define *what* a node means (task, checkpoint, error, override, trust, translation), *when* to create them, and *how* to act on them (rollback, circuit breaker, HITL flow). |
| **Orchestration** | Out of scope for ECT. | Execution order, resource hints, scheduling, lifecycle; can be described in a **declarative workflow** (e.g. JSON) that is *realized* as ECTs at runtime. |
| **Recovery** | Not in ECT. | AERR: checkpoint placement, error propagation, rollback protocol, circuit breaker. |
| **HITL** | Not in ECT. | HEOP + Agent DAG HITL: approval gates, override, escalation; all recorded as ECTs. |
| **Trust / assurance** | ECT provides signed, linked evidence. | DATS, APAE: how to *derive* trust from ECT outcomes; assurance levels and profiles. |
| **Interop** | Single token format (ECT over HTTP). | CPAT, AEPB: translation between *protocols*; each hop still emits ECTs so the cross-protocol run is one ECT DAG. |
In other words: **SPIFFE = who (identifier). WIMSE = identity + security context + propagation + authz + audit. ECT = execution evidence (DAG of signed records). Our work = orchestration, recovery, HITL, trust, and interop that consume and produce that evidence.**
### Implications for the draft family
- **Draft A (AEM)**: Should state that the **reference implementation of the execution model** is ECT: “The ecosystem uses Execution Context Tokens (ECT) [I-D.nennemann-wimse-ect] as the standard representation of task execution and DAG linkage; extensions (e.g. AERR, HEOP) define additional ECT node types and procedures.”
- **Draft B (ATD)**: Either (1) **ATD = abstract model** (nodes, edges, checkpoints, rollback set) with “ECT is one binding” and optional JSON/CBOR for *declarative* workflow definition, or (2) **ATD = semantics of ECT usage** (when to emit which ECT types, execution semantics, resource hints) without a second wire format. Prefer (2) to avoid overlap with ECT and keep one DAG format.
- **Drafts C, D, E (HITL, AEPB, APAE)**: Same pattern: define procedures and semantics; **record all significant events as ECTs** so the full run is one auditable ECT DAG. Reference SPIFFE/WIMSE for identity and context, and ECT for format and validation.
### One-sentence positioning
**“SPIFFE gives the identifier; WIMSE gives the architecture for identity and security context; ECT gives the DAG evidence format. Our drafts specify how to use that format for orchestration, recovery, human oversight, trust, and cross-protocol interop, so the same stack works from relaxed to fully regulated.”**
---
## 3. How the Data Supports This
### From gap analysis
- **Critical**: Resource management (scheduling/quotas for DAG nodes), behavior verification (runtime proofs in regulated mode), error recovery/rollback (DAG-based undo).
- **High**: Cross-protocol translation (agnostic layer), human override (HITL), lifecycle (versioning/retirement of workflows), multi-agent consensus (coordination in DAG), cross-domain security and dynamic trust (regulated regime).
- **Medium**: Monitoring, explainability (HITL), provenance (regulated regime).
### From overlap
- **A2A protocols** (92 drafts, avg pairwise sim 0.76): Heavy duplication; a thin *ecosystem layer* on top of "any A2A" would reduce friction.
- **Agent discovery/reg** (57) and **identity/auth** (98): Discovery and identity are shared concerns; the ecosystem draft can reference ANS, ADL, OAuth RAR, etc., without mandating one.
- **Human-agent** (22) is underweight; HITL should be a first-class extension point in the ecosystem document.
### From ideas (sample)
- **DAG/context**: "Working Memory", "Execution Context Token", "Task-Oriented Multi-Agent Recovery Framework", "State Consistency Management", "Checkpoint".
- **HITL**: "CHEQ protocol", "Human Oversight Requirements", "Human-in-the-Loop", "Emergency Override".
- **Agnostic**: "Automated Protocol Adaptation", "Semantic Routing", "Protocol Adapter Layer", "Cross-Protocol Translation".
- **Dual regime**: "Cryptographic Proof-Based Autonomy", "Verifiable Agent Behavior Attestation", "Trust Scoring", "Behavioral Monitoring", "Data Provenance".
---
## 4. Proposed Draft Family
Five drafts that together define the holistic ecosystem. Each fills gaps and references existing work (see landscape) to avoid duplication.
---
### Draft A: **Agent Ecosystem Model (AEM) — Architecture and Terminology**
**Role**: Informational. Single source of concepts (DAG, HITL, assurance levels, protocol agnosticism) so other drafts and WGs share vocabulary.
**Gaps addressed**: Cross-cutting; reduces overlap by establishing a common model.
**Outline**:
1. **Introduction** — Need for a unified model across 260+ drafts; scope (orchestration, control, assurance); non-goals (no new wire protocol).
2. **Terminology** — Agent, task, workflow, DAG, node, checkpoint, HITL point, assurance level, ecosystem layer, protocol binding.
3. **Architectural Model** — Ecosystem layer above protocol bindings (A2A, MCP, etc.); DAG as the execution model; HITL as optional nodes; assurance as an orthogonal axis.
4. **Assurance Levels** — Level 0 (best-effort, no proofs), Level 1 (audit trail), Level 2 (attestation/verification), Level 3 (full provenance and compliance). Same DAG/HITL model at every level.
5. **Protocol Agnosticism** — How the ecosystem layer binds to existing protocols (reference ANS, ADL, MCP, STAMP, DAAP, etc.); extension points.
6. **Security Considerations** — Trust boundaries; what each assurance level guarantees.
7. **IANA Considerations** — None or registry for assurance level identifiers.
**Target**: Individual or NMOP; **Status**: Informational.
**Related drafts**: draft-rosenberg-aiproto-framework, draft-zyyhl-agent-networks-framework, draft-nennemann-wimse-ect, draft-aylward-daap-v2.
---
### Draft B: **Agent Task DAG (ATD) — Execution Model and Checkpoints**
**Role**: Define the *semantics* of the DAG execution model (when to emit which ECT types, execution order, checkpoints, rollback) **using ECT as the token and DAG format**. Does not define a second wire format; avoids overlap with [draft-nennemann-wimse-ect](https://datatracker.ietf.org/doc/draft-nennemann-wimse-ect/).
**Gaps addressed**: **Gap 1** (Resource Management — scheduling/quotas per node), **Gap 3** (Error Recovery and Rollback).
**Outline**:
1. **Introduction** — Why DAG (ordering, dependencies, safe rollback); relationship to AEM; dependency on ECT for token format and DAG structure.
2. **Terminology** — Node, edge, root, leaf, checkpoint, rollback set, blast radius (aligned with ECT and AERR).
3. **Execution Semantics** — Topological order; node states (pending, running, done, failed, rolled back); when agents MUST/SHOULD emit ECTs; checkpoint placement (per ECT or per subgraph, per AERR).
4. **Resource Hints and Quotas** — Optional resource claims (e.g. in ECT `ext` or workflow descriptor); integration with scheduling (K8s, etc.); fair allocation when agents compete (gap 1).
5. **Checkpoint and Rollback** — Reference AERR for checkpoint/error/rollback ECT types; rollback protocol: walk ECT DAG backwards; circuit-breaker to contain cascading failure.
6. **Optional: Declarative Workflow** — JSON/CBOR for *pre-run* workflow definition (nodes, dependencies, HITL slots, resource hints); at runtime this is realized as ECTs. Enables tooling and portability without replacing ECT.
7. **Security Considerations** — Integrity of ECT DAG and checkpoints; who may trigger rollback.
8. **IANA Considerations** — None if ECT registry is used for node/action types; or registry for workflow descriptor media type.
**Target**: NMOP or individual; **Status**: Standards-track or Experimental.
**Related drafts**: draft-nennemann-wimse-ect, draft-aerr-agent-error-recovery-rollback, draft-yue-anima-agent-recovery-networks, draft-li-dmsc-macp.
---
### Draft C: **Human-in-the-Loop (HITL) Primitives for Agent Ecosystems**
**Role**: Standardize HITL as first-class: approval gates, escalation, emergency override, and explainability hooks.
**Gaps addressed**: **Gap 7** (Human Override and Intervention), **Gap 11** (Agent Explainability).
**Outline**:
1. **Introduction** — Need for HITL in autonomous systems; design goals (minimal friction in relaxed mode, mandatory in regulated).
2. **Terminology** — HITL point, approval gate, escalation, override, explainability token.
3. **HITL Point Model** — Placement in DAG (before/after node, or as a node); types: approval required, notification only, override-only (emergency).
4. **Approval and Escalation** — Request/response format (reference OAuth, CHEQ); timeouts and escalation paths; revocation of approval.
5. **Emergency Override** — Signal to halt or rollback; scope (single node, subgraph, full DAG); authentication and audit (reference DAAP, STAMP).
6. **Explainability** — Optional explainability token (summary, evidence, link to verifiable conversation); required at higher assurance levels.
7. **Binding to AEM** — How HITL integrates with Draft A assurance levels; optional in Level 0, required in Level 2+ for critical paths.
8. **Security Considerations** — Who can approve/override; replay and revocation.
9. **IANA Considerations** — None or registry for HITL point types.
**Target**: NMOP or OPS; **Status**: Standards-track or Experimental.
**Related drafts**: draft-rosenberg-aiproto-cheq, draft-rosenberg-cheq, draft-cui-nmrg-llm-nm, draft-irtf-nmrg-llm-nm, draft-aap-oauth-profile, draft-birkholz-verifiable-agent-conversations.
---
### Draft D: **Agent Ecosystem Protocol Binding (AEPB) — Agnostic Interop Layer**
**Role**: Define how the ecosystem layer (AEM + ATD + HITL) binds to existing A2A and discovery protocols; translation/negotiation so different protocols interoperate.
**Gaps addressed**: **Gap 4** (Cross-Protocol Translation), **Gap 5** (Lifecycle — versioning/retirement).
**Outline**:
1. **Introduction** — Proliferation of 92 A2A protocols; need for a binding layer that preserves ecosystem semantics (DAG, HITL) over any protocol.
2. **Terminology** — Protocol binding, translation, negotiation, capability advertisement.
3. **Capability Advertisement** — How agents/gateways advertise support for AEM/ATD/HITL and assurance levels (reference ADL, ANS, DNS-SD).
4. **Binding Requirements** — What a protocol must provide: task invocation, dependency ordering, checkpoint/rollback signals, HITL callbacks. Mapping to MCP, A2A over HTTP, A2A over MOQT, etc.
5. **Translation and Negotiation** — When two agents speak different protocols: gateway or negotiation (e.g. common subset); minimal translation schema (intent, result, error).
6. **Lifecycle** — Versioning of DAG and agents; graceful shutdown and drain; retirement without breaking dependents (gap 5).
7. **Security Considerations** — Trust of translators; integrity across protocol boundaries.
8. **IANA Considerations** — Registry for protocol binding identifiers.
**Target**: NMOP or individual; **Status**: Experimental.
**Related drafts**: draft-agent-gw, draft-narajala-ans, draft-nederveld-adl, draft-ainp-protocol, draft-mallick-muacp, draft-a2a-moqt-transport.
---
### Draft E: **Assurance Profiles for Agent Ecosystems (APAE) — Dual Regime**
**Role**: Define how the same ecosystem runs in "relaxed" vs "regulated" mode: which proofs, attestations, and provenance are required.
**Gaps addressed**: **Gap 2** (Behavior Verification), **Gap 8** (Cross-Domain Security), **Gap 9** (Dynamic Trust), **Gap 12** (Data Provenance).
**Outline**:
1. **Introduction** — Same DAG/HITL model in dev (K8s) vs regulated (finance, healthcare); assurance profile = dial for proof level.
2. **Terminology** — Assurance profile, proof, attestation, provenance, trust boundary.
3. **Profiles****Relaxed**: best-effort, optional audit; **Standard**: audit trail + optional attestation; **Regulated**: attestation per critical node, provenance chain, behavior verification (reference STAMP, DAAP, verifiable conversations).
4. **Behavior Verification** — How runtime behavior is checked against declared policy (reference DAAP, RATS, EAT); evidence format.
5. **Cross-Domain and Trust** — Trust boundaries between domains; dynamic trust scoring (reference Cosmos, SEAT); revocation.
6. **Provenance** — Data lineage along the DAG; format for provenance records (reference verifiable conversation format); retention.
7. **Security Considerations** — What each profile guarantees and does not guarantee.
8. **IANA Considerations** — Registry for assurance profile identifiers.
**Target**: NMOP or LAKE/RATS; **Status**: Informational or Experimental.
**Related drafts**: draft-guy-bary-stamp-protocol, draft-aylward-daap-v2, draft-birkholz-verifiable-agent-conversations, draft-jiang-seat-dynamic-attestation, draft-cosmos-protocol-specification.
---
## 5. Dependency Graph of Drafts
```
[A: AEM - Architecture & Terminology]
|
+----+----+----+----+
| | | | |
v v v v v
[B: ATD] [C: HITL] [D: AEPB] [E: APAE]
DAG Human Binding Assurance
+ + + +
| | | |
+--------+---------+---------+
|
Implementations: same ecosystem in K8s (relaxed) or regulated (proofs)
```
- **A** is the foundation; B, C, D, E reference A and each other where needed.
- **B** (ATD) and **C** (HITL) are the core execution model; **D** (AEPB) makes it agnostic; **E** (APAE) makes it dual-regime.
---
## 6. How to Use This With Your Analyzer
- **Generate outlines via CLI**: Use `ietf draft-gen <topic>` with topics: "Agent Ecosystem Model", "Agent Task DAG", "Human-in-the-Loop primitives", "Agent Ecosystem Protocol Binding", "Assurance Profiles for Agent Ecosystems". Feed the gap context from this file or from `data/reports/gaps.md`.
- **Cross-reference**: When writing each draft, cite the related drafts listed above; the analyzers `ietf similar` and `ietf compare` can find more.
- **Ideas database**: Search `ideas` for mechanism/architecture/protocol types (e.g. "checkpoint", "override", "translation") to pull concrete mechanisms into sections.
---
## 7. Deeper Datatracker Analysis — What to Run
To keep refining these drafts from the data, use your analyzer as follows:
| Goal | Commands / data |
|------|------------------|
| **Find drafts that touch DAG/workflow** | `ietf search "task graph"`, `ietf search "workflow"`, `ietf search "checkpoint"`, `ietf search "rollback"`; then `ietf similar <name>` for each. |
| **Find HITL-related work** | `ietf search "human-in-the-loop"`, `ietf search "override"`, `ietf search "approval"`; check `data/reports/ideas.md` for "CHEQ", "human", "override". |
| **Cross-protocol / interop** | `ietf report overlap-matrix`; focus on A2A vs other categories; `ietf similar draft-agent-gw` (protocol adaptation). |
| **Assurance / proofs** | Search ideas for "attestation", "verifiable", "provenance", "trust"; list drafts in AI safety/alignment and identity/auth. |
| **Gap → draft outline** | For each gap in `gaps.md`, run `ietf draft-gen "<gap topic>"` (e.g. "Agent Error Recovery and Rollback") and merge with the outlines above. |
| **Cluster overlap** | `ietf clusters --threshold 0.85` to see near-duplicates; use one as canonical and reference others to reduce fragmentation. |
Refreshing the pipeline periodically (`ietf fetch`, `ietf analyze --all`, `ietf ideas --all`, `ietf gaps`) keeps gaps and ideas aligned with the latest datatracker activity.
---
## 8. One-Page Pitch (Elevator Version)
**Problem**: 260+ IETF drafts on AI agents; no single model for orchestration (DAG), human oversight (HITL), or for running the same system in both fast and regulated environments.
**Proposal**: Five coordinated drafts — (A) shared architecture and terminology, (B) DAG execution with checkpoints and rollback, (C) HITL primitives (approval, override, explainability), (D) protocol-agnostic binding so any A2A protocol can participate, (E) assurance profiles so the same stack works in K8s or in a proof-heavy regulated regime.
**Outcome**: One holistic agent ecosystem: DAG + HITL built in, agnostic and extensible, applicable everywhere from relaxed to fully proven.

78
data/reports/idea-overlap.md Normal file
View File

@@ -0,0 +1,78 @@
# Cross-Organization Idea Overlap
*Generated 2026-03-03 19:59 UTC — 1780 ideas from 361 drafts*
**628** ideas appear across 2+ organizations, out of 1467 unique idea clusters.
## Top Convergence Points
Ideas where the most organizations independently converge:
| # | Idea | Orgs | Drafts | Organizations |
|--:|------|-----:|-------:|---------------|
| 1 | Fully Adaptive Routing Ethernet (FARE) | 14 | 1 | Baidu, Biren Technology, Broadcom, Centec, China Mobile, Cloudnine Information Technologies, Enflame Technology, Huawei, Hygon, Metanet Networking Technology, Moore Threads, Resnics Technology, Ruijie Networks, Tencent |
| 2 | Scale-Up Network Adaptation | 14 | 1 | Baidu, Biren Technology, Broadcom, Centec, China Mobile, Cloudnine Information Technologies, Enflame Technology, Huawei, Hygon, Metanet Networking Technology, Moore Threads, Resnics Technology, Ruijie Networks, Tencent |
| 3 | MoE Expert Parallelization | 14 | 1 | Baidu, Biren Technology, Broadcom, Centec, China Mobile, Cloudnine Information Technologies, Enflame Technology, Huawei, Hygon, Metanet Networking Technology, Moore Threads, Resnics Technology, Ruijie Networks, Tencent |
| 4 | Tensor Parallelization Support | 14 | 1 | Baidu, Biren Technology, Broadcom, Centec, China Mobile, Cloudnine Information Technologies, Enflame Technology, Huawei, Hygon, Metanet Networking Technology, Moore Threads, Resnics Technology, Ruijie Networks, Tencent |
| 5 | Ultra-Low Latency Routing | 14 | 1 | Baidu, Biren Technology, Broadcom, Centec, China Mobile, Cloudnine Information Technologies, Enflame Technology, Huawei, Hygon, Metanet Networking Technology, Moore Threads, Resnics Technology, Ruijie Networks, Tencent |
| 6 | Ultra-High Throughput Fabric | 14 | 1 | Baidu, Biren Technology, Broadcom, Centec, China Mobile, Cloudnine Information Technologies, Enflame Technology, Huawei, Hygon, Metanet Networking Technology, Moore Threads, Resnics Technology, Ruijie Networks, Tencent |
| 7 | Adaptive Load Balancing | 14 | 1 | Baidu, Biren Technology, Broadcom, Centec, China Mobile, Cloudnine Information Technologies, Enflame Technology, Huawei, Hygon, Metanet Networking Technology, Moore Threads, Resnics Technology, Ruijie Networks, Tencent |
| 8 | Large Language Model Network Optimization | 14 | 1 | Baidu, Biren Technology, Broadcom, Centec, China Mobile, Cloudnine Information Technologies, Enflame Technology, Huawei, Hygon, Metanet Networking Technology, Moore Threads, Resnics Technology, Ruijie Networks, Tencent |
| 9 | Distributed AI Inference Architecture | 9 | 4 | China Mobile, DONG-EUI University, Daejeon University, ETRI, Huawei, National Institute of Information and Communications Technology, Pengcheng Laboratory, Tsinghua Shenzhen International Graduate School & Pengcheng Laboratory, Tsinghua University |
| 10 | ISAC-Enabled CATS Architecture | 9 | 3 | CAICT, China Mobile, China Unicom, Huawei, InterDigital, InterDigital Europe, Telefonica, Universidad Carlos III de Madrid, ZTE Corporation |
| 11 | Agent-to-Agent (A2A) Communication Paradigm | 8 | 5 | CAICT, China Mobile, Department of Computer Science & Engineering, Deutsche Telekom, Huawei, Intelligent Information R and D Division Mobility Platform Research Center, Orange, Telefonica |
| 12 | Heterogeneous Hardware AI Deployment | 8 | 3 | DONG-EUI University, Daejeon University, ETRI, Huawei, National Institute of Information and Communications Technology, Pengcheng Laboratory, Tsinghua Shenzhen International Graduate School & Pengcheng Laboratory, Tsinghua University |
| 13 | Network Digital Twin Support | 8 | 3 | China Mobile, China Unicom, DONG-EUI University, Daejeon University, ETRI, Huawei, National Institute of Information and Communications Technology, Telefonica |
| 14 | Resource-Constrained Device Optimization | 8 | 2 | Beihang University, DONG-EUI University, Daejeon University, ETRI, Huawei, National Institute of Information and Communications Technology, Xidian University, ZTE Corporation |
| 15 | Multi-Agent Communication Protocol | 7 | 8 | AsiaInfo, BUPT, China Mobile, China Telecom, China Unicom, Huawei, Zhongguancun Laboratory |
| 16 | AI Agent Communication Network (ACN) | 7 | 5 | ANP Open Source Community, China Mobile, China Telecom, China Unicom, Cisco, Five9, Huawei |
| 17 | Autonomous Network Agent Standardization Requirements | 7 | 2 | China Telecom, DONG-EUI University, Daejeon University, Everything OPS, Huawei, Swisscom, Telefonica |
| 18 | LISP-H3 Integration | 7 | 2 | Ariga.io, Cisco, ISI, R.C. ATHENA, Nexar Inc., Oterra.ai, Universitat Politecnica de Catalunya, lispers.net |
| 19 | H3-based EID Addressing | 7 | 2 | Ariga.io, CAW, Cisco, Nexar Inc., Oterra.ai, Universitat Politecnica de Catalunya, lispers.net |
| 20 | Natural Language Interchange Protocol (NLIP) | 7 | 1 | Fordham University, IBM, Marist University, Purdue University, Service Now, University of Illinois at Urbana-Champaign, eBay Inc. |
| 21 | AI-Mediated API Translation | 7 | 1 | Fordham University, IBM, Marist University, Purdue University, Service Now, University of Illinois at Urbana-Champaign, eBay Inc. |
| 22 | Uniform Agent Communication Interface | 7 | 1 | Fordham University, IBM, Marist University, Purdue University, Service Now, University of Illinois at Urbana-Champaign, eBay Inc. |
| 23 | Generative AI Communication Layer | 7 | 1 | Fordham University, IBM, Marist University, Purdue University, Service Now, University of Illinois at Urbana-Champaign, eBay Inc. |
| 24 | Natural Language Agent Registration | 7 | 1 | Fordham University, IBM, Marist University, Purdue University, Service Now, University of Illinois at Urbana-Champaign, eBay Inc. |
| 25 | Agentic Network Architecture | 6 | 7 | CNIC, CAS, China Mobile, China Unicom, Huawei, ICT, CAS, UnionPay |
| 26 | ELA Protocol | 6 | 6 | Bitwave, Cisco, Ericsson, Five9, Inria, Sandelman Software Works |
| 27 | AI Gateway | 6 | 4 | AsiaInfo, BUPT, China Telecom, Huawei, UnionPay, Zhongguancun Laboratory |
| 28 | ISAC-CATS Integration Pattern | 6 | 3 | Bitwave, China Mobile, Cisco, Five9, InterDigital Europe, Universidad Carlos III de Madrid |
| 29 | Agent Communication across WAN | 6 | 3 | China Mobile, China Unicom, Deutsche Telekom, Huawei, Orange, Telefonica |
| 30 | DH-KA MAC Key Derivation | 6 | 2 | Bundesdruckerei GmbH, Ericsson, IDsec Solutions, The Agency for Digital Government, University of Murcia, University of Oviedo |
## Most Overlapping Organization Pairs
| Org A | Org B | Shared Ideas | Examples |
|-------|-------|-------------:|----------|
| China Mobile | Huawei | 47 | Fully Adaptive Routing Ethernet (FARE); Scale-Up Network Adaptation; MoE Expert Parallelization +44 |
| China Unicom | Huawei | 38 | ISAC-Enabled CATS Architecture; Network Digital Twin Support; Multi-Agent Communication Protocol +35 |
| China Mobile | ZTE Corporation | 36 | ISAC-Enabled CATS Architecture; Cross-Domain Agent Coordination; Autonomic Network Device Operation +33 |
| Huawei | Telefonica | 35 | ISAC-Enabled CATS Architecture; Agent-to-Agent (A2A) Communication Paradigm; Network Digital Twin Support +32 |
| China Unicom | ZTE Corporation | 28 | ISAC-Enabled CATS Architecture; Cross-Domain Agent Coordination; Autonomic Network Device Operation +25 |
| Pengcheng Laboratory | Tsinghua Shenzhen International Graduate School & Pengcheng Laboratory | 27 | Distributed AI Inference Architecture; Heterogeneous Hardware AI Deployment; Intelligence Delivery Network (IDN) +24 |
| China Mobile | China Unicom | 27 | ISAC-Enabled CATS Architecture; Network Digital Twin Support; Multi-Agent Communication Protocol +24 |
| Cisco | Huawei | 27 | AI Agent Communication Network (ACN); Agent Registration and Renewal Protocol; Network Management Agent (NMA) +24 |
| China Telecom | Huawei | 26 | Multi-Agent Communication Protocol; AI Agent Communication Network (ACN); Autonomous Network Agent Standardization Requirements +23 |
| Cisco | Google | 26 | LISP-Based Unified Control Plane; EID-to-RLOC Mapping for AI Networks; Publication-Subscription for AI Data Flow +23 |
| Cisco | Five9 | 25 | AI Agent Communication Network (ACN); ELA Protocol; ISAC-CATS Integration Pattern +22 |
| InterDigital | InterDigital Europe | 21 | ISAC-Enabled CATS Architecture; ISAC Network Optimization; Low-Latency Sensing-Communication Requirements +18 |
| Ericsson | Inria | 21 | ELA Protocol; Zero-touch IoT onboarding; COSE-based EAP Authentication +18 |
| China Telecom | China Unicom | 20 | Multi-Agent Communication Protocol; AI Agent Communication Network (ACN); I2NSF-5G Integration Architecture +17 |
| Tsinghua University | Zhongguancun Laboratory | 20 | Capability-based Discovery; Unified RESTful Invocation Interface; Intent-Based Agent Selection Extension +17 |
| InterDigital Europe | Universidad Carlos III de Madrid | 19 | ISAC-Enabled CATS Architecture; ISAC-CATS Integration Pattern; ISAC Network Optimization +16 |
| Pengcheng Laboratory | Tsinghua University | 18 | Distributed AI Inference Architecture; Heterogeneous Hardware AI Deployment; Intelligence Delivery Network (IDN) +15 |
| Tsinghua Shenzhen International Graduate School & Pengcheng Laboratory | Tsinghua University | 18 | Distributed AI Inference Architecture; Heterogeneous Hardware AI Deployment; Intelligence Delivery Network (IDN) +15 |
| CAICT | China Mobile | 18 | ISAC-Enabled CATS Architecture; Agent-to-Agent (A2A) Communication Paradigm; Autonomic Network Device Operation +15 |
| CAICT | ZTE Corporation | 17 | ISAC-Enabled CATS Architecture; Autonomic Network Device Operation; Multi-Data Center Big Data Processing +14 |
## Cross-Org Ideas by Type
- **mechanism**: 310
- **architecture**: 142
- **pattern**: 136
- **protocol**: 120
- **requirement**: 93
- **extension**: 68
- **framework**: 5
- **profile**: 2
- **registry**: 1

132
data/reports/ideas.md Normal file
View File

@@ -0,0 +1,132 @@
# Technical Ideas Extracted from IETF AI/Agent Drafts
*Generated 2026-03-03 19:58 UTC — 1780 ideas from 361 drafts*
## Most Common Ideas (appearing in 3+ drafts)
| Idea | Appearances | Drafts |
|------|------------:|--------|
| Multi-Agent Communication Protocol | 8 | draft-fu-nmop-agent-communication-framework, draft-li-dmsc-macp, draft-liu-access-collaboration-agent, draft-yl-agent-id-requirements, draft-zhang-dmsc-mas-communication +3 more |
| Agentic Network Architecture | 7 | draft-chuyi-nmrg-agentic-network-inference, draft-chuyi-nmrg-ai-agent-network, draft-du-catalist-routing-considerations, draft-men-rtgwg-agent-networking-digibank-scenario, draft-men-rtgwg-agent-networking-in-digibank +2 more |
| Cross-Domain Agent Coordination | 6 | draft-chuyi-nmrg-agentic-network-inference, draft-du-catalist-routing-considerations, draft-han-rtgwg-agent-gateway-intercomm-framework, draft-intellinode-ai-semantic-contract, draft-ni-a2a-ai-agent-security-requirements +1 more |
| ELA Protocol | 6 | draft-ietf-lake-authz, draft-mpsb-agntcy-slim, draft-rosenberg-aiproto, draft-rosenberg-aiproto-cheq, draft-rosenberg-aiproto-nact +1 more |
| Agent-to-Agent (A2A) Communication Paradigm | 5 | draft-an-nmrg-i2icf-cits, draft-du-ai-agent-communication-6g-aspect, draft-liu-rtgwg-agent-gateway-requirements, draft-stephan-ai-agent-6g, draft-zeng-opsawg-applicability-mcp-a2a |
| Action-Based Authorization | 5 | draft-aylward-aiga-1, draft-aylward-aiga-2, draft-chen-agent-decoupled-authorization-model, draft-jiang-seat-dynamic-attestation, draft-williams-netmod-lm-hierarchy-topology |
| AI Agent Communication Network (ACN) | 5 | draft-du-ai-agent-communication-6g-aspect, draft-han-ai-agent-impact-infra, draft-jiang-cats-reference-acn, draft-rosenberg-aiproto-framework, draft-zyyhl-agent-networks-framework |
| Agent Registration Process | 5 | draft-zheng-agent-identity-management, draft-zheng-dispatch-agent-identity-management, draft-zl-agents-networking-architecture, draft-zl-agents-networking-framework, draft-zlgsgl-rtgwg-agents-networking-framework |
| AI Gateway | 4 | draft-fu-nmop-agent-communication-framework, draft-li-dmsc-macp, draft-men-rtgwg-agent-networking-digibank-scenario, draft-men-rtgwg-agent-networking-in-digibank |
| Distributed AI Inference Architecture | 4 | draft-hong-nmrg-ai-deploy, draft-irtf-nmrg-ai-deploy, draft-li-individual-inip, draft-song-rtgwg-din-usecases-requirements |
| MCP Session Establishment over MOQT | 4 | draft-jennings-ai-mcp-over-moq, draft-jennings-mcp-over-moqt, draft-mcp-over-moqt, draft-nandakumar-a2a-moqt-transport |
| Agent-Based Network Management | 4 | draft-pang-agents-networking-scenarios, draft-wmz-nmrg-agent-ndt-arch, draft-zeng-nmrg-mcp-usecases-requirements, draft-zhang-agent-gap-network |
| 3GPP AI/ML Agent Requirements Framework | 4 | draft-sarischo-6gip-aiagent-requirements, draft-tong-network-agent-use-cases-in-6g, draft-yu-ai-agent-use-cases-in-6g, draft-yu-dmsc-ai-agent-use-cases-in-6g |
| Multi-Agent Interaction Model | 4 | draft-vandoulas-aidp, draft-wang-nmrg-magent-im, draft-zhao-nmrg-ai-agent-for-dtn, draft-zl-agents-networking-architecture |
| Network Equipment as MCP Servers | 4 | draft-zeng-mcp-network-mgmt, draft-zw-nmrg-mcp-network-mgmt, draft-zw-opsawg-mcp-network-mgmt, draft-zw-rtgwg-mcp-network-mgmt |
| Cross-Domain Agent Identity Management | 3 | draft-abbey-scim-agent-extension, draft-scim-agent-extension, draft-wahl-scim-agent-schema |
| Capability-based Discovery | 3 | draft-ainp-protocol, draft-cui-ai-agent-discovery-invocation, draft-mozleywilliams-dnsop-bandaid |
| PQ/T Hybrid Key Exchange for EAP-AKA' | 3 | draft-ar-emu-hybrid-pqc-eapaka, draft-ietf-emu-hybrid-pqc-eapaka, draft-ietf-sshm-mlkem-hybrid-kex |
| Quantum-Safe Session Key Generation | 3 | draft-ar-emu-hybrid-pqc-eapaka, draft-ietf-emu-pqc-eapaka, draft-ra-emu-pqc-eapaka |
| Cryptographic Identity Verification | 3 | draft-aylward-daap-v2, draft-liu-agent-operation-authorization, draft-schulze-ecap |
| ISAC-CATS Integration Pattern | 3 | draft-bernardos-cats-isac-uc, draft-mp-agntcy-ads, draft-rosenberg-aiproto-a2t |
| ISAC-Enabled CATS Architecture | 3 | draft-bernardos-cats-isac-uc, draft-zhao-ccamp-actn-optical-network-agent, draft-zhao-detnet-enhanced-use-cases |
| ISAC Network Optimization | 3 | draft-bernardos-nmrg-agentic-network-optimization, draft-li-dmsc-inf-architecture, draft-xsaopig-nmop-service-flow-modal-mapping |
| ASN-Agent Authentication | 3 | draft-blahaj-grow-rpki-oauth, draft-liu-dmsc-acps-arc, draft-yao-agent-auth-considerations |
| Time to First Token (TTFT) Measurement | 3 | draft-calabria-bmwg-ai-fabric-inference-bench, draft-gaikwad-llm-benchmarking-methodology, draft-gaikwad-llm-benchmarking-terminology |
| EDHOC-AKA Authentication Method | 3 | draft-chen-lake-edhoc-aka, draft-ietf-emu-eap-edhoc, draft-pocero-authkem-ikr-edhoc |
| Global AI Agent Communication Framework | 3 | draft-du-ai-agent-communication-6g-aspect, draft-mao-rtgwg-agent-comm-protocol-gap-analysis, draft-mzsg-rtgwg-agent-cross-device-comm-framework |
| Agent-to-Agent Routing Protocol | 3 | draft-du-catalist-routing-considerations, draft-mozley-aidiscovery, draft-xie-ai-agent-multimodal |
| ACaaS for Dynamic Edge AI Placement | 3 | draft-dunbar-neotec-ac-te-applicability, draft-dunbar-onions-ac-te-applicability, draft-dunbar-onsen-ac-te-applicability |
| TE Topology Model for Edge Network Performance | 3 | draft-dunbar-neotec-ac-te-applicability, draft-dunbar-onions-ac-te-applicability, draft-dunbar-onsen-ac-te-applicability |
| Service Objective Mapping to YANG Models | 3 | draft-dunbar-neotec-ac-te-applicability, draft-dunbar-onions-ac-te-applicability, draft-dunbar-onsen-ac-te-applicability |
| Real-Time AI Inference Network Requirements | 3 | draft-dunbar-neotec-ac-te-applicability, draft-dunbar-onions-ac-te-applicability, draft-dunbar-onsen-ac-te-applicability |
| AC and TE YANG Model Gap Identification | 3 | draft-dunbar-neotec-ac-te-applicability, draft-dunbar-onions-ac-te-applicability, draft-dunbar-onsen-ac-te-applicability |
| Agent Communication across WAN | 3 | draft-han-ai-agent-impact-infra, draft-liu-dmsc-gw-requirements, draft-stephan-ai-agent-6g |
| Heterogeneous Hardware AI Deployment | 3 | draft-hong-nmrg-ai-deploy, draft-irtf-nmrg-ai-deploy, draft-li-cats-idn |
| Network Digital Twin Support | 3 | draft-hong-nmrg-ai-deploy, draft-irtf-nmrg-ai-deploy, draft-wmz-nmrg-agent-ndt-arch |
| MCP Capability Advertisement Headers | 3 | draft-howe-sipcore-mcp-extension, draft-kompella-lsr-mptecap, draft-sz-dmsc-iaip |
| AI Usage Preferences Vocabulary | 3 | draft-ietf-aipref-vocab, draft-madhavan-aipref-displaybasedpref, draft-vaughan-aipref-vocab |
| PSK Authentication Method for EDHOC | 3 | draft-ietf-lake-edhoc-psk, draft-lake-pocero-authkem-edhoc, draft-lake-pocero-authkem-ikr-edhoc |
| MCP Message Mapping to MOQT Objects | 3 | draft-jennings-ai-mcp-over-moq, draft-mcp-over-moqt, draft-nandakumar-a2a-moqt-transport |
| Signature-Free PQC Authentication | 3 | draft-lake-pocero-authkem-edhoc, draft-pocero-authkem-edhoc, draft-spm-lake-pqsuites |
| Agent Context Protocol | 3 | draft-liu-agent-context-protocol, draft-oauth-transaction-tokens-for-agents, draft-srijal-agents-policy |
| Multi-Agent Context Architecture | 3 | draft-liu-agent-context-protocol, draft-wolfe-faf-format, draft-yl-agent-id-requirements |
| Delegated Agent Discovery | 3 | draft-liu-dmsc-gw-requirements, draft-liu-rtgwg-agent-gateway-requirements, draft-meunier-webbotauth-registry |
| Agent Registration and Renewal Protocol | 3 | draft-narajala-ans, draft-ni-a2a-ai-agent-security-requirements, draft-pioli-agent-discovery |
| Fixed Network Agent Communication | 3 | draft-pang-agents-networking-scenarios, draft-yang-nmrg-mcp-nm, draft-zhang-agent-gap-network |
| Tool Enumeration API | 3 | draft-rosenberg-aiproto, draft-rosenberg-aiproto-a2t, draft-rosenberg-aiproto-nact |
| Agntcy Framework | 3 | draft-rosenberg-aiproto-framework, draft-zl-agents-networking-framework, draft-zlgsgl-rtgwg-agents-networking-framework |
| On-Device AI Agent Architecture | 3 | draft-sarischo-6gip-aiagent-requirements, draft-stephan-ai-agent-6g, draft-zhang-rtgwg-ai-agents-troubleshooting |
| Flow-Based Secure Multilink Path Selection | 3 | draft-templin-6man-aero3, draft-templin-intarea-aero, draft-templin-intarea-aero2 |
| Agent Certificate Authority | 3 | draft-zl-agents-networking-architecture, draft-zl-agents-networking-framework, draft-zlgsgl-rtgwg-agents-networking-framework |
## Ideas Appearing in 2 Drafts (157 ideas)
- **Agent Authorization Profile (AAP)** — draft-aap-oauth-profile, draft-rosenberg-oauth-aauth
- **AI Content Degree Classification** — draft-abaris-aicdh, draft-chen-nmrg-semantic-inference-routing
- **Agent Resource Type** — draft-abbey-scim-agent-extension, draft-scim-agent-extension
- **Agentic Application Resource Type** — draft-abbey-scim-agent-extension, draft-scim-agent-extension
- **AI Workload Characterization** — draft-aft-ai-traffic, draft-ai-traffic
- **Inter-DC AI Traffic Problem Statement** — draft-aft-ai-traffic, draft-ai-traffic
- **Federated AI Service Architecture** — draft-aft-ai-traffic, draft-ai-traffic
- **Private Data Training Network Requirements** — draft-aft-ai-traffic, draft-ai-traffic
- **Semantic Routing** — draft-agent-gw, draft-ainp-protocol
- **Agent Communication Gateway (Agent-GW)** — draft-agent-gw, draft-yao-agent-auth-considerations
- **I2NSF-5G Integration Framework** — draft-ahn-nmrg-5g-security-i2nsf-framework, draft-liu-dmsc-acps-arc
- **Closed-Loop Security Analytics** — draft-ahn-nmrg-5g-security-i2nsf-framework, draft-ahn-opsawg-5g-security-i2nsf-framework
- **I2NSF-5G Integration Architecture** — draft-ahn-opsawg-5g-security-i2nsf-framework, draft-hw-ai-agent-6g
- **ICF Orchestration Framework** — draft-an-nmrg-i2icf-cits, draft-chuyi-nmrg-agentic-network-inference
- **Multi-Domain ICF Coordination** — draft-an-nmrg-i2icf-cits, draft-du-ai-agent-communication-6g-aspect
- **Hybrid Ephemeral Public Key Protection** — draft-ar-emu-hybrid-pqc-eapaka, draft-ietf-emu-hybrid-pqc-eapaka
- **EAP-AKA' FS Protocol Enhancement** — draft-ar-emu-hybrid-pqc-eapaka, draft-ra-emu-pqc-eapaka
- **Immutable Kernel Architecture** — draft-aylward-aiga-1, draft-aylward-aiga-2
- **Tiered Risk-Based Governance** — draft-aylward-aiga-1, draft-aylward-aiga-2
- **Federated Authority Network** — draft-aylward-aiga-1, draft-aylward-aiga-2
- **Network-Level Quarantine Protocol** — draft-aylward-aiga-1, draft-aylward-aiga-2
- **Multi-Vendor TEE Attestation (M-TACE)** — draft-aylward-aiga-1, draft-aylward-aiga-2
- **Multi-layered Security Architecture** — draft-aylward-daap-v2, draft-narvaneni-agent-uri
- **RATS-based Agent Attestation** — draft-barney-caam, draft-huang-acme-scalable-agent-enrollment
- **Public Key Derived HMAC** — draft-bastian-jose-dvs, draft-bastian-jose-pkdh
- **DH-KA MAC Key Derivation** — draft-bastian-jose-pkdh, draft-ietf-emu-eap-edhoc
- **Low-Latency Sensing-Communication Requirements** — draft-bernardos-cats-isac-uc, draft-bernardos-green-isac-uc
- **Environment Perception Integration** — draft-bernardos-green-isac-uc, draft-bernardos-nmrg-agentic-network-optimization
- **Scalable Intent Model Architecture** — draft-cgfabk-nmrg-ibn-generative-ai, draft-huang-acme-scalable-agent-enrollment
- **Decoupled Authorization Architecture** — draft-chen-agent-decoupled-authorization-model, draft-song-oauth-ai-agent-collaborate-authz
## Unique Ideas (1259 ideas appearing in only 1 draft)
- **A2A Protocol Transport over MOQT** (draft-a2a-moqt-transport) — Defines how Agent-to-Agent protocol messages are carried over Media over QUIC Transport using its pu
- **QUIC-based Publish/Subscribe for AI Agents** (draft-a2a-moqt-transport) — Uses MOQT's publish/subscribe messaging pattern to support AI agent discovery, negotiation, and coll
- **Streaming Capabilities Integration** (draft-a2a-moqt-transport) — Leverages MOQT's built-in streaming mechanisms to handle continuous data flows between AI agents. Su
- **Built-in Prioritization for Agent Communication** (draft-a2a-moqt-transport) — Utilizes MOQT's prioritization mechanisms to manage different types of agent messages and data strea
- **Structured Claims for Agent Context** (draft-aap-oauth-profile) — Standardized JWT claims that capture agent identity, task context, and operational constraints in ma
- **Agent Delegation Chain Validation** (draft-aap-oauth-profile) — Validation rules for tracking and verifying delegation chains when AI agents act on behalf of humans
- **Human Oversight Requirements** (draft-aap-oauth-profile) — Structured claims and validation patterns that specify when human oversight is required for agent ac
- **Context-Aware M2M Authorization** (draft-aap-oauth-profile) — Application of OAuth 2.0 Token Exchange and proof-of-possession mechanisms specifically for agent-to
- **AI-Disclosure HTTP Header** (draft-abaris-aicdh) — A machine-readable HTTP response header field that discloses the presence and degree of AI-generated
- **Layered Disclosure Strategy** (draft-abaris-aicdh) — A mechanism that supports multiple disclosure formats simultaneously, combining machine-readable hea
- **HTTP Structured Field Compatibility** (draft-abaris-aicdh) — Implementation uses standardized HTTP structured field syntax to ensure interoperability with existi
- **Multi-Consumer Metadata Architecture** (draft-abaris-aicdh) — Designed to serve metadata needs of user agents, bots, and archiving systems simultaneously. Provide
- **User Schema Extensions for Agent Relationships** (draft-abbey-scim-agent-extension) — Extensions to the core SCIM User schema to represent relationships between human users and their ass
- **Group Schema Extensions for Agentic Constructs** (draft-abbey-scim-agent-extension) — Extensions to the core SCIM Group schema to support grouping of mixed human and agent identities. Al
- **Working Memory** (draft-agent-gw) — A structured context management system that maintains state and intermediate results across multi-st
- **Automated Protocol Adaptation** (draft-agent-gw) — A mechanism that automatically translates between different agent communication protocols and legacy
- **Oracle-free Agent Evaluation** (draft-agent-gw) — An evaluation mechanism that assesses agent performance and capabilities without relying on external
- **Collaborative Inference Acceleration (KDN)** (draft-agent-gw) — A knowledge distribution network that accelerates inference by sharing computational resources and i
- **SmartPDU YANG Data Model** (draft-ahc-green-smartpdu-yang) — Define a standardized YANG schema for configuration, monitoring, and control of Smart Power Distribu
- **SmartPDU Telemetry Framework** (draft-ahc-green-smartpdu-yang) — Establish a YANG-based telemetry collection mechanism for detailed energy consumption monitoring acr
*...and 1239 more unique ideas*
## Ideas by Type
- **mechanism**: 663
- **architecture**: 280
- **pattern**: 251
- **protocol**: 228
- **requirement**: 171
- **extension**: 168
- **framework**: 9
- **profile**: 3
- **algorithm**: 2
- **vocabulary**: 2
- **principle**: 1
- **registry**: 1
- **schema**: 1

278
data/reports/landscape.md
View File

@@ -1,13 +1,16 @@
# IETF AI/Agent Draft Landscape
*Generated 2026-02-27 23:29 UTC*
*Generated 2026-03-03 19:58 UTC*
## A2A protocols (77 drafts)
## A2A protocols (85 drafts)
- **[draft-guy-bary-stamp-protocol](https://datatracker.ietf.org/doc/draft-guy-bary-stamp-protocol/)** (score: 4.6) — Defines STAMP protocol for cryptographic delegation and proof in AI agent systems. Provides task-bou
- **[draft-williams-netmod-lm-hierarchy-topology](https://datatracker.ietf.org/doc/draft-williams-netmod-lm-hierarchy-topology/)** (score: 4.6) — Defines YANG data model for hierarchical language model coordination across tiny, small, and large L
- **[draft-chang-agent-token-efficient](https://datatracker.ietf.org/doc/draft-chang-agent-token-efficient/)** (score: 4.5) — Defines ADOL (Agentic Data Optimization Layer) to address token bloat in agent communication protoco
- **[draft-chen-oauth-rar-agent-extensions](https://datatracker.ietf.org/doc/draft-chen-oauth-rar-agent-extensions/)** (score: 4.2) — Extends OAuth RAR with policy_context and lifecycle_binding members for AI agent environments. Enabl
- **[draft-mallick-muacp](https://datatracker.ietf.org/doc/draft-mallick-muacp/)** (score: 4.2) — Resource-efficient messaging protocol specifically designed for constrained IoT/Edge devices with de
- **[draft-li-spring-rdma-multicast-over-srv6](https://datatracker.ietf.org/doc/draft-li-spring-rdma-multicast-over-srv6/)** (score: 4.2) — Specifies SRv6 extensions for RDMA multicast delivery with new End.MT behavior and ACK/NACK aggregat
- **[draft-song-tsvwg-camp](https://datatracker.ietf.org/doc/draft-song-tsvwg-camp/)** (score: 4.2) — Proposes CAMP, a multipath transport protocol for interactive multimodal LLM systems that maintains
- **[draft-narajala-ans](https://datatracker.ietf.org/doc/draft-narajala-ans/)** (score: 4.2) — Introduces Agent Name Service (ANS) as a DNS-based universal directory for AI agent discovery and ve
- **[draft-oauth-transaction-tokens-for-agents](https://datatracker.ietf.org/doc/draft-oauth-transaction-tokens-for-agents/)** (score: 4.2) — Extends OAuth Transaction Tokens framework to support agent context propagation with actor and princ
- **[draft-zhang-dmsc-mas-communication](https://datatracker.ietf.org/doc/draft-zhang-dmsc-mas-communication/)** (score: 4.2) — Analyzes security risks in multi-agent communication and limitations of existing protocols like TLS
@@ -15,9 +18,13 @@
- **[draft-yue-anima-agent-recovery-networks](https://datatracker.ietf.org/doc/draft-yue-anima-agent-recovery-networks/)** (score: 4.1) — Defines task-oriented multi-agent framework for fault recovery in converged mobile networks. Targets
- **[draft-nederveld-adl](https://datatracker.ietf.org/doc/draft-nederveld-adl/)** (score: 4.1) — Defines ADL, a JSON-based standard for describing AI agents including their capabilities, tools, per
- **[draft-mw-spice-actor-chain](https://datatracker.ietf.org/doc/draft-mw-spice-actor-chain/)** (score: 4.1) — Extends OAuth 2.0 Token Exchange with cryptographically verifiable actor chains to provide tamper-ev
- **[draft-jadoon-nmrg-agentic-ai-autonomous-networks](https://datatracker.ietf.org/doc/draft-jadoon-nmrg-agentic-ai-autonomous-networks/)** (score: 4.1) — Introduces architectural principles for integrating AI agents into IP protocol stack layers while pr
- **[draft-ietf-lisp-nexagon](https://datatracker.ietf.org/doc/draft-ietf-lisp-nexagon/)** (score: 4.0) — Combines LISP with H3 spatial indexing to create geospatial intelligence network for physical-world
- **[draft-barney-caam](https://datatracker.ietf.org/doc/draft-barney-caam/)** (score: 4.0) — Specifies Contextual Agent Authorization Mesh for runtime authorization of agents after discovery, p
- **[draft-nennemann-wimse-ect](https://datatracker.ietf.org/doc/draft-nennemann-wimse-ect/)** (score: 4.0) — Defines Execution Context Tokens as JWT extension to WIMSE for tracking task execution in distribute
- **[draft-jennings-ai-mcp-over-moq](https://datatracker.ietf.org/doc/draft-jennings-ai-mcp-over-moq/)** (score: 4.0) — Defines how to transport Model Context Protocol (MCP) messages over Media over QUIC Transport (MOQT)
- **[draft-han-anima-ai-asa](https://datatracker.ietf.org/doc/draft-han-anima-ai-asa/)** (score: 4.0) — Analyzes the impact of enhancing ANIMA's Autonomic Service Agents with AI/LLM capabilities, focusing
- **[draft-liao-aipref-autoctl-core](https://datatracker.ietf.org/doc/draft-liao-aipref-autoctl-core/)** (score: 4.0) — Defines core machine-readable protocol for server-side automation permissions targeting AI-driven we
- **[draft-ainp-protocol](https://datatracker.ietf.org/doc/draft-ainp-protocol/)** (score: 3.9) — Defines semantic communication protocol for AI agents using intent-based routing and negotiation. Re
- **[draft-agent-gw](https://datatracker.ietf.org/doc/draft-agent-gw/)** (score: 3.9) — Proposes an Intelligent Agent Communication Gateway for large-scale multi-agent collaboration. Featu
- **[draft-mp-agntcy-ads](https://datatracker.ietf.org/doc/draft-mp-agntcy-ads/)** (score: 3.9) — Describes Agent Directory Service for storing and discovering AI agent metadata based on skills. Fea
@@ -29,12 +36,17 @@
- **[draft-ravikiran-clawdentity-protocol](https://datatracker.ietf.org/doc/draft-ravikiran-clawdentity-protocol/)** (score: 3.9) — Specifies Clawdentity protocol for cryptographic identity and trust in AI agent communication. Provi
- **[draft-jurkovikj-httpapi-agentic-state](https://datatracker.ietf.org/doc/draft-jurkovikj-httpapi-agentic-state/)** (score: 3.9) — Defines Agentic State Transfer (AST) HTTP profile for managing canonical resource state across multi
- **[draft-tejido-swp-core](https://datatracker.ietf.org/doc/draft-tejido-swp-core/)** (score: 3.9) — Specifies SlimWire Protocol Core, a binary framing layer for agent/tool messaging with profile-based
- **[draft-templin-intarea-aero2](https://datatracker.ietf.org/doc/draft-templin-intarea-aero2/)** (score: 3.9) — Specifies AERO service for IP internetworking over overlay multilink networks using IPv6 ND for cont
- **[draft-ramadan-mboned-sonar](https://datatracker.ietf.org/doc/draft-ramadan-mboned-sonar/)** (score: 3.8) — Specifies a protocol for verifiable multicast delivery using cryptoeconomic accountability and stati
- **[draft-luan-rtgwg-sdaf](https://datatracker.ietf.org/doc/draft-luan-rtgwg-sdaf/)** (score: 3.8) — Proposes symmetry-driven forwarding mechanism for LEO satellite networks to avoid routing loops and
- **[draft-zhao-nmop-network-management-agent](https://datatracker.ietf.org/doc/draft-zhao-nmop-network-management-agent/)** (score: 3.8) — Defines AI-driven Network Management Agent concept for Level 4 autonomous networks. Specifies integr
- **[draft-eckert-anima-acp-free-ani](https://datatracker.ietf.org/doc/draft-eckert-anima-acp-free-ani/)** (score: 3.8) — Describes lightweight variation of Autonomic Networking Infrastructure without expensive ACP impleme
- **[draft-li-individual-inip](https://datatracker.ietf.org/doc/draft-li-individual-inip/)** (score: 3.8) — Specifies a protocol for performing lightweight ML inference directly in network devices like switch
- **[draft-ietf-aipref-attach](https://datatracker.ietf.org/doc/draft-ietf-aipref-attach/)** (score: 3.8) — Specifies how AI usage preferences can be signaled during HTTP content acquisition. Updates RFC 9309
- **[draft-rosenberg-aiproto-framework](https://datatracker.ietf.org/doc/draft-rosenberg-aiproto-framework/)** (score: 3.7) — Provides framework and requirements for AI agent protocols on the Internet. Surveys existing approac
- **[draft-an-nmrg-i2icf-cits](https://datatracker.ietf.org/doc/draft-an-nmrg-i2icf-cits/)** (score: 3.7) — Defines framework for orchestrating In-Network Computing Functions in Cooperative Intelligent Transp
- **[draft-melnikov-sasl2](https://datatracker.ietf.org/doc/draft-melnikov-sasl2/)** (score: 3.7) — Updates SASL framework to support modern authentication requirements including multi-factor authenti
- **[draft-howe-sipcore-mcp-extension](https://datatracker.ietf.org/doc/draft-howe-sipcore-mcp-extension/)** (score: 3.7) — Defines SIP extension to carry Model Context Protocol with new option-tags, headers, and media types
- **[draft-sogomonian-aiip-architecture](https://datatracker.ietf.org/doc/draft-sogomonian-aiip-architecture/)** (score: 3.7) — Defines architectural model for Artificial Intelligence Internet Protocol (AIIP) enabling stateless,
- **[draft-rosenberg-aiproto](https://datatracker.ietf.org/doc/draft-rosenberg-aiproto/)** (score: 3.7) — Defines N-ACT protocol for AI agents to discover and invoke third-party tools and APIs. Focuses on e
- **[draft-rosenberg-aiproto-nact](https://datatracker.ietf.org/doc/draft-rosenberg-aiproto-nact/)** (score: 3.7) — Defines N-ACT protocol for AI agents to discover and invoke third-party tools and APIs. Focuses on e
@@ -49,8 +61,10 @@
- **[draft-mozleywilliams-dnsop-bandaid](https://datatracker.ietf.org/doc/draft-mozleywilliams-dnsop-bandaid/)** (score: 3.6) — Proposes using DNS with SVCB records to enable AI agent discovery and capability advertisement. Leve
- **[draft-li-semantic-routing-architecture](https://datatracker.ietf.org/doc/draft-li-semantic-routing-architecture/)** (score: 3.6) — Introduces semantic routing architecture using intent vectors and trust scores for AI agent communic
- **[draft-vandoulas-aidp](https://datatracker.ietf.org/doc/draft-vandoulas-aidp/)** (score: 3.6) — Defines a comprehensive control-plane protocol for secure agent interactions with delegation, author
- **[draft-altanai-aipref-realtime-protocol-bindings](https://datatracker.ietf.org/doc/draft-altanai-aipref-realtime-protocol-bindings/)** (score: 3.6) — Defines how AI preference expressions are bound to real-time protocols like SIP and SDP. Specifies h
- **[draft-ietf-ace-edhoc-oscore-profile](https://datatracker.ietf.org/doc/draft-ietf-ace-edhoc-oscore-profile/)** (score: 3.6) — Defines ACE framework profile using EDHOC for mutual authentication and OSCORE for secure communicat
- **[draft-liu-oauth-a2a-profile](https://datatracker.ietf.org/doc/draft-liu-oauth-a2a-profile/)** (score: 3.6) — Specifies OAuth Transaction Token profile for Agent-to-Agent communication. Embeds call chain contex
- **[draft-templin-6man-aero3](https://datatracker.ietf.org/doc/draft-templin-6man-aero3/)** (score: 3.6) — Specifies automatic extended route optimization for IP internetworking over overlay multilink networ
- **[draft-liu-dmsc-acps-arc](https://datatracker.ietf.org/doc/draft-liu-dmsc-acps-arc/)** (score: 3.6) — Proposes Agent Collaboration Protocols architecture for Internet of Agents, covering agent lifecycle
- **[draft-liang-agentdns](https://datatracker.ietf.org/doc/draft-liang-agentdns/)** (score: 3.5) — Proposes a DNS-inspired naming and service discovery system for LLM agents to enable autonomous disc
- **[draft-song-oauth-ai-agent-collaborate-authz](https://datatracker.ietf.org/doc/draft-song-oauth-ai-agent-collaborate-authz/)** (score: 3.5) — Proposes OAuth 2.0 extension for multi-AI agent collaboration with applier-on-behalf-of authorizatio
@@ -62,25 +76,19 @@
- **[draft-li-dmsc-mcps-agw](https://datatracker.ietf.org/doc/draft-li-dmsc-mcps-agw/)** (score: 3.5) — Defines a protocol suite using Agent Gateways as control-plane entities for multi-agent collaboratio
- **[draft-jiang-seat-dynamic-attestation](https://datatracker.ietf.org/doc/draft-jiang-seat-dynamic-attestation/)** (score: 3.4) — Defines dynamic attestation mechanisms for AI agents to convey runtime posture changes during long-l
- **[draft-romanchuk-normative-admissibility](https://datatracker.ietf.org/doc/draft-romanchuk-normative-admissibility/)** (score: 3.4) — Establishes a framework for evaluating whether autonomous agent speech acts are admissible based on
- **[draft-du-catalist-routing-considerations](https://datatracker.ietf.org/doc/draft-du-catalist-routing-considerations/)** (score: 3.4) — Proposes routing considerations for AI agent-to-agent communication in overlay networks. Focuses on
- **[draft-kartha-internet20-ainative](https://datatracker.ietf.org/doc/draft-kartha-internet20-ainative/)** (score: 3.4) — Proposes Internet 2.0 architecture with AI models as first-class network entities, including HTTP+AI
- **[draft-yan-a2a-device-agent-applicability](https://datatracker.ietf.org/doc/draft-yan-a2a-device-agent-applicability/)** (score: 3.4) — Discusses applying Agent-to-Agent (A2A) Protocol to network management for communication between Con
- **[draft-zw-rtgwg-mcp-network-mgmt](https://datatracker.ietf.org/doc/draft-zw-rtgwg-mcp-network-mgmt/)** (score: 3.4) — Specifies MCP extensions for network equipment management with routers/switches as MCP servers. Defi
- **[draft-stephan-ai-agent-6g](https://datatracker.ietf.org/doc/draft-stephan-ai-agent-6g/)** (score: 3.4) — Examines AI agent communication protocols specifically for 6G systems based on 3GPP requirements. Ex
- **[draft-cosmos-protocol-specification](https://datatracker.ietf.org/doc/draft-cosmos-protocol-specification/)** (score: 3.3) — Defines comprehensive badge-based identity and communication system with trust scoring, post-quantum
- **[draft-sz-dmsc-iaip](https://datatracker.ietf.org/doc/draft-sz-dmsc-iaip/)** (score: 3.3) — Defines Intent-based Agent Interconnection Protocol (IAIP) for dynamic agent discovery and routing a
- **[draft-wang-cats-innetwork-infer](https://datatracker.ietf.org/doc/draft-wang-cats-innetwork-infer/)** (score: 3.3) — Proposes a framework for decentralized LLM inference across untrusted participants using layer-aware
- **[draft-mcp-over-moqt](https://datatracker.ietf.org/doc/draft-mcp-over-moqt/)** (score: 3.3) — Defines transport mapping for Model Context Protocol over Media over QUIC Transport. Specifies how M
- **[draft-jennings-mcp-over-moqt](https://datatracker.ietf.org/doc/draft-jennings-mcp-over-moqt/)** (score: 3.3) — Defines transport mapping for Model Context Protocol over Media over QUIC Transport. Specifies how M
- **[draft-liu-rtgwg-agent-gateway-requirements](https://datatracker.ietf.org/doc/draft-liu-rtgwg-agent-gateway-requirements/)** (score: 3.2) — Discusses requirements for Agent Gateways in agent-to-agent communications to improve scalability, e
- **[draft-pioli-agent-discovery](https://datatracker.ietf.org/doc/draft-pioli-agent-discovery/)** (score: 3.2) — Specifies ARDP, a lightweight protocol for agent registration and discovery in distributed environme
- **[draft-gaikwad-woa](https://datatracker.ietf.org/doc/draft-gaikwad-woa/)** (score: 3.2) — Specifies Web of Agents (WoA) format using JSON Schema to describe AI agent inputs/outputs served fr
- **[draft-mao-rtgwg-apn-framework-for-ioa](https://datatracker.ietf.org/doc/draft-mao-rtgwg-apn-framework-for-ioa/)** (score: 3.2) — Applies Application-aware Performance Network framework to Internet of Agents scenario. Addresses ne
- **[draft-zhang-dmsc-ioa-semantic-interaction](https://datatracker.ietf.org/doc/draft-zhang-dmsc-ioa-semantic-interaction/)** (score: 3.2) — Specifies a semantic layer for Internet of Agents using ontology models and JSON-LD serialization. D
- **[draft-sun-zhang-iaip](https://datatracker.ietf.org/doc/draft-sun-zhang-iaip/)** (score: 3.2) — Defines Intent-based Agent Interconnection Protocol for Agent Gateways, focusing on semantic intent
- **[draft-yao-agent-auth-considerations](https://datatracker.ietf.org/doc/draft-yao-agent-auth-considerations/)** (score: 3.1) — Extends OAuth model for AI agent authentication and authorization in Agent Communication Networks. P
- **[draft-li-dmsc-inf-architecture](https://datatracker.ietf.org/doc/draft-li-dmsc-inf-architecture/)** (score: 3.1) — Proposes a network infrastructure architecture for large-scale multi-agent collaboration. Focuses on
- **[draft-a2a-moqt-transport](https://datatracker.ietf.org/doc/draft-a2a-moqt-transport/)** (score: 3.1) — Specifies transport of Agent-to-Agent protocol over Media over QUIC Transport. Leverages MOQT's publ
- **[draft-nandakumar-a2a-moqt-transport](https://datatracker.ietf.org/doc/draft-nandakumar-a2a-moqt-transport/)** (score: 3.0) — Identical specification to draft-a2a-moqt-transport for transporting Agent-to-Agent protocol over MO
- **[draft-hong-nmrg-agenticai-ps](https://datatracker.ietf.org/doc/draft-hong-nmrg-agenticai-ps/)** (score: 3.0) — Presents problem statement and motivations for applying Agentic AI to network management. Emphasizes
- **[draft-fu-nmop-agent-communication-framework](https://datatracker.ietf.org/doc/draft-fu-nmop-agent-communication-framework/)** (score: 3.0) — Proposes a multi-agent communication framework for network AIOps with AI gateway, Agent Name Service
- **[draft-cui-dmsc-agent-cdi](https://datatracker.ietf.org/doc/draft-cui-dmsc-agent-cdi/)** (score: 3.0) — Defines comprehensive framework for cross-domain AI agent interoperability including identity federa
- **[draft-yang-dmsc-ioa-task-protocol](https://datatracker.ietf.org/doc/draft-yang-dmsc-ioa-task-protocol/)** (score: 3.0) — Defines a protocol for distributed collaboration among heterogeneous AI agents, enabling dynamic tea
- **[draft-ramakrishna-satp-data-sharing](https://datatracker.ietf.org/doc/draft-ramakrishna-satp-data-sharing/)** (score: 2.9) — Defines a DLT-neutral protocol for sharing asset views and metadata across blockchain networks via g
## AI safety / guardrails / alignment (1 drafts)
@@ -88,6 +96,7 @@
## AI safety/alignment (35 drafts)
- **[draft-cowles-volt](https://datatracker.ietf.org/doc/draft-cowles-volt/)** (score: 4.8) — Defines tamper-evident execution trace format for AI agent workflows using hash chains and cryptogra
- **[draft-aylward-daap-v2](https://datatracker.ietf.org/doc/draft-aylward-daap-v2/)** (score: 4.8) — Defines comprehensive protocol for AI agent accountability including authentication, monitoring, and
- **[draft-guy-bary-stamp-protocol](https://datatracker.ietf.org/doc/draft-guy-bary-stamp-protocol/)** (score: 4.6) — Defines STAMP protocol for cryptographic delegation and proof in AI agent systems. Provides task-bou
- **[draft-drake-email-tpm-attestation](https://datatracker.ietf.org/doc/draft-drake-email-tpm-attestation/)** (score: 4.6) — Defines hardware attestation for email using TPM verification chains to prevent spam and provide Syb
@@ -104,6 +113,7 @@
- **[draft-schulze-ecap](https://datatracker.ietf.org/doc/draft-schulze-ecap/)** (score: 4.1) — ECAP defines a cryptographically-verified protocol for web crawlers to obtain consent from hosts bef
- **[draft-mw-spice-actor-chain](https://datatracker.ietf.org/doc/draft-mw-spice-actor-chain/)** (score: 4.1) — Extends OAuth 2.0 Token Exchange with cryptographically verifiable actor chains to provide tamper-ev
- **[draft-barney-caam](https://datatracker.ietf.org/doc/draft-barney-caam/)** (score: 4.0) — Specifies Contextual Agent Authorization Mesh for runtime authorization of agents after discovery, p
- **[draft-han-anima-ai-asa](https://datatracker.ietf.org/doc/draft-han-anima-ai-asa/)** (score: 4.0) — Analyzes the impact of enhancing ANIMA's Autonomic Service Agents with AI/LLM capabilities, focusing
- **[draft-rosenberg-aiproto-cheq](https://datatracker.ietf.org/doc/draft-rosenberg-aiproto-cheq/)** (score: 3.9) — Proposes CHEQ protocol for human confirmation of AI agent decisions before execution. Protects again
- **[draft-berlinai-vera](https://datatracker.ietf.org/doc/draft-berlinai-vera/)** (score: 3.9) — Introduces VERA, a zero-trust architecture for AI agent security with five enforcement pillars and c
- **[draft-chen-ai-agent-auth-new-requirements](https://datatracker.ietf.org/doc/draft-chen-ai-agent-auth-new-requirements/)** (score: 3.8) — Identifies new authentication and authorization requirements for AI agents that go beyond traditiona
@@ -112,6 +122,8 @@
- **[draft-rosenberg-oauth-aauth](https://datatracker.ietf.org/doc/draft-rosenberg-oauth-aauth/)** (score: 3.6) — Extends OAuth 2.1 for AI agents operating through PSTN/SMS channels to obtain access tokens using PI
- **[draft-rosenberg-cheq](https://datatracker.ietf.org/doc/draft-rosenberg-cheq/)** (score: 3.6) — Proposes CHEQ protocol for human-in-the-loop confirmation of AI agent decisions before execution. Us
- **[draft-messous-eat-ai](https://datatracker.ietf.org/doc/draft-messous-eat-ai/)** (score: 3.6) — Defines an Entity Attestation Token profile for remote attestation of autonomous AI agents, specifyi
- **[draft-reilly-sentinel-protocol](https://datatracker.ietf.org/doc/draft-reilly-sentinel-protocol/)** (score: 3.6) — Defines blockchain-anchored integrity protocol for AI lifecycle provenance using Sentinel Evidence P
- **[draft-vaughan-aipref-vocab](https://datatracker.ietf.org/doc/draft-vaughan-aipref-vocab/)** (score: 3.6) — Proposes vocabulary for rightsholders to express content preferences for AI training use through met
- **[draft-wang-hjs-accountability](https://datatracker.ietf.org/doc/draft-wang-hjs-accountability/)** (score: 3.5) — Defines HJS accountability layer for AI agents using blockchain-anchored timestamps to create immuta
- **[draft-ietf-sml-trust](https://datatracker.ietf.org/doc/draft-ietf-sml-trust/)** (score: 3.5) — Provides trust and security recommendations for handling structured data in email messages. Addresse
- **[draft-yuan-rtgwg-security-agent-usecase](https://datatracker.ietf.org/doc/draft-yuan-rtgwg-security-agent-usecase/)** (score: 3.4) — Proposes AI Network Security Agents for routers to provide intelligent, adaptive security capabiliti
@@ -119,24 +131,16 @@
- **[draft-jiang-seat-dynamic-attestation](https://datatracker.ietf.org/doc/draft-jiang-seat-dynamic-attestation/)** (score: 3.4) — Defines dynamic attestation mechanisms for AI agents to convey runtime posture changes during long-l
- **[draft-romanchuk-normative-admissibility](https://datatracker.ietf.org/doc/draft-romanchuk-normative-admissibility/)** (score: 3.4) — Establishes a framework for evaluating whether autonomous agent speech acts are admissible based on
- **[draft-diaconu-agents-authz-info-sharing](https://datatracker.ietf.org/doc/draft-diaconu-agents-authz-info-sharing/)** (score: 3.2) — Addresses authorization challenges in distributed multi-agent systems across multiple domains. Cover
- **[draft-kale-agntcy-federated-privacy](https://datatracker.ietf.org/doc/draft-kale-agntcy-federated-privacy/)** (score: 3.2) — Specifies architecture for privacy-preserving federated learning across multi-tenant AI agent system
- **[draft-mvieuille-kerpass-ephemsec](https://datatracker.ietf.org/doc/draft-mvieuille-kerpass-ephemsec/)** (score: 3.1) — Specifies EPHEMSEC algorithm for generating one-time passwords using public key cryptography instead
- **[draft-contario-totp-secure-enrollment](https://datatracker.ietf.org/doc/draft-contario-totp-secure-enrollment/)** (score: 3.1) — Extends TOTP enrollment to prevent key compromise through QR code capture or key persistence in exte
- **[draft-architect-cittamarket](https://datatracker.ietf.org/doc/draft-architect-cittamarket/)** (score: 3.1) — Specifies protocol for immutable AGI system identification using Bitcoin blockchain anchoring. Defin
## Agent discovery / registration (9 drafts)
## Agent discovery / registration (5 drafts)
- **[draft-nandakumar-agent-sd-jwt](https://datatracker.ietf.org/doc/draft-nandakumar-agent-sd-jwt/)** (score: 3.9) — This draft defines SD-Card, a Selective Disclosure JWT encoding of Agent Cards that enables privacy-
- **[draft-wahl-scim-agent-schema](https://datatracker.ietf.org/doc/draft-wahl-scim-agent-schema/)** (score: 3.9) — This draft extends the SCIM (System for Cross-domain Identity Management) protocol to support AI age
- **[draft-huang-acme-scalable-agent-enrollment](https://datatracker.ietf.org/doc/draft-huang-acme-scalable-agent-enrollment/)** (score: 3.5) — This draft proposes two scalable models for certificate enrollment of AI agents: one using Zero-Know
- **[draft-zheng-dispatch-agent-identity-management](https://datatracker.ietf.org/doc/draft-zheng-dispatch-agent-identity-management/)** (score: 3.3) — This draft proposes an identity management framework for agents in an Internet of Agents (IOA) syste
- **[draft-narvaneni-agent-uri](https://datatracker.ietf.org/doc/draft-narvaneni-agent-uri/)** (score: 3.3) — This draft defines the agent:// URI scheme for addressing and interoperating with software agents ac
- **[draft-hw-ai-agent-6g](https://datatracker.ietf.org/doc/draft-hw-ai-agent-6g/)** (score: 3.1) — This draft analyzes requirements for agent protocols specifically tailored to 6G mobile networks, ex
- **[draft-cui-ai-agent-task](https://datatracker.ietf.org/doc/draft-cui-ai-agent-task/)** (score: 3.0) — This draft proposes requirements for standardized AI agent protocols to enable task-oriented coordin
- **[draft-yl-agent-id-requirements](https://datatracker.ietf.org/doc/draft-yl-agent-id-requirements/)** (score: 2.9) — This draft proposes requirements for digital identity management in AI agent communication protocols
- **[draft-wang-nmrg-magent-im](https://datatracker.ietf.org/doc/draft-wang-nmrg-magent-im/)** (score: 2.9) — This draft proposes a protocol-agnostic data model for multi-agent communication in autonomous netwo
## Agent discovery/reg (50 drafts)
## Agent discovery/reg (43 drafts)
- **[draft-narajala-ans](https://datatracker.ietf.org/doc/draft-narajala-ans/)** (score: 4.2) — Introduces Agent Name Service (ANS) as a DNS-based universal directory for AI agent discovery and ve
- **[draft-li-dmsc-macp](https://datatracker.ietf.org/doc/draft-li-dmsc-macp/)** (score: 4.2) — Specifies a comprehensive multi-agent collaboration protocol suite using Agent Gateways for registra
@@ -153,6 +157,7 @@
- **[draft-eckert-anima-acp-free-ani](https://datatracker.ietf.org/doc/draft-eckert-anima-acp-free-ani/)** (score: 3.8) — Describes lightweight variation of Autonomic Networking Infrastructure without expensive ACP impleme
- **[draft-zheng-agent-identity-management](https://datatracker.ietf.org/doc/draft-zheng-agent-identity-management/)** (score: 3.7) — Defines comprehensive agent identity management for Internet of Agents systems. Covers agent registr
- **[draft-an-nmrg-i2icf-cits](https://datatracker.ietf.org/doc/draft-an-nmrg-i2icf-cits/)** (score: 3.7) — Defines framework for orchestrating In-Network Computing Functions in Cooperative Intelligent Transp
- **[draft-howe-sipcore-mcp-extension](https://datatracker.ietf.org/doc/draft-howe-sipcore-mcp-extension/)** (score: 3.7) — Defines SIP extension to carry Model Context Protocol with new option-tags, headers, and media types
- **[draft-rosenberg-aiproto](https://datatracker.ietf.org/doc/draft-rosenberg-aiproto/)** (score: 3.7) — Defines N-ACT protocol for AI agents to discover and invoke third-party tools and APIs. Focuses on e
- **[draft-rosenberg-aiproto-nact](https://datatracker.ietf.org/doc/draft-rosenberg-aiproto-nact/)** (score: 3.7) — Defines N-ACT protocol for AI agents to discover and invoke third-party tools and APIs. Focuses on e
- **[draft-zyyhl-agent-networks-framework](https://datatracker.ietf.org/doc/draft-zyyhl-agent-networks-framework/)** (score: 3.6) — Defines comprehensive framework for AI agent networks based on Agent Network Protocol (ANP). Provide
@@ -163,12 +168,16 @@
- **[draft-li-semantic-routing-architecture](https://datatracker.ietf.org/doc/draft-li-semantic-routing-architecture/)** (score: 3.6) — Introduces semantic routing architecture using intent vectors and trust scores for AI agent communic
- **[draft-mozleywilliams-dnsop-dnsaid](https://datatracker.ietf.org/doc/draft-mozleywilliams-dnsop-dnsaid/)** (score: 3.6) — Uses existing DNS infrastructure for AI agent discovery through structured namespace and metadata ex
- **[draft-eggert-mailmaint-uaautoconf](https://datatracker.ietf.org/doc/draft-eggert-mailmaint-uaautoconf/)** (score: 3.6) — Specifies automatic configuration mechanism for email, calendar, and contact applications. Enables s
- **[draft-li-cats-idn](https://datatracker.ietf.org/doc/draft-li-cats-idn/)** (score: 3.6) — Introduces Intelligence Delivery Network (IDN) framework for deploying ML models across distributed
- **[draft-liu-dmsc-acps-arc](https://datatracker.ietf.org/doc/draft-liu-dmsc-acps-arc/)** (score: 3.6) — Proposes Agent Collaboration Protocols architecture for Internet of Agents, covering agent lifecycle
- **[draft-liang-agentdns](https://datatracker.ietf.org/doc/draft-liang-agentdns/)** (score: 3.5) — Proposes a DNS-inspired naming and service discovery system for LLM agents to enable autonomous disc
- **[draft-mozley-aidiscovery](https://datatracker.ietf.org/doc/draft-mozley-aidiscovery/)** (score: 3.5) — Defines requirements and considerations for AI agent-to-agent discovery mechanisms. Addresses the fu
- **[draft-ye-problems-and-requirements-of-dns-for-ioa](https://datatracker.ietf.org/doc/draft-ye-problems-and-requirements-of-dns-for-ioa/)** (score: 3.5) — Analyzes DNS challenges for Internet of Agents scenarios and identifies technical requirements. Expl
- **[draft-li-dmsc-mcps-agw](https://datatracker.ietf.org/doc/draft-li-dmsc-mcps-agw/)** (score: 3.5) — Defines a protocol suite using Agent Gateways as control-plane entities for multi-agent collaboratio
- **[draft-kartha-grd](https://datatracker.ietf.org/doc/draft-kartha-grd/)** (score: 3.4) — Defines architectural framework for discovering network resources based on physical location and con
- **[draft-du-catalist-routing-considerations](https://datatracker.ietf.org/doc/draft-du-catalist-routing-considerations/)** (score: 3.4) — Proposes routing considerations for AI agent-to-agent communication in overlay networks. Focuses on
- **[draft-kartha-internet20-ainative](https://datatracker.ietf.org/doc/draft-kartha-internet20-ainative/)** (score: 3.4) — Proposes Internet 2.0 architecture with AI models as first-class network entities, including HTTP+AI
- **[draft-jimenez-tbd-robotstxt-update](https://datatracker.ietf.org/doc/draft-jimenez-tbd-robotstxt-update/)** (score: 3.4) — Proposes updates to robots.txt standard to handle AI-specific crawlers with new syntax for user-agen
- **[draft-stephan-ai-agent-6g](https://datatracker.ietf.org/doc/draft-stephan-ai-agent-6g/)** (score: 3.4) — Examines AI agent communication protocols specifically for 6G systems based on 3GPP requirements. Ex
- **[draft-zeng-nmrg-mcp-usecases-requirements](https://datatracker.ietf.org/doc/draft-zeng-nmrg-mcp-usecases-requirements/)** (score: 3.4) — Presents problem statement for integrating Model Context Protocol into network management for AI age
- **[draft-sz-dmsc-iaip](https://datatracker.ietf.org/doc/draft-sz-dmsc-iaip/)** (score: 3.3) — Defines Intent-based Agent Interconnection Protocol (IAIP) for dynamic agent discovery and routing a
@@ -176,26 +185,17 @@
- **[draft-liu-rtgwg-agent-gateway-requirements](https://datatracker.ietf.org/doc/draft-liu-rtgwg-agent-gateway-requirements/)** (score: 3.2) — Discusses requirements for Agent Gateways in agent-to-agent communications to improve scalability, e
- **[draft-pioli-agent-discovery](https://datatracker.ietf.org/doc/draft-pioli-agent-discovery/)** (score: 3.2) — Specifies ARDP, a lightweight protocol for agent registration and discovery in distributed environme
- **[draft-gaikwad-woa](https://datatracker.ietf.org/doc/draft-gaikwad-woa/)** (score: 3.2) — Specifies Web of Agents (WoA) format using JSON Schema to describe AI agent inputs/outputs served fr
- **[draft-tong-network-agent-use-cases-in-6g](https://datatracker.ietf.org/doc/draft-tong-network-agent-use-cases-in-6g/)** (score: 3.2) — Introduces network AI agent use cases in 6G focusing on connectivity services and third-party applic
- **[draft-meunier-webbotauth-registry](https://datatracker.ietf.org/doc/draft-meunier-webbotauth-registry/)** (score: 3.2) — Defines a JSON format for web bot signature agent cards to advertise identity, purpose, and cryptogr
- **[draft-mao-rtgwg-apn-framework-for-ioa](https://datatracker.ietf.org/doc/draft-mao-rtgwg-apn-framework-for-ioa/)** (score: 3.2) — Applies Application-aware Performance Network framework to Internet of Agents scenario. Addresses ne
- **[draft-zhang-dmsc-ioa-semantic-interaction](https://datatracker.ietf.org/doc/draft-zhang-dmsc-ioa-semantic-interaction/)** (score: 3.2) — Specifies a semantic layer for Internet of Agents using ontology models and JSON-LD serialization. D
- **[draft-sun-zhang-iaip](https://datatracker.ietf.org/doc/draft-sun-zhang-iaip/)** (score: 3.2) — Defines Intent-based Agent Interconnection Protocol for Agent Gateways, focusing on semantic intent
- **[draft-a2a-moqt-transport](https://datatracker.ietf.org/doc/draft-a2a-moqt-transport/)** (score: 3.1) — Specifies transport of Agent-to-Agent protocol over Media over QUIC Transport. Leverages MOQT's publ
- **[draft-levy-llm-uri-scheme](https://datatracker.ietf.org/doc/draft-levy-llm-uri-scheme/)** (score: 3.1) — Defines a URI scheme for identifying LLM endpoints with embedded configuration parameters. Creates a
- **[draft-vinaysingh-awp-wellknown](https://datatracker.ietf.org/doc/draft-vinaysingh-awp-wellknown/)** (score: 3.1) — Defines well-known URI and link relation for exposing website workflows to automated agents. Provide
- **[draft-nandakumar-a2a-moqt-transport](https://datatracker.ietf.org/doc/draft-nandakumar-a2a-moqt-transport/)** (score: 3.0) — Identical specification to draft-a2a-moqt-transport for transporting Agent-to-Agent protocol over MO
- **[draft-fu-nmop-agent-communication-framework](https://datatracker.ietf.org/doc/draft-fu-nmop-agent-communication-framework/)** (score: 3.0) — Proposes a multi-agent communication framework for network AIOps with AI gateway, Agent Name Service
- **[draft-yang-dmsc-ioa-task-protocol](https://datatracker.ietf.org/doc/draft-yang-dmsc-ioa-task-protocol/)** (score: 3.0) — Defines a protocol for distributed collaboration among heterogeneous AI agents, enabling dynamic tea
- **[draft-ietf-roll-enrollment-priority](https://datatracker.ietf.org/doc/draft-ietf-roll-enrollment-priority/)** (score: 2.9) — Provides mechanism for RPL Root to control enrollment announcements and adjust enrollment priorities
## Agent identity/auth (86 drafts)
## Agent identity/auth (75 drafts)
- **[draft-cowles-volt](https://datatracker.ietf.org/doc/draft-cowles-volt/)** (score: 4.8) — Defines tamper-evident execution trace format for AI agent workflows using hash chains and cryptogra
- **[draft-aylward-daap-v2](https://datatracker.ietf.org/doc/draft-aylward-daap-v2/)** (score: 4.8) — Defines comprehensive protocol for AI agent accountability including authentication, monitoring, and
- **[draft-guy-bary-stamp-protocol](https://datatracker.ietf.org/doc/draft-guy-bary-stamp-protocol/)** (score: 4.6) — Defines STAMP protocol for cryptographic delegation and proof in AI agent systems. Provides task-bou
- **[draft-drake-email-tpm-attestation](https://datatracker.ietf.org/doc/draft-drake-email-tpm-attestation/)** (score: 4.6) — Defines hardware attestation for email using TPM verification chains to prevent spam and provide Syb
- **[draft-williams-netmod-lm-hierarchy-topology](https://datatracker.ietf.org/doc/draft-williams-netmod-lm-hierarchy-topology/)** (score: 4.6) — Defines YANG data model for hierarchical language model coordination across tiny, small, and large L
- **[draft-ietf-lake-app-profiles](https://datatracker.ietf.org/doc/draft-ietf-lake-app-profiles/)** (score: 4.6) — Defines canonical CBOR representation for EDHOC application profiles and coordination mechanisms for
- **[draft-goswami-agentic-jwt](https://datatracker.ietf.org/doc/draft-goswami-agentic-jwt/)** (score: 4.5) — Extends OAuth 2.0 with Agentic JWT to address authorization challenges in autonomous AI systems. Int
- **[draft-wang-cats-odsi](https://datatracker.ietf.org/doc/draft-wang-cats-odsi/)** (score: 4.5) — Specifies framework for decentralized LLM inference across untrusted participants with layer-aware e
- **[draft-aylward-aiga-2](https://datatracker.ietf.org/doc/draft-aylward-aiga-2/)** (score: 4.5) — Comprehensive AI governance framework with tiered risk model, federated authority network, and econo
- **[draft-ietf-anima-constrained-voucher](https://datatracker.ietf.org/doc/draft-ietf-anima-constrained-voucher/)** (score: 4.3) — Adapts BRSKI secure device onboarding for constrained IoT environments using CBOR vouchers and CoAP/
- **[draft-ietf-hpke-hpke](https://datatracker.ietf.org/doc/draft-ietf-hpke-hpke/)** (score: 4.3) — Comprehensive specification for hybrid public key encryption supporting arbitrary-sized plaintexts.
@@ -223,6 +223,8 @@
- **[draft-josefsson-chempat](https://datatracker.ietf.org/doc/draft-josefsson-chempat/)** (score: 3.9) — Generic framework for Post-Quantum/Traditional hybrid key encapsulation mechanisms. Provides concret
- **[draft-ravikiran-clawdentity-protocol](https://datatracker.ietf.org/doc/draft-ravikiran-clawdentity-protocol/)** (score: 3.9) — Specifies Clawdentity protocol for cryptographic identity and trust in AI agent communication. Provi
- **[draft-bradleylundberg-cfrg-arkg](https://datatracker.ietf.org/doc/draft-bradleylundberg-cfrg-arkg/)** (score: 3.9) — Defines Asynchronous Remote Key Generation algorithm enabling delegation of public key generation wi
- **[draft-tsyrulnikov-rats-attested-inference-receipt](https://datatracker.ietf.org/doc/draft-tsyrulnikov-rats-attested-inference-receipt/)** (score: 3.9) — Defines Attested Inference Receipt (AIR) using COSE/CWT to create verifiable receipts for confidenti
- **[draft-ramadan-mboned-sonar](https://datatracker.ietf.org/doc/draft-ramadan-mboned-sonar/)** (score: 3.8) — Specifies a protocol for verifiable multicast delivery using cryptoeconomic accountability and stati
- **[draft-ietf-emu-hybrid-pqc-eapaka](https://datatracker.ietf.org/doc/draft-ietf-emu-hybrid-pqc-eapaka/)** (score: 3.8) — Enhances EAP-AKA' with post-quantum cryptography to address quantum computing threats. Uses hybrid P
- **[draft-chen-ai-agent-auth-new-requirements](https://datatracker.ietf.org/doc/draft-chen-ai-agent-auth-new-requirements/)** (score: 3.8) — Identifies new authentication and authorization requirements for AI agents that go beyond traditiona
- **[draft-sogomonian-ai-uri-scheme](https://datatracker.ietf.org/doc/draft-sogomonian-ai-uri-scheme/)** (score: 3.8) — Defines experimental AI URI scheme for dedicated AI resource access. Enables native connectivity for
@@ -261,37 +263,14 @@
- **[draft-liu-rtgwg-agent-gateway-requirements](https://datatracker.ietf.org/doc/draft-liu-rtgwg-agent-gateway-requirements/)** (score: 3.2) — Discusses requirements for Agent Gateways in agent-to-agent communications to improve scalability, e
- **[draft-pioli-agent-discovery](https://datatracker.ietf.org/doc/draft-pioli-agent-discovery/)** (score: 3.2) — Specifies ARDP, a lightweight protocol for agent registration and discovery in distributed environme
- **[draft-diaconu-agents-authz-info-sharing](https://datatracker.ietf.org/doc/draft-diaconu-agents-authz-info-sharing/)** (score: 3.2) — Addresses authorization challenges in distributed multi-agent systems across multiple domains. Cover
- **[draft-ietf-emu-eap-edhoc](https://datatracker.ietf.org/doc/draft-ietf-emu-eap-edhoc/)** (score: 3.2) — Defines EAP authentication method based on EDHOC for constrained environments. Integrates EDHOC's li
- **[draft-lake-pocero-authkem-edhoc](https://datatracker.ietf.org/doc/draft-lake-pocero-authkem-edhoc/)** (score: 3.2) — This draft extends the EDHOC protocol to provide quantum-resistant authentication using KEM-based me
- **[draft-meunier-webbotauth-registry](https://datatracker.ietf.org/doc/draft-meunier-webbotauth-registry/)** (score: 3.2) — Defines a JSON format for web bot signature agent cards to advertise identity, purpose, and cryptogr
- **[draft-ra-emu-pqc-eapaka](https://datatracker.ietf.org/doc/draft-ra-emu-pqc-eapaka/)** (score: 3.2) — Enhances EAP-AKA' with post-quantum key encapsulation mechanisms to protect against quantum computer
- **[draft-yao-agent-auth-considerations](https://datatracker.ietf.org/doc/draft-yao-agent-auth-considerations/)** (score: 3.1) — Extends OAuth model for AI agent authentication and authorization in Agent Communication Networks. P
- **[draft-mvieuille-kerpass-ephemsec](https://datatracker.ietf.org/doc/draft-mvieuille-kerpass-ephemsec/)** (score: 3.1) — Specifies EPHEMSEC algorithm for generating one-time passwords using public key cryptography instead
- **[draft-contario-totp-secure-enrollment](https://datatracker.ietf.org/doc/draft-contario-totp-secure-enrollment/)** (score: 3.1) — Extends TOTP enrollment to prevent key compromise through QR code capture or key persistence in exte
- **[draft-architect-cittamarket](https://datatracker.ietf.org/doc/draft-architect-cittamarket/)** (score: 3.1) — Specifies protocol for immutable AGI system identification using Bitcoin blockchain anchoring. Defin
- **[draft-ni-wimse-ai-agent-identity](https://datatracker.ietf.org/doc/draft-ni-wimse-ai-agent-identity/)** (score: 3.0) — Applies WIMSE (Workload Identity in Multi System Environments) framework to AI agents for identity a
- **[draft-sipos-dtn-bp-safe](https://datatracker.ietf.org/doc/draft-sipos-dtn-bp-safe/)** (score: 3.0) — Defines security association negotiation protocol for Bundle Protocol agents in delay-tolerant netwo
- **[draft-chen-lake-edhoc-aka](https://datatracker.ietf.org/doc/draft-chen-lake-edhoc-aka/)** (score: 3.0) — Defines EDHOC-AKA authentication method combining AKA protocol with EDHOC for mobile network access
- **[draft-wendt-stir-vesper](https://datatracker.ietf.org/doc/draft-wendt-stir-vesper/)** (score: 3.0) — Formalizes framework for verifiable telephone number identity using delegate certificates and author
- **[draft-cui-dmsc-agent-cdi](https://datatracker.ietf.org/doc/draft-cui-dmsc-agent-cdi/)** (score: 3.0) — Defines comprehensive framework for cross-domain AI agent interoperability including identity federa
- **[draft-condrey-rats-witnessd-enrollment](https://datatracker.ietf.org/doc/draft-condrey-rats-witnessd-enrollment/)** (score: 3.0) — Specifies trust anchor bootstrap protocol for proof of process framework. Defines device enrollment,
- **[draft-pocero-authkem-ikr-edhoc](https://datatracker.ietf.org/doc/draft-pocero-authkem-ikr-edhoc/)** (score: 3.0) — This draft proposes a KEM-based authentication variant for EDHOC that optimizes for scenarios where
- **[draft-happel-structured-email-trust](https://datatracker.ietf.org/doc/draft-happel-structured-email-trust/)** (score: 2.9) — Provides trust and security recommendations for handling structured data in email messages. Focuses
## Agent-to-agent communication protocols (12 drafts)
## Agent-to-agent communication protocols (5 drafts)
- **[draft-nandakumar-agent-sd-jwt](https://datatracker.ietf.org/doc/draft-nandakumar-agent-sd-jwt/)** (score: 3.9) — This draft defines SD-Card, a Selective Disclosure JWT encoding of Agent Cards that enables privacy-
- **[draft-oauth-ai-agents-on-behalf-of-user](https://datatracker.ietf.org/doc/draft-oauth-ai-agents-on-behalf-of-user/)** (score: 3.7) — This draft extends OAuth 2.0 to enable AI agents to securely obtain access tokens for acting on beha
- **[draft-liu-agent-context-protocol](https://datatracker.ietf.org/doc/draft-liu-agent-context-protocol/)** (score: 3.5) — This draft proposes a standard protocol for AI agents to communicate context information to each oth
- **[draft-zheng-dispatch-agent-identity-management](https://datatracker.ietf.org/doc/draft-zheng-dispatch-agent-identity-management/)** (score: 3.3) — This draft proposes an identity management framework for agents in an Internet of Agents (IOA) syste
- **[draft-narvaneni-agent-uri](https://datatracker.ietf.org/doc/draft-narvaneni-agent-uri/)** (score: 3.3) — This draft defines the agent:// URI scheme for addressing and interoperating with software agents ac
- **[draft-hw-ai-agent-6g](https://datatracker.ietf.org/doc/draft-hw-ai-agent-6g/)** (score: 3.1) — This draft analyzes requirements for agent protocols specifically tailored to 6G mobile networks, ex
- **[draft-zhang-agent-gap-network](https://datatracker.ietf.org/doc/draft-zhang-agent-gap-network/)** (score: 3.0) — This draft identifies problems and gaps in mobile core networks for supporting AI agent communicatio
- **[draft-cui-ai-agent-task](https://datatracker.ietf.org/doc/draft-cui-ai-agent-task/)** (score: 3.0) — This draft proposes requirements for standardized AI agent protocols to enable task-oriented coordin
- **[draft-zhang-rtgwg-ai-agents-troubleshooting](https://datatracker.ietf.org/doc/draft-zhang-rtgwg-ai-agents-troubleshooting/)** (score: 2.9) — This draft defines use cases and communication protocol requirements for troubleshooting agents depl
- **[draft-yl-agent-id-requirements](https://datatracker.ietf.org/doc/draft-yl-agent-id-requirements/)** (score: 2.9) — This draft proposes requirements for digital identity management in AI agent communication protocols
- **[draft-wang-nmrg-magent-im](https://datatracker.ietf.org/doc/draft-wang-nmrg-magent-im/)** (score: 2.9) — This draft proposes a protocol-agnostic data model for multi-agent communication in autonomous netwo
- **[draft-xie-ai-agent-multimodal](https://datatracker.ietf.org/doc/draft-xie-ai-agent-multimodal/)** (score: 2.9) — This draft outlines requirements for multimodal communication in AI agent protocols, enabling agents
## Autonomous netops (46 drafts)
@@ -299,8 +278,12 @@
- **[draft-wmz-nmrg-agent-ndt-arch](https://datatracker.ietf.org/doc/draft-wmz-nmrg-agent-ndt-arch/)** (score: 4.2) — Comprehensive architecture combining Network Digital Twin with Agentic AI for intent-based network o
- **[draft-yue-anima-agent-recovery-networks](https://datatracker.ietf.org/doc/draft-yue-anima-agent-recovery-networks/)** (score: 4.1) — Defines task-oriented multi-agent framework for fault recovery in converged mobile networks. Targets
- **[draft-cui-nmrg-llm-nm](https://datatracker.ietf.org/doc/draft-cui-nmrg-llm-nm/)** (score: 4.1) — Defines framework for collaborative network management between LLM agents and human operators. Intro
- **[draft-jadoon-nmrg-agentic-ai-autonomous-networks](https://datatracker.ietf.org/doc/draft-jadoon-nmrg-agentic-ai-autonomous-networks/)** (score: 4.1) — Introduces architectural principles for integrating AI agents into IP protocol stack layers while pr
- **[draft-chen-nmrg-semantic-inference-routing](https://datatracker.ietf.org/doc/draft-chen-nmrg-semantic-inference-routing/)** (score: 4.1) — Defines SIRP protocol for content-aware routing of AI inference requests. Enables routing decisions
- **[draft-ietf-lisp-nexagon](https://datatracker.ietf.org/doc/draft-ietf-lisp-nexagon/)** (score: 4.0) — Combines LISP with H3 spatial indexing to create geospatial intelligence network for physical-world
- **[draft-han-anima-ai-asa](https://datatracker.ietf.org/doc/draft-han-anima-ai-asa/)** (score: 4.0) — Analyzes the impact of enhancing ANIMA's Autonomic Service Agents with AI/LLM capabilities, focusing
- **[draft-zeng-opsawg-llm-netconf-gap](https://datatracker.ietf.org/doc/draft-zeng-opsawg-llm-netconf-gap/)** (score: 3.9) — Analyzes gaps in existing network configuration protocols for LLM-driven intent-based networking. Id
- **[draft-templin-intarea-aero2](https://datatracker.ietf.org/doc/draft-templin-intarea-aero2/)** (score: 3.9) — Specifies AERO service for IP internetworking over overlay multilink networks using IPv6 ND for cont
- **[draft-luan-rtgwg-sdaf](https://datatracker.ietf.org/doc/draft-luan-rtgwg-sdaf/)** (score: 3.8) — Proposes symmetry-driven forwarding mechanism for LEO satellite networks to avoid routing loops and
- **[draft-zhao-nmop-network-management-agent](https://datatracker.ietf.org/doc/draft-zhao-nmop-network-management-agent/)** (score: 3.8) — Defines AI-driven Network Management Agent concept for Level 4 autonomous networks. Specifies integr
- **[draft-eckert-anima-acp-free-ani](https://datatracker.ietf.org/doc/draft-eckert-anima-acp-free-ani/)** (score: 3.8) — Describes lightweight variation of Autonomic Networking Infrastructure without expensive ACP impleme
@@ -312,55 +295,45 @@
- **[draft-zm-rtgwg-mcp-troubleshooting](https://datatracker.ietf.org/doc/draft-zm-rtgwg-mcp-troubleshooting/)** (score: 3.6) — Proposes using Model Context Protocol (MCP) to enable LLM-based automated network troubleshooting. M
- **[draft-li-semantic-routing-architecture](https://datatracker.ietf.org/doc/draft-li-semantic-routing-architecture/)** (score: 3.6) — Introduces semantic routing architecture using intent vectors and trust scores for AI agent communic
- **[draft-cui-nmrg-auto-test](https://datatracker.ietf.org/doc/draft-cui-nmrg-auto-test/)** (score: 3.6) — Framework for AI-assisted network protocol testing using LLMs and automated test generation. Defines
- **[draft-xsaopig-nsttlp-traffic-labeling](https://datatracker.ietf.org/doc/draft-xsaopig-nsttlp-traffic-labeling/)** (score: 3.6) — Specifies protocol for embedding service type identifiers in network packets to enable intelligent t
- **[draft-moreno-lisp-uberlay](https://datatracker.ietf.org/doc/draft-moreno-lisp-uberlay/)** (score: 3.6) — Describes using LISP to interconnect multiple independent network overlays through a transit overlay
- **[draft-templin-6man-aero3](https://datatracker.ietf.org/doc/draft-templin-6man-aero3/)** (score: 3.6) — Specifies automatic extended route optimization for IP internetworking over overlay multilink networ
- **[draft-liu-dmsc-acps-arc](https://datatracker.ietf.org/doc/draft-liu-dmsc-acps-arc/)** (score: 3.6) — Proposes Agent Collaboration Protocols architecture for Internet of Agents, covering agent lifecycle
- **[draft-pbs-sidrops-roaanycast](https://datatracker.ietf.org/doc/draft-pbs-sidrops-roaanycast/)** (score: 3.6) — Defines best practices for managing Route Origin Authorizations (ROAs) for globally anycasted servic
- **[draft-ye-problems-and-requirements-of-dns-for-ioa](https://datatracker.ietf.org/doc/draft-ye-problems-and-requirements-of-dns-for-ioa/)** (score: 3.5) — Analyzes DNS challenges for Internet of Agents scenarios and identifies technical requirements. Expl
- **[draft-irtf-nmrg-llm-nm](https://datatracker.ietf.org/doc/draft-irtf-nmrg-llm-nm/)** (score: 3.5) — Defines framework for collaborative network management between LLMs and human operators with human-i
- **[draft-zeng-mcp-network-measurement](https://datatracker.ietf.org/doc/draft-zeng-mcp-network-measurement/)** (score: 3.5) — Proposes MCP framework for intelligent network measurement with AI assistance. Enables natural langu
- **[draft-templin-intarea-aero](https://datatracker.ietf.org/doc/draft-templin-intarea-aero/)** (score: 3.5) — Specifies Automatic Extended Route Optimization (AERO) service for IP internetworking over Overlay M
- **[draft-ahn-nmrg-5g-security-i2nsf-framework](https://datatracker.ietf.org/doc/draft-ahn-nmrg-5g-security-i2nsf-framework/)** (score: 3.5) — Presents integrated framework for automated 5G edge network security using I2NSF architecture and In
- **[draft-zhang-rvp-problem-statement](https://datatracker.ietf.org/doc/draft-zhang-rvp-problem-statement/)** (score: 3.5) — Proposes Real-Virtual Agent Protocol for coordinating physical entities with digital agents through
- **[draft-zeng-opsawg-applicability-mcp-a2a](https://datatracker.ietf.org/doc/draft-zeng-opsawg-applicability-mcp-a2a/)** (score: 3.5) — Analyzes NETCONF limitations for advanced scenarios and proposes MCP and A2A protocols as complement
- **[draft-yuan-rtgwg-security-agent-usecase](https://datatracker.ietf.org/doc/draft-yuan-rtgwg-security-agent-usecase/)** (score: 3.4) — Proposes AI Network Security Agents for routers to provide intelligent, adaptive security capabiliti
- **[draft-kartha-grd](https://datatracker.ietf.org/doc/draft-kartha-grd/)** (score: 3.4) — Defines architectural framework for discovering network resources based on physical location and con
- **[draft-tan-ccamp-uonaco-problem-statement](https://datatracker.ietf.org/doc/draft-tan-ccamp-uonaco-problem-statement/)** (score: 3.4) — Defines requirements for unified orchestration between optical networks and AI computing to enable c
- **[draft-yan-a2a-device-agent-applicability](https://datatracker.ietf.org/doc/draft-yan-a2a-device-agent-applicability/)** (score: 3.4) — Discusses applying Agent-to-Agent (A2A) Protocol to network management for communication between Con
- **[draft-yue-moq-transporting-sensing-data](https://datatracker.ietf.org/doc/draft-yue-moq-transporting-sensing-data/)** (score: 3.4) — Proposes using Media Over QUIC (MOQ) to transport large-scale, real-time sensing data in 6G networks
- **[draft-zw-rtgwg-mcp-network-mgmt](https://datatracker.ietf.org/doc/draft-zw-rtgwg-mcp-network-mgmt/)** (score: 3.4) — Specifies MCP extensions for network equipment management with routers/switches as MCP servers. Defi
- **[draft-zeng-nmrg-mcp-usecases-requirements](https://datatracker.ietf.org/doc/draft-zeng-nmrg-mcp-usecases-requirements/)** (score: 3.4) — Presents problem statement for integrating Model Context Protocol into network management for AI age
- **[draft-zhu-anima-service-intent](https://datatracker.ietf.org/doc/draft-zhu-anima-service-intent/)** (score: 3.4) — Defines a structured semantic model for expressing service-level objectives and constraints across n
- **[draft-xsaopig-nmop-service-flow-modal-mapping](https://datatracker.ietf.org/doc/draft-xsaopig-nmop-service-flow-modal-mapping/)** (score: 3.3) — Proposes a framework using ALTO protocol and SDN architecture for mapping service flow characteristi
- **[draft-jeong-opsawg-intent-based-sdv-framework](https://datatracker.ietf.org/doc/draft-jeong-opsawg-intent-based-sdv-framework/)** (score: 3.3) — Proposes intent-based management framework for Software-Defined Vehicles in ITS environments. Covers
- **[draft-bernardos-nmrg-agentic-network-optimization](https://datatracker.ietf.org/doc/draft-bernardos-nmrg-agentic-network-optimization/)** (score: 3.3) — Focuses on agentic AI for distributed sensing in ISAC networks with joint optimization of sensing an
- **[draft-chuyi-nmrg-ai-agent-network](https://datatracker.ietf.org/doc/draft-chuyi-nmrg-ai-agent-network/)** (score: 3.2) — Focuses on large language model-based agents for network operations and maintenance. Addresses pract
- **[draft-ahn-opsawg-5g-security-i2nsf-framework](https://datatracker.ietf.org/doc/draft-ahn-opsawg-5g-security-i2nsf-framework/)** (score: 3.2) — Proposes an integrated security framework for 5G edge networks using I2NSF architecture with Intent-
- **[draft-tong-network-agent-use-cases-in-6g](https://datatracker.ietf.org/doc/draft-tong-network-agent-use-cases-in-6g/)** (score: 3.2) — Introduces network AI agent use cases in 6G focusing on connectivity services and third-party applic
- **[draft-sun-zhang-iaip](https://datatracker.ietf.org/doc/draft-sun-zhang-iaip/)** (score: 3.2) — Defines Intent-based Agent Interconnection Protocol for Agent Gateways, focusing on semantic intent
- **[draft-li-dmsc-inf-architecture](https://datatracker.ietf.org/doc/draft-li-dmsc-inf-architecture/)** (score: 3.1) — Proposes a network infrastructure architecture for large-scale multi-agent collaboration. Focuses on
- **[draft-zeng-mcp-troubleshooting](https://datatracker.ietf.org/doc/draft-zeng-mcp-troubleshooting/)** (score: 3.1) — Applies Model Context Protocol to network management for intent-based troubleshooting. Maps MCP role
- **[draft-sipos-dtn-bp-safe](https://datatracker.ietf.org/doc/draft-sipos-dtn-bp-safe/)** (score: 3.0) — Defines security association negotiation protocol for Bundle Protocol agents in delay-tolerant netwo
- **[draft-bernardos-cats-isac-uc](https://datatracker.ietf.org/doc/draft-bernardos-cats-isac-uc/)** (score: 3.0) — Presents Integrated Sensing and Communications (ISAC) as a use case for CATS architecture. Explores
- **[draft-hong-nmrg-agenticai-ps](https://datatracker.ietf.org/doc/draft-hong-nmrg-agenticai-ps/)** (score: 3.0) — Presents problem statement and motivations for applying Agentic AI to network management. Emphasizes
- **[draft-zhao-nmrg-ai-agent-for-dtn](https://datatracker.ietf.org/doc/draft-zhao-nmrg-ai-agent-for-dtn/)** (score: 3.0) — Proposes AI agent architecture for Digital Twin Networks, integrating autonomous agents at each DTN
- **[draft-fu-nmop-agent-communication-framework](https://datatracker.ietf.org/doc/draft-fu-nmop-agent-communication-framework/)** (score: 3.0) — Proposes a multi-agent communication framework for network AIOps with AI gateway, Agent Name Service
- **[draft-leon-distributed-multi-signer](https://datatracker.ietf.org/doc/draft-leon-distributed-multi-signer/)** (score: 3.0) — Defines distributed DNSSEC multi-signer architecture with multi-signer agents and combiners. Introdu
- **[draft-yang-dmsc-ioa-task-protocol](https://datatracker.ietf.org/doc/draft-yang-dmsc-ioa-task-protocol/)** (score: 3.0) — Defines a protocol for distributed collaboration among heterogeneous AI agents, enabling dynamic tea
- **[draft-condrey-rats-witnessd-enrollment](https://datatracker.ietf.org/doc/draft-condrey-rats-witnessd-enrollment/)** (score: 3.0) — Specifies trust anchor bootstrap protocol for proof of process framework. Defines device enrollment,
- **[draft-ietf-roll-enrollment-priority](https://datatracker.ietf.org/doc/draft-ietf-roll-enrollment-priority/)** (score: 2.9) — Provides mechanism for RPL Root to control enrollment announcements and adjust enrollment priorities
## Autonomous network operations (5 drafts)
- **[draft-hw-ai-agent-6g](https://datatracker.ietf.org/doc/draft-hw-ai-agent-6g/)** (score: 3.1) — This draft analyzes requirements for agent protocols specifically tailored to 6G mobile networks, ex
- **[draft-zhang-agent-gap-network](https://datatracker.ietf.org/doc/draft-zhang-agent-gap-network/)** (score: 3.0) — This draft identifies problems and gaps in mobile core networks for supporting AI agent communicatio
- **[draft-cui-ai-agent-task](https://datatracker.ietf.org/doc/draft-cui-ai-agent-task/)** (score: 3.0) — This draft proposes requirements for standardized AI agent protocols to enable task-oriented coordin
- **[draft-zhang-rtgwg-ai-agents-troubleshooting](https://datatracker.ietf.org/doc/draft-zhang-rtgwg-ai-agents-troubleshooting/)** (score: 2.9) — This draft defines use cases and communication protocol requirements for troubleshooting agents depl
- **[draft-wang-nmrg-magent-im](https://datatracker.ietf.org/doc/draft-wang-nmrg-magent-im/)** (score: 2.9) — This draft proposes a protocol-agnostic data model for multi-agent communication in autonomous netwo
## Data formats / semantics for AI interop (3 drafts)
## Data formats / semantics for AI interop (2 drafts)
- **[draft-liu-agent-context-protocol](https://datatracker.ietf.org/doc/draft-liu-agent-context-protocol/)** (score: 3.5) — This draft proposes a standard protocol for AI agents to communicate context information to each oth
- **[draft-narvaneni-agent-uri](https://datatracker.ietf.org/doc/draft-narvaneni-agent-uri/)** (score: 3.3) — This draft defines the agent:// URI scheme for addressing and interoperating with software agents ac
- **[draft-xie-ai-agent-multimodal](https://datatracker.ietf.org/doc/draft-xie-ai-agent-multimodal/)** (score: 2.9) — This draft outlines requirements for multimodal communication in AI agent protocols, enabling agents
## Data formats/interop (80 drafts)
## Data formats/interop (85 drafts)
- **[draft-cowles-volt](https://datatracker.ietf.org/doc/draft-cowles-volt/)** (score: 4.8) — Defines tamper-evident execution trace format for AI agent workflows using hash chains and cryptogra
- **[draft-williams-netmod-lm-hierarchy-topology](https://datatracker.ietf.org/doc/draft-williams-netmod-lm-hierarchy-topology/)** (score: 4.6) — Defines YANG data model for hierarchical language model coordination across tiny, small, and large L
- **[draft-ietf-lake-app-profiles](https://datatracker.ietf.org/doc/draft-ietf-lake-app-profiles/)** (score: 4.6) — Defines canonical CBOR representation for EDHOC application profiles and coordination mechanisms for
- **[draft-chang-agent-token-efficient](https://datatracker.ietf.org/doc/draft-chang-agent-token-efficient/)** (score: 4.5) — Defines ADOL (Agentic Data Optimization Layer) to address token bloat in agent communication protoco
- **[draft-birkholz-verifiable-agent-conversations](https://datatracker.ietf.org/doc/draft-birkholz-verifiable-agent-conversations/)** (score: 4.5) — Defines CDDL-based data format for verifiable agent conversation records using COSE signing. Support
- **[draft-ietf-aipref-vocab](https://datatracker.ietf.org/doc/draft-ietf-aipref-vocab/)** (score: 4.4) — Defines a standardized vocabulary for expressing preferences about how digital assets should be used
- **[draft-cui-nmrg-llm-benchmark](https://datatracker.ietf.org/doc/draft-cui-nmrg-llm-benchmark/)** (score: 4.3) — Provides comprehensive evaluation framework for LLM-based network configuration agents. Includes emu
- **[draft-ietf-anima-constrained-voucher](https://datatracker.ietf.org/doc/draft-ietf-anima-constrained-voucher/)** (score: 4.3) — Adapts BRSKI secure device onboarding for constrained IoT environments using CBOR vouchers and CoAP/
- **[draft-ietf-hpke-hpke](https://datatracker.ietf.org/doc/draft-ietf-hpke-hpke/)** (score: 4.3) — Comprehensive specification for hybrid public key encryption supporting arbitrary-sized plaintexts.
@@ -368,14 +341,18 @@
- **[draft-gaikwad-llm-benchmarking-methodology](https://datatracker.ietf.org/doc/draft-gaikwad-llm-benchmarking-methodology/)** (score: 4.2) — Defines comprehensive benchmarking methodologies for LLM inference serving systems including test pr
- **[draft-ietf-sshm-mlkem-hybrid-kex](https://datatracker.ietf.org/doc/draft-ietf-sshm-mlkem-hybrid-kex/)** (score: 4.2) — Defines post-quantum hybrid key exchange combining ML-KEM with traditional ECDH for SSH transport la
- **[draft-ietf-tls-extended-key-update](https://datatracker.ietf.org/doc/draft-ietf-tls-extended-key-update/)** (score: 4.2) — Adds post-compromise security to TLS 1.3 through fresh Diffie-Hellman exchanges during active sessio
- **[draft-calabria-bmwg-ai-fabric-terminology](https://datatracker.ietf.org/doc/draft-calabria-bmwg-ai-fabric-terminology/)** (score: 4.2) — Defines comprehensive benchmarking terminology for AI network fabrics including collective communica
- **[draft-narajala-ans](https://datatracker.ietf.org/doc/draft-narajala-ans/)** (score: 4.2) — Introduces Agent Name Service (ANS) as a DNS-based universal directory for AI agent discovery and ve
- **[draft-li-dmsc-macp](https://datatracker.ietf.org/doc/draft-li-dmsc-macp/)** (score: 4.2) — Specifies a comprehensive multi-agent collaboration protocol suite using Agent Gateways for registra
- **[draft-gaikwad-llm-benchmarking-profiles](https://datatracker.ietf.org/doc/draft-gaikwad-llm-benchmarking-profiles/)** (score: 4.2) — Defines performance benchmarking profiles binding terminology and methodology to concrete architectu
- **[draft-cui-dns-native-agent-naming-resolution](https://datatracker.ietf.org/doc/draft-cui-dns-native-agent-naming-resolution/)** (score: 4.1) — Specifies DNS-native naming and resolution for AI agents using FQDNs and SVCB records. Emphasizes DN
- **[draft-nederveld-adl](https://datatracker.ietf.org/doc/draft-nederveld-adl/)** (score: 4.1) — Defines ADL, a JSON-based standard for describing AI agents including their capabilities, tools, per
- **[draft-steele-agent-considerations](https://datatracker.ietf.org/doc/draft-steele-agent-considerations/)** (score: 4.0) — Defines guidelines for IETF specifications to support AI agent consumption and code generation. Intr
- **[draft-chen-nmrg-multi-provider-inference-api](https://datatracker.ietf.org/doc/draft-chen-nmrg-multi-provider-inference-api/)** (score: 4.0) — Specifies extensions for multi-provider AI inference using OpenAI API as reference standard. Enables
- **[draft-ietf-lisp-nexagon](https://datatracker.ietf.org/doc/draft-ietf-lisp-nexagon/)** (score: 4.0) — Combines LISP with H3 spatial indexing to create geospatial intelligence network for physical-world
- **[draft-nennemann-wimse-ect](https://datatracker.ietf.org/doc/draft-nennemann-wimse-ect/)** (score: 4.0) — Defines Execution Context Tokens as JWT extension to WIMSE for tracking task execution in distribute
- **[draft-jennings-ai-mcp-over-moq](https://datatracker.ietf.org/doc/draft-jennings-ai-mcp-over-moq/)** (score: 4.0) — Defines how to transport Model Context Protocol (MCP) messages over Media over QUIC Transport (MOQT)
- **[draft-dunbar-neotec-ac-te-applicability](https://datatracker.ietf.org/doc/draft-dunbar-neotec-ac-te-applicability/)** (score: 4.0) — Applies existing IETF YANG models for Attachment Circuits and Traffic Engineering to dynamic AI mode
- **[draft-ietf-ace-coap-est-oscore](https://datatracker.ietf.org/doc/draft-ietf-ace-coap-est-oscore/)** (score: 3.9) — Specifies carrying EST certificate provisioning over CoAP using OSCORE protection instead of DTLS. B
- **[draft-agent-gw](https://datatracker.ietf.org/doc/draft-agent-gw/)** (score: 3.9) — Proposes an Intelligent Agent Communication Gateway for large-scale multi-agent collaboration. Featu
- **[draft-mp-agntcy-ads](https://datatracker.ietf.org/doc/draft-mp-agntcy-ads/)** (score: 3.9) — Describes Agent Directory Service for storing and discovering AI agent metadata based on skills. Fea
@@ -388,77 +365,78 @@
- **[draft-jurkovikj-httpapi-agentic-state](https://datatracker.ietf.org/doc/draft-jurkovikj-httpapi-agentic-state/)** (score: 3.9) — Defines Agentic State Transfer (AST) HTTP profile for managing canonical resource state across multi
- **[draft-tejido-swp-core](https://datatracker.ietf.org/doc/draft-tejido-swp-core/)** (score: 3.9) — Specifies SlimWire Protocol Core, a binary framing layer for agent/tool messaging with profile-based
- **[draft-bradleylundberg-cfrg-arkg](https://datatracker.ietf.org/doc/draft-bradleylundberg-cfrg-arkg/)** (score: 3.9) — Defines Asynchronous Remote Key Generation algorithm enabling delegation of public key generation wi
- **[draft-tsyrulnikov-rats-attested-inference-receipt](https://datatracker.ietf.org/doc/draft-tsyrulnikov-rats-attested-inference-receipt/)** (score: 3.9) — Defines Attested Inference Receipt (AIR) using COSE/CWT to create verifiable receipts for confidenti
- **[draft-templin-intarea-aero2](https://datatracker.ietf.org/doc/draft-templin-intarea-aero2/)** (score: 3.9) — Specifies AERO service for IP internetworking over overlay multilink networks using IPv6 ND for cont
- **[draft-ramadan-mboned-sonar](https://datatracker.ietf.org/doc/draft-ramadan-mboned-sonar/)** (score: 3.8) — Specifies a protocol for verifiable multicast delivery using cryptoeconomic accountability and stati
- **[draft-sogomonian-ai-uri-scheme](https://datatracker.ietf.org/doc/draft-sogomonian-ai-uri-scheme/)** (score: 3.8) — Defines experimental AI URI scheme for dedicated AI resource access. Enables native connectivity for
- **[draft-srijal-agents-policy](https://datatracker.ietf.org/doc/draft-srijal-agents-policy/)** (score: 3.8) — Specifies AGENTS.TXT protocol as strict plaintext policy file for automated clients, bots, and crawl
- **[draft-abbey-scim-agent-extension](https://datatracker.ietf.org/doc/draft-abbey-scim-agent-extension/)** (score: 3.8) — Extends SCIM 2.0 protocol to manage AI agents and agentic applications across domains. Adds new sche
- **[draft-ietf-aipref-attach](https://datatracker.ietf.org/doc/draft-ietf-aipref-attach/)** (score: 3.8) — Specifies how AI usage preferences can be signaled during HTTP content acquisition. Updates RFC 9309
- **[draft-scim-agent-extension](https://datatracker.ietf.org/doc/draft-scim-agent-extension/)** (score: 3.7) — Extends SCIM 2.0 specification to manage agents and agentic applications across domains. Builds on e
- **[draft-rosenberg-aiproto-framework](https://datatracker.ietf.org/doc/draft-rosenberg-aiproto-framework/)** (score: 3.7) — Provides framework and requirements for AI agent protocols on the Internet. Surveys existing approac
- **[draft-ietf-lamps-rfc7030-csrattrs](https://datatracker.ietf.org/doc/draft-ietf-lamps-rfc7030-csrattrs/)** (score: 3.7) — Updates RFC7030 to clarify CSR Attributes Response encoding and adds template-based approach for EST
- **[draft-ietf-suit-firmware-encryption](https://datatracker.ietf.org/doc/draft-ietf-suit-firmware-encryption/)** (score: 3.7) — Specifies encryption techniques for firmware and software payloads in SUIT manifests. Uses ES-DH and
- **[draft-ietf-lamps-est-renewal-info](https://datatracker.ietf.org/doc/draft-ietf-lamps-est-renewal-info/)** (score: 3.7) — Extends EST protocol to provide server-side recommendations for certificate renewal timing. Addresse
- **[draft-ietf-netconf-configuration-tracing](https://datatracker.ietf.org/doc/draft-ietf-netconf-configuration-tracing/)** (score: 3.7) — Specifies a NETCONF mechanism to map configuration modifications to their originating NMS using exte
- **[draft-howe-sipcore-mcp-extension](https://datatracker.ietf.org/doc/draft-howe-sipcore-mcp-extension/)** (score: 3.7) — Defines SIP extension to carry Model Context Protocol with new option-tags, headers, and media types
- **[draft-rosenberg-aiproto](https://datatracker.ietf.org/doc/draft-rosenberg-aiproto/)** (score: 3.7) — Defines N-ACT protocol for AI agents to discover and invoke third-party tools and APIs. Focuses on e
- **[draft-rosenberg-aiproto-nact](https://datatracker.ietf.org/doc/draft-rosenberg-aiproto-nact/)** (score: 3.7) — Defines N-ACT protocol for AI agents to discover and invoke third-party tools and APIs. Focuses on e
- **[draft-zyyhl-agent-networks-framework](https://datatracker.ietf.org/doc/draft-zyyhl-agent-networks-framework/)** (score: 3.6) — Defines comprehensive framework for AI agent networks based on Agent Network Protocol (ANP). Provide
- **[draft-yang-ioa-protocol](https://datatracker.ietf.org/doc/draft-yang-ioa-protocol/)** (score: 3.6) — Defines the Internet of Agents Protocol for distributed collaboration among heterogeneous AI agents.
- **[draft-zm-rtgwg-mcp-troubleshooting](https://datatracker.ietf.org/doc/draft-zm-rtgwg-mcp-troubleshooting/)** (score: 3.6) — Proposes using Model Context Protocol (MCP) to enable LLM-based automated network troubleshooting. M
- **[draft-reilly-sentinel-protocol](https://datatracker.ietf.org/doc/draft-reilly-sentinel-protocol/)** (score: 3.6) — Defines blockchain-anchored integrity protocol for AI lifecycle provenance using Sentinel Evidence P
- **[draft-altanai-aipref-realtime-protocol-bindings](https://datatracker.ietf.org/doc/draft-altanai-aipref-realtime-protocol-bindings/)** (score: 3.6) — Defines how AI preference expressions are bound to real-time protocols like SIP and SDP. Specifies h
- **[draft-mozleywilliams-dnsop-dnsaid](https://datatracker.ietf.org/doc/draft-mozleywilliams-dnsop-dnsaid/)** (score: 3.6) — Uses existing DNS infrastructure for AI agent discovery through structured namespace and metadata ex
- **[draft-eggert-mailmaint-uaautoconf](https://datatracker.ietf.org/doc/draft-eggert-mailmaint-uaautoconf/)** (score: 3.6) — Specifies automatic configuration mechanism for email, calendar, and contact applications. Enables s
- **[draft-gaikwad-aps-profile](https://datatracker.ietf.org/doc/draft-gaikwad-aps-profile/)** (score: 3.6) — Storage service profile for agent persistent state including embeddings, preferences, and audit logs
- **[draft-moreno-lisp-uberlay](https://datatracker.ietf.org/doc/draft-moreno-lisp-uberlay/)** (score: 3.6) — Describes using LISP to interconnect multiple independent network overlays through a transit overlay
- **[draft-ietf-lake-edhoc-psk](https://datatracker.ietf.org/doc/draft-ietf-lake-edhoc-psk/)** (score: 3.6) — Specifies pre-shared key authentication method for EDHOC key exchange protocol. Enhances efficiency
- **[draft-vaughan-aipref-vocab](https://datatracker.ietf.org/doc/draft-vaughan-aipref-vocab/)** (score: 3.6) — Proposes vocabulary for rightsholders to express content preferences for AI training use through met
- **[draft-irtf-nmrg-llm-nm](https://datatracker.ietf.org/doc/draft-irtf-nmrg-llm-nm/)** (score: 3.5) — Defines framework for collaborative network management between LLMs and human operators with human-i
- **[draft-ietf-sml-trust](https://datatracker.ietf.org/doc/draft-ietf-sml-trust/)** (score: 3.5) — Provides trust and security recommendations for handling structured data in email messages. Addresse
- **[draft-zeng-opsawg-applicability-mcp-a2a](https://datatracker.ietf.org/doc/draft-zeng-opsawg-applicability-mcp-a2a/)** (score: 3.5) — Analyzes NETCONF limitations for advanced scenarios and proposes MCP and A2A protocols as complement
- **[draft-kartha-grd](https://datatracker.ietf.org/doc/draft-kartha-grd/)** (score: 3.4) — Defines architectural framework for discovering network resources based on physical location and con
- **[draft-li-cats-aisemantic-contract](https://datatracker.ietf.org/doc/draft-li-cats-aisemantic-contract/)** (score: 3.4) — Defines a contract mechanism allowing AI applications to communicate semantic information about thei
- **[draft-kartha-internet20-ainative](https://datatracker.ietf.org/doc/draft-kartha-internet20-ainative/)** (score: 3.4) — Proposes Internet 2.0 architecture with AI models as first-class network entities, including HTTP+AI
- **[draft-yan-a2a-device-agent-applicability](https://datatracker.ietf.org/doc/draft-yan-a2a-device-agent-applicability/)** (score: 3.4) — Discusses applying Agent-to-Agent (A2A) Protocol to network management for communication between Con
- **[draft-ietf-lamps-private-key-stmt-attr](https://datatracker.ietf.org/doc/draft-ietf-lamps-private-key-stmt-attr/)** (score: 3.4) — Defines X.509 attribute for private key possession statements as alternative to cryptographic proof
- **[draft-yue-moq-transporting-sensing-data](https://datatracker.ietf.org/doc/draft-yue-moq-transporting-sensing-data/)** (score: 3.4) — Proposes using Media Over QUIC (MOQ) to transport large-scale, real-time sensing data in 6G networks
- **[draft-ramakrishna-satp-views-addresses](https://datatracker.ietf.org/doc/draft-ramakrishna-satp-views-addresses/)** (score: 3.4) — Defines view and addressing mechanisms for secure asset transfer between DLT systems. Enables cross-
- **[draft-zw-rtgwg-mcp-network-mgmt](https://datatracker.ietf.org/doc/draft-zw-rtgwg-mcp-network-mgmt/)** (score: 3.4) — Specifies MCP extensions for network equipment management with routers/switches as MCP servers. Defi
- **[draft-thomson-aipref-sup](https://datatracker.ietf.org/doc/draft-thomson-aipref-sup/)** (score: 3.4) — Defines simple format for content usage preference expressions with HTTP header field. Updates RFC93
- **[draft-stephan-ai-agent-6g](https://datatracker.ietf.org/doc/draft-stephan-ai-agent-6g/)** (score: 3.4) — Examines AI agent communication protocols specifically for 6G systems based on 3GPP requirements. Ex
- **[draft-han-rtgwg-codeployment-pfc-fgfc](https://datatracker.ietf.org/doc/draft-han-rtgwg-codeployment-pfc-fgfc/)** (score: 3.4) — Describes use cases for coordinating flow control between data center PFC and WAN fine-grained flow
- **[draft-sz-dmsc-iaip](https://datatracker.ietf.org/doc/draft-sz-dmsc-iaip/)** (score: 3.3) — Defines Intent-based Agent Interconnection Protocol (IAIP) for dynamic agent discovery and routing a
- **[draft-xsaopig-nmop-service-flow-modal-mapping](https://datatracker.ietf.org/doc/draft-xsaopig-nmop-service-flow-modal-mapping/)** (score: 3.3) — Proposes a framework using ALTO protocol and SDN architecture for mapping service flow characteristi
- **[draft-mcp-over-moqt](https://datatracker.ietf.org/doc/draft-mcp-over-moqt/)** (score: 3.3) — Defines transport mapping for Model Context Protocol over Media over QUIC Transport. Specifies how M
- **[draft-jennings-mcp-over-moqt](https://datatracker.ietf.org/doc/draft-jennings-mcp-over-moqt/)** (score: 3.3) — Defines transport mapping for Model Context Protocol over Media over QUIC Transport. Specifies how M
- **[draft-chuyi-nmrg-ai-agent-network](https://datatracker.ietf.org/doc/draft-chuyi-nmrg-ai-agent-network/)** (score: 3.2) — Focuses on large language model-based agents for network operations and maintenance. Addresses pract
- **[draft-liu-rtgwg-agent-gateway-requirements](https://datatracker.ietf.org/doc/draft-liu-rtgwg-agent-gateway-requirements/)** (score: 3.2) — Discusses requirements for Agent Gateways in agent-to-agent communications to improve scalability, e
- **[draft-gaikwad-woa](https://datatracker.ietf.org/doc/draft-gaikwad-woa/)** (score: 3.2) — Specifies Web of Agents (WoA) format using JSON Schema to describe AI agent inputs/outputs served fr
- **[draft-gupta-httpapi-events-query](https://datatracker.ietf.org/doc/draft-gupta-httpapi-events-query/)** (score: 3.2) — Proposes Events Query Protocol (EQP) built on HTTP for user agents to receive event notifications di
- **[draft-meunier-webbotauth-registry](https://datatracker.ietf.org/doc/draft-meunier-webbotauth-registry/)** (score: 3.2) — Defines a JSON format for web bot signature agent cards to advertise identity, purpose, and cryptogr
- **[draft-zhang-dmsc-ioa-semantic-interaction](https://datatracker.ietf.org/doc/draft-zhang-dmsc-ioa-semantic-interaction/)** (score: 3.2) — Specifies a semantic layer for Internet of Agents using ontology models and JSON-LD serialization. D
- **[draft-zeng-mcp-troubleshooting](https://datatracker.ietf.org/doc/draft-zeng-mcp-troubleshooting/)** (score: 3.1) — Applies Model Context Protocol to network management for intent-based troubleshooting. Maps MCP role
- **[draft-a2a-moqt-transport](https://datatracker.ietf.org/doc/draft-a2a-moqt-transport/)** (score: 3.1) — Specifies transport of Agent-to-Agent protocol over Media over QUIC Transport. Leverages MOQT's publ
- **[draft-levy-llm-uri-scheme](https://datatracker.ietf.org/doc/draft-levy-llm-uri-scheme/)** (score: 3.1) — Defines a URI scheme for identifying LLM endpoints with embedded configuration parameters. Creates a
- **[draft-tojens-dhcp-option-concat-considerations](https://datatracker.ietf.org/doc/draft-tojens-dhcp-option-concat-considerations/)** (score: 3.1) — Updates RFC 3396 to make DHCP option concatenation requirements more flexible. Addresses real-world
- **[draft-ietf-lamps-rfc5274bis](https://datatracker.ietf.org/doc/draft-ietf-lamps-rfc5274bis/)** (score: 3.1) — Defines compliance requirements for Certificate Management Messages over CMS (CMC) enrollment protoc
- **[draft-vinaysingh-awp-wellknown](https://datatracker.ietf.org/doc/draft-vinaysingh-awp-wellknown/)** (score: 3.1) — Defines well-known URI and link relation for exposing website workflows to automated agents. Provide
- **[draft-wendt-stir-vesper](https://datatracker.ietf.org/doc/draft-wendt-stir-vesper/)** (score: 3.0) — Formalizes framework for verifiable telephone number identity using delegate certificates and author
- **[draft-ietf-lamps-e2e-mail-guidance](https://datatracker.ietf.org/doc/draft-ietf-lamps-e2e-mail-guidance/)** (score: 3.0) — Provides comprehensive guidance for implementing end-to-end email encryption securely. Addresses usa
- **[draft-nandakumar-a2a-moqt-transport](https://datatracker.ietf.org/doc/draft-nandakumar-a2a-moqt-transport/)** (score: 3.0) — Identical specification to draft-a2a-moqt-transport for transporting Agent-to-Agent protocol over MO
- **[draft-zhao-nmrg-ai-agent-for-dtn](https://datatracker.ietf.org/doc/draft-zhao-nmrg-ai-agent-for-dtn/)** (score: 3.0) — Proposes AI agent architecture for Digital Twin Networks, integrating autonomous agents at each DTN
- **[draft-cui-dmsc-agent-cdi](https://datatracker.ietf.org/doc/draft-cui-dmsc-agent-cdi/)** (score: 3.0) — Defines comprehensive framework for cross-domain AI agent interoperability including identity federa
- **[draft-leon-distributed-multi-signer](https://datatracker.ietf.org/doc/draft-leon-distributed-multi-signer/)** (score: 3.0) — Defines distributed DNSSEC multi-signer architecture with multi-signer agents and combiners. Introdu
- **[draft-happel-structured-email-trust](https://datatracker.ietf.org/doc/draft-happel-structured-email-trust/)** (score: 2.9) — Provides trust and security recommendations for handling structured data in email messages. Focuses
- **[draft-ramakrishna-satp-data-sharing](https://datatracker.ietf.org/doc/draft-ramakrishna-satp-data-sharing/)** (score: 2.9) — Defines a DLT-neutral protocol for sharing asset views and metadata across blockchain networks via g
- **[draft-bastian-jose-pkdh](https://datatracker.ietf.org/doc/draft-bastian-jose-pkdh/)** (score: 2.9) — Defines a method to derive symmetric MAC keys from public information in JSON Web Signatures using D
## Human-agent interaction (16 drafts)
## Human-agent interaction (19 drafts)
- **[draft-drake-email-tpm-attestation](https://datatracker.ietf.org/doc/draft-drake-email-tpm-attestation/)** (score: 4.6) — Defines hardware attestation for email using TPM verification chains to prevent spam and provide Syb
- **[draft-ietf-aipref-vocab](https://datatracker.ietf.org/doc/draft-ietf-aipref-vocab/)** (score: 4.4) — Defines a standardized vocabulary for expressing preferences about how digital assets should be used
- **[draft-dhir-http-agent-profile](https://datatracker.ietf.org/doc/draft-dhir-http-agent-profile/)** (score: 4.2) — Defines HTTP Agent Profile for authenticating agent traffic, separating human from agent traffic, an
- **[draft-song-tsvwg-camp](https://datatracker.ietf.org/doc/draft-song-tsvwg-camp/)** (score: 4.2) — Proposes CAMP, a multipath transport protocol for interactive multimodal LLM systems that maintains
- **[draft-liu-agent-operation-authorization](https://datatracker.ietf.org/doc/draft-liu-agent-operation-authorization/)** (score: 4.1) — Specifies framework for verifiable delegation of actions from humans to AI agents using JWT tokens.
- **[draft-cui-nmrg-llm-nm](https://datatracker.ietf.org/doc/draft-cui-nmrg-llm-nm/)** (score: 4.1) — Defines framework for collaborative network management between LLM agents and human operators. Intro
- **[draft-steele-agent-considerations](https://datatracker.ietf.org/doc/draft-steele-agent-considerations/)** (score: 4.0) — Defines guidelines for IETF specifications to support AI agent consumption and code generation. Intr
- **[draft-mishra-oauth-agent-grants](https://datatracker.ietf.org/doc/draft-mishra-oauth-agent-grants/)** (score: 4.0) — Extends OAuth 2.0 for AI agent authorization with human consent verification, revocation, and audit
- **[draft-rosenberg-aiproto-cheq](https://datatracker.ietf.org/doc/draft-rosenberg-aiproto-cheq/)** (score: 3.9) — Proposes CHEQ protocol for human confirmation of AI agent decisions before execution. Protects again
- **[draft-farzdusa-aipref-enduser](https://datatracker.ietf.org/doc/draft-farzdusa-aipref-enduser/)** (score: 3.8) — Documents potential end user impacts of AI preference signaling standards across technological, lega
- **[draft-oauth-ai-agents-on-behalf-of-user](https://datatracker.ietf.org/doc/draft-oauth-ai-agents-on-behalf-of-user/)** (score: 3.7) — This draft extends OAuth 2.0 to enable AI agents to securely obtain access tokens for acting on beha
- **[draft-rosenberg-cheq](https://datatracker.ietf.org/doc/draft-rosenberg-cheq/)** (score: 3.6) — Proposes CHEQ protocol for human-in-the-loop confirmation of AI agent decisions before execution. Us
- **[draft-zm-rtgwg-mcp-troubleshooting](https://datatracker.ietf.org/doc/draft-zm-rtgwg-mcp-troubleshooting/)** (score: 3.6) — Proposes using Model Context Protocol (MCP) to enable LLM-based automated network troubleshooting. M
- **[draft-altanai-aipref-realtime-protocol-bindings](https://datatracker.ietf.org/doc/draft-altanai-aipref-realtime-protocol-bindings/)** (score: 3.6) — Defines how AI preference expressions are bound to real-time protocols like SIP and SDP. Specifies h
- **[draft-irtf-nmrg-llm-nm](https://datatracker.ietf.org/doc/draft-irtf-nmrg-llm-nm/)** (score: 3.5) — Defines framework for collaborative network management between LLMs and human operators with human-i
- **[draft-zeng-mcp-network-measurement](https://datatracker.ietf.org/doc/draft-zeng-mcp-network-measurement/)** (score: 3.5) — Proposes MCP framework for intelligent network measurement with AI assistance. Enables natural langu
- **[draft-meta-layer-overview](https://datatracker.ietf.org/doc/draft-meta-layer-overview/)** (score: 3.5) — Introduces Meta-layer concept as coordination substrate for presence, annotation, and governance on
- **[draft-thomson-aipref-sup](https://datatracker.ietf.org/doc/draft-thomson-aipref-sup/)** (score: 3.4) — Defines simple format for content usage preference expressions with HTTP header field. Updates RFC93
- **[draft-zeng-nmrg-mcp-usecases-requirements](https://datatracker.ietf.org/doc/draft-zeng-nmrg-mcp-usecases-requirements/)** (score: 3.4) — Presents problem statement for integrating Model Context Protocol into network management for AI age
- **[draft-gupta-httpapi-events-query](https://datatracker.ietf.org/doc/draft-gupta-httpapi-events-query/)** (score: 3.2) — Proposes Events Query Protocol (EQP) built on HTTP for user agents to receive event notifications di
- **[draft-zeng-mcp-troubleshooting](https://datatracker.ietf.org/doc/draft-zeng-mcp-troubleshooting/)** (score: 3.1) — Applies Model Context Protocol to network management for intent-based troubleshooting. Maps MCP role
- **[draft-vinaysingh-awp-wellknown](https://datatracker.ietf.org/doc/draft-vinaysingh-awp-wellknown/)** (score: 3.1) — Defines well-known URI and link relation for exposing website workflows to automated agents. Provide
## Identity / authentication for AI agents (7 drafts)
## Identity / authentication for AI agents (6 drafts)
- **[draft-nandakumar-agent-sd-jwt](https://datatracker.ietf.org/doc/draft-nandakumar-agent-sd-jwt/)** (score: 3.9) — This draft defines SD-Card, a Selective Disclosure JWT encoding of Agent Cards that enables privacy-
- **[draft-wahl-scim-agent-schema](https://datatracker.ietf.org/doc/draft-wahl-scim-agent-schema/)** (score: 3.9) — This draft extends the SCIM (System for Cross-domain Identity Management) protocol to support AI age
@@ -466,64 +444,89 @@
- **[draft-chen-agent-decoupled-authorization-model](https://datatracker.ietf.org/doc/draft-chen-agent-decoupled-authorization-model/)** (score: 3.5) — This draft proposes a decoupled authorization framework for AI agents that enables dynamic, intent-b
- **[draft-huang-acme-scalable-agent-enrollment](https://datatracker.ietf.org/doc/draft-huang-acme-scalable-agent-enrollment/)** (score: 3.5) — This draft proposes two scalable models for certificate enrollment of AI agents: one using Zero-Know
- **[draft-zheng-dispatch-agent-identity-management](https://datatracker.ietf.org/doc/draft-zheng-dispatch-agent-identity-management/)** (score: 3.3) — This draft proposes an identity management framework for agents in an Internet of Agents (IOA) syste
- **[draft-yl-agent-id-requirements](https://datatracker.ietf.org/doc/draft-yl-agent-id-requirements/)** (score: 2.9) — This draft proposes requirements for digital identity management in AI agent communication protocols
## ML traffic mgmt (15 drafts)
## ML traffic mgmt (30 drafts)
- **[draft-calabria-bmwg-ai-fabric-inference-bench](https://datatracker.ietf.org/doc/draft-calabria-bmwg-ai-fabric-inference-bench/)** (score: 4.5) — Defines benchmarking methodology for AI inference network fabrics. Establishes KPIs and test procedu
- **[draft-dhir-http-agent-profile](https://datatracker.ietf.org/doc/draft-dhir-http-agent-profile/)** (score: 4.2) — Defines HTTP Agent Profile for authenticating agent traffic, separating human from agent traffic, an
- **[draft-calabria-bmwg-ai-fabric-terminology](https://datatracker.ietf.org/doc/draft-calabria-bmwg-ai-fabric-terminology/)** (score: 4.2) — Defines comprehensive benchmarking terminology for AI network fabrics including collective communica
- **[draft-li-spring-rdma-multicast-over-srv6](https://datatracker.ietf.org/doc/draft-li-spring-rdma-multicast-over-srv6/)** (score: 4.2) — Specifies SRv6 extensions for RDMA multicast delivery with new End.MT behavior and ACK/NACK aggregat
- **[draft-song-tsvwg-camp](https://datatracker.ietf.org/doc/draft-song-tsvwg-camp/)** (score: 4.2) — Proposes CAMP, a multipath transport protocol for interactive multimodal LLM systems that maintains
- **[draft-yao-tsvwg-cco-requirement-and-analysis](https://datatracker.ietf.org/doc/draft-yao-tsvwg-cco-requirement-and-analysis/)** (score: 4.2) — Analyzes collective communication optimizations for AI training and inference clusters built on RDMA
- **[draft-cui-nmrg-llm-nm](https://datatracker.ietf.org/doc/draft-cui-nmrg-llm-nm/)** (score: 4.1) — Defines framework for collaborative network management between LLM agents and human operators. Intro
- **[draft-chen-nmrg-semantic-inference-routing](https://datatracker.ietf.org/doc/draft-chen-nmrg-semantic-inference-routing/)** (score: 4.1) — Defines SIRP protocol for content-aware routing of AI inference requests. Enables routing decisions
- **[draft-dunbar-neotec-ac-te-applicability](https://datatracker.ietf.org/doc/draft-dunbar-neotec-ac-te-applicability/)** (score: 4.0) — Applies existing IETF YANG models for Attachment Circuits and Traffic Engineering to dynamic AI mode
- **[draft-liao-aipref-autoctl-core](https://datatracker.ietf.org/doc/draft-liao-aipref-autoctl-core/)** (score: 4.0) — Defines core machine-readable protocol for server-side automation permissions targeting AI-driven we
- **[draft-zhang-rtgwg-multicast-requirements-gaps-aidc](https://datatracker.ietf.org/doc/draft-zhang-rtgwg-multicast-requirements-gaps-aidc/)** (score: 3.9) — Identifies requirements for multicast technology in AI Data Centers to improve efficiency of point-t
- **[draft-akhavain-moussa-ai-network](https://datatracker.ietf.org/doc/draft-akhavain-moussa-ai-network/)** (score: 3.9) — Proposes Data and Agent Aware-Inference and Training Network (DA-ITN) architecture. Comprehensive mu
- **[draft-pan-tsvwg-pie](https://datatracker.ietf.org/doc/draft-pan-tsvwg-pie/)** (score: 3.9) — Presents PIE queue management algorithm to address bufferbloat by controlling queueing latency. Ligh
- **[draft-jurkovikj-httpapi-agentic-state](https://datatracker.ietf.org/doc/draft-jurkovikj-httpapi-agentic-state/)** (score: 3.9) — Defines Agentic State Transfer (AST) HTTP profile for managing canonical resource state across multi
- **[draft-yuan-rtgwg-traffic-agent-usecase](https://datatracker.ietf.org/doc/draft-yuan-rtgwg-traffic-agent-usecase/)** (score: 3.7) — Presents use cases for AI agents optimizing network traffic through dynamic resource adjustment. Det
- **[draft-an-nmrg-i2icf-cits](https://datatracker.ietf.org/doc/draft-an-nmrg-i2icf-cits/)** (score: 3.7) — Defines framework for orchestrating In-Network Computing Functions in Cooperative Intelligent Transp
- **[draft-cui-nmrg-auto-test](https://datatracker.ietf.org/doc/draft-cui-nmrg-auto-test/)** (score: 3.6) — Framework for AI-assisted network protocol testing using LLMs and automated test generation. Defines
- **[draft-xsaopig-nsttlp-traffic-labeling](https://datatracker.ietf.org/doc/draft-xsaopig-nsttlp-traffic-labeling/)** (score: 3.6) — Specifies protocol for embedding service type identifiers in network packets to enable intelligent t
- **[draft-zeng-mcp-network-measurement](https://datatracker.ietf.org/doc/draft-zeng-mcp-network-measurement/)** (score: 3.5) — Proposes MCP framework for intelligent network measurement with AI assistance. Enables natural langu
- **[draft-templin-intarea-aero](https://datatracker.ietf.org/doc/draft-templin-intarea-aero/)** (score: 3.5) — Specifies Automatic Extended Route Optimization (AERO) service for IP internetworking over Overlay M
- **[draft-du-catalist-routing-considerations](https://datatracker.ietf.org/doc/draft-du-catalist-routing-considerations/)** (score: 3.4) — Proposes routing considerations for AI agent-to-agent communication in overlay networks. Focuses on
- **[draft-tan-ccamp-uonaco-problem-statement](https://datatracker.ietf.org/doc/draft-tan-ccamp-uonaco-problem-statement/)** (score: 3.4) — Defines requirements for unified orchestration between optical networks and AI computing to enable c
- **[draft-li-cats-aisemantic-contract](https://datatracker.ietf.org/doc/draft-li-cats-aisemantic-contract/)** (score: 3.4) — Defines a contract mechanism allowing AI applications to communicate semantic information about thei
- **[draft-yue-moq-transporting-sensing-data](https://datatracker.ietf.org/doc/draft-yue-moq-transporting-sensing-data/)** (score: 3.4) — Proposes using Media Over QUIC (MOQ) to transport large-scale, real-time sensing data in 6G networks
- **[draft-han-rtgwg-codeployment-pfc-fgfc](https://datatracker.ietf.org/doc/draft-han-rtgwg-codeployment-pfc-fgfc/)** (score: 3.4) — Describes use cases for coordinating flow control between data center PFC and WAN fine-grained flow
- **[draft-wang-cats-innetwork-infer](https://datatracker.ietf.org/doc/draft-wang-cats-innetwork-infer/)** (score: 3.3) — Proposes a framework for decentralized LLM inference across untrusted participants using layer-aware
- **[draft-xsaopig-nmop-service-flow-modal-mapping](https://datatracker.ietf.org/doc/draft-xsaopig-nmop-service-flow-modal-mapping/)** (score: 3.3) — Proposes a framework using ALTO protocol and SDN architecture for mapping service flow characteristi
- **[draft-bernardos-nmrg-agentic-network-optimization](https://datatracker.ietf.org/doc/draft-bernardos-nmrg-agentic-network-optimization/)** (score: 3.3) — Focuses on agentic AI for distributed sensing in ISAC networks with joint optimization of sensing an
- **[draft-chuyi-nmrg-ai-agent-network](https://datatracker.ietf.org/doc/draft-chuyi-nmrg-ai-agent-network/)** (score: 3.2) — Focuses on large language model-based agents for network operations and maintenance. Addresses pract
- **[draft-tong-network-agent-use-cases-in-6g](https://datatracker.ietf.org/doc/draft-tong-network-agent-use-cases-in-6g/)** (score: 3.2) — Introduces network AI agent use cases in 6G focusing on connectivity services and third-party applic
- **[draft-kale-agntcy-federated-privacy](https://datatracker.ietf.org/doc/draft-kale-agntcy-federated-privacy/)** (score: 3.2) — Specifies architecture for privacy-preserving federated learning across multi-tenant AI agent system
- **[draft-mao-rtgwg-apn-framework-for-ioa](https://datatracker.ietf.org/doc/draft-mao-rtgwg-apn-framework-for-ioa/)** (score: 3.2) — Applies Application-aware Performance Network framework to Internet of Agents scenario. Addresses ne
- **[draft-liu-nmrg-ai-llm-inference-requirements](https://datatracker.ietf.org/doc/draft-liu-nmrg-ai-llm-inference-requirements/)** (score: 3.2) — Analyzes system and network requirements for large-scale LLM inference services. Investigates mainst
- **[draft-li-dmsc-inf-architecture](https://datatracker.ietf.org/doc/draft-li-dmsc-inf-architecture/)** (score: 3.1) — Proposes a network infrastructure architecture for large-scale multi-agent collaboration. Focuses on
- **[draft-bernardos-cats-isac-uc](https://datatracker.ietf.org/doc/draft-bernardos-cats-isac-uc/)** (score: 3.0) — Presents Integrated Sensing and Communications (ISAC) as a use case for CATS architecture. Explores
- **[draft-zhao-detnet-enhanced-use-cases](https://datatracker.ietf.org/doc/draft-zhao-detnet-enhanced-use-cases/)** (score: 3.2) — Describes enhanced use cases for scaling deterministic networks beyond RFC8578, covering industrial
## ML-based traffic management / optimization (1 drafts)
- **[draft-zhang-agent-gap-network](https://datatracker.ietf.org/doc/draft-zhang-agent-gap-network/)** (score: 3.0) — This draft identifies problems and gaps in mobile core networks for supporting AI agent communicatio
## Model serving/inference (10 drafts)
## Model serving/inference (22 drafts)
- **[draft-williams-netmod-lm-hierarchy-topology](https://datatracker.ietf.org/doc/draft-williams-netmod-lm-hierarchy-topology/)** (score: 4.6) — Defines YANG data model for hierarchical language model coordination across tiny, small, and large L
- **[draft-chang-agent-token-efficient](https://datatracker.ietf.org/doc/draft-chang-agent-token-efficient/)** (score: 4.5) — Defines ADOL (Agentic Data Optimization Layer) to address token bloat in agent communication protoco
- **[draft-calabria-bmwg-ai-fabric-inference-bench](https://datatracker.ietf.org/doc/draft-calabria-bmwg-ai-fabric-inference-bench/)** (score: 4.5) — Defines benchmarking methodology for AI inference network fabrics. Establishes KPIs and test procedu
- **[draft-wang-cats-odsi](https://datatracker.ietf.org/doc/draft-wang-cats-odsi/)** (score: 4.5) — Specifies framework for decentralized LLM inference across untrusted participants with layer-aware e
- **[draft-wmz-nmrg-agent-ndt-arch](https://datatracker.ietf.org/doc/draft-wmz-nmrg-agent-ndt-arch/)** (score: 4.2) — Comprehensive architecture combining Network Digital Twin with Agentic AI for intent-based network o
- **[draft-gaikwad-llm-benchmarking-methodology](https://datatracker.ietf.org/doc/draft-gaikwad-llm-benchmarking-methodology/)** (score: 4.2) — Defines comprehensive benchmarking methodologies for LLM inference serving systems including test pr
- **[draft-gaikwad-llm-benchmarking-profiles](https://datatracker.ietf.org/doc/draft-gaikwad-llm-benchmarking-profiles/)** (score: 4.2) — Defines performance benchmarking profiles binding terminology and methodology to concrete architectu
- **[draft-yao-tsvwg-cco-requirement-and-analysis](https://datatracker.ietf.org/doc/draft-yao-tsvwg-cco-requirement-and-analysis/)** (score: 4.2) — Analyzes collective communication optimizations for AI training and inference clusters built on RDMA
- **[draft-chen-nmrg-semantic-inference-routing](https://datatracker.ietf.org/doc/draft-chen-nmrg-semantic-inference-routing/)** (score: 4.1) — Defines SIRP protocol for content-aware routing of AI inference requests. Enables routing decisions
- **[draft-chen-nmrg-multi-provider-inference-api](https://datatracker.ietf.org/doc/draft-chen-nmrg-multi-provider-inference-api/)** (score: 4.0) — Specifies extensions for multi-provider AI inference using OpenAI API as reference standard. Enables
- **[draft-jennings-ai-mcp-over-moq](https://datatracker.ietf.org/doc/draft-jennings-ai-mcp-over-moq/)** (score: 4.0) — Defines how to transport Model Context Protocol (MCP) messages over Media over QUIC Transport (MOQT)
- **[draft-dunbar-neotec-ac-te-applicability](https://datatracker.ietf.org/doc/draft-dunbar-neotec-ac-te-applicability/)** (score: 4.0) — Applies existing IETF YANG models for Attachment Circuits and Traffic Engineering to dynamic AI mode
- **[draft-zhang-rtgwg-multicast-requirements-gaps-aidc](https://datatracker.ietf.org/doc/draft-zhang-rtgwg-multicast-requirements-gaps-aidc/)** (score: 3.9) — Identifies requirements for multicast technology in AI Data Centers to improve efficiency of point-t
- **[draft-akhavain-moussa-ai-network](https://datatracker.ietf.org/doc/draft-akhavain-moussa-ai-network/)** (score: 3.9) — Proposes Data and Agent Aware-Inference and Training Network (DA-ITN) architecture. Comprehensive mu
- **[draft-tsyrulnikov-rats-attested-inference-receipt](https://datatracker.ietf.org/doc/draft-tsyrulnikov-rats-attested-inference-receipt/)** (score: 3.9) — Defines Attested Inference Receipt (AIR) using COSE/CWT to create verifiable receipts for confidenti
- **[draft-li-individual-inip](https://datatracker.ietf.org/doc/draft-li-individual-inip/)** (score: 3.8) — Specifies a protocol for performing lightweight ML inference directly in network devices like switch
- **[draft-sogomonian-aiip-architecture](https://datatracker.ietf.org/doc/draft-sogomonian-aiip-architecture/)** (score: 3.7) — Defines architectural model for Artificial Intelligence Internet Protocol (AIIP) enabling stateless,
- **[draft-li-cats-idn](https://datatracker.ietf.org/doc/draft-li-cats-idn/)** (score: 3.6) — Introduces Intelligence Delivery Network (IDN) framework for deploying ML models across distributed
- **[draft-kartha-internet20-ainative](https://datatracker.ietf.org/doc/draft-kartha-internet20-ainative/)** (score: 3.4) — Proposes Internet 2.0 architecture with AI models as first-class network entities, including HTTP+AI
- **[draft-zhu-anima-service-intent](https://datatracker.ietf.org/doc/draft-zhu-anima-service-intent/)** (score: 3.4) — Defines a structured semantic model for expressing service-level objectives and constraints across n
- **[draft-wang-cats-innetwork-infer](https://datatracker.ietf.org/doc/draft-wang-cats-innetwork-infer/)** (score: 3.3) — Proposes a framework for decentralized LLM inference across untrusted participants using layer-aware
- **[draft-chuyi-nmrg-ai-agent-network](https://datatracker.ietf.org/doc/draft-chuyi-nmrg-ai-agent-network/)** (score: 3.2) — Focuses on large language model-based agents for network operations and maintenance. Addresses pract
- **[draft-tong-network-agent-use-cases-in-6g](https://datatracker.ietf.org/doc/draft-tong-network-agent-use-cases-in-6g/)** (score: 3.2) — Introduces network AI agent use cases in 6G focusing on connectivity services and third-party applic
- **[draft-liu-nmrg-ai-llm-inference-requirements](https://datatracker.ietf.org/doc/draft-liu-nmrg-ai-llm-inference-requirements/)** (score: 3.2) — Analyzes system and network requirements for large-scale LLM inference services. Investigates mainst
- **[draft-levy-llm-uri-scheme](https://datatracker.ietf.org/doc/draft-levy-llm-uri-scheme/)** (score: 3.1) — Defines a URI scheme for identifying LLM endpoints with embedded configuration parameters. Creates a
## Other AI/agent (8 drafts)
- **[draft-calabria-bmwg-ai-fabric-inference-bench](https://datatracker.ietf.org/doc/draft-calabria-bmwg-ai-fabric-inference-bench/)** (score: 4.5) — Defines benchmarking methodology for AI inference network fabrics. Establishes KPIs and test procedu
- **[draft-ietf-tls-ecdhe-mlkem](https://datatracker.ietf.org/doc/draft-ietf-tls-ecdhe-mlkem/)** (score: 4.4) — Defines hybrid post-quantum key agreement mechanisms for TLS 1.3 that combine ML-KEM with traditiona
- **[draft-wmz-nmrg-agent-ndt-arch](https://datatracker.ietf.org/doc/draft-wmz-nmrg-agent-ndt-arch/)** (score: 4.2) — Comprehensive architecture combining Network Digital Twin with Agentic AI for intent-based network o
- **[draft-an-nmrg-i2icf-cits](https://datatracker.ietf.org/doc/draft-an-nmrg-i2icf-cits/)** (score: 3.7) — Defines framework for orchestrating In-Network Computing Functions in Cooperative Intelligent Transp
- **[draft-cui-nmrg-auto-test](https://datatracker.ietf.org/doc/draft-cui-nmrg-auto-test/)** (score: 3.6) — Framework for AI-assisted network protocol testing using LLMs and automated test generation. Defines
- **[draft-stephan-ai-agent-6g](https://datatracker.ietf.org/doc/draft-stephan-ai-agent-6g/)** (score: 3.4) — Examines AI agent communication protocols specifically for 6G systems based on 3GPP requirements. Ex
- **[draft-architect-cittamarket](https://datatracker.ietf.org/doc/draft-architect-cittamarket/)** (score: 3.1) — Specifies protocol for immutable AGI system identification using Bitcoin blockchain anchoring. Defin
- **[draft-zhao-nmrg-ai-agent-for-dtn](https://datatracker.ietf.org/doc/draft-zhao-nmrg-ai-agent-for-dtn/)** (score: 3.0) — Proposes AI agent architecture for Digital Twin Networks, integrating autonomous agents at each DTN
- **[draft-ietf-httpbis-rfc6265bis](https://datatracker.ietf.org/doc/draft-ietf-httpbis-rfc6265bis/)** (score: 3.0) — Updates HTTP Cookie specification to replace RFC 6265 with improved security and privacy. Addresses
- **[draft-khatri-sipcore-call-transfer-fail-response](https://datatracker.ietf.org/doc/draft-khatri-sipcore-call-transfer-fail-response/)** (score: 3.3) — Defines a new SIP response code (497) for indicating call transfer failures with optional granular w
- **[draft-bernardos-nmrg-agentic-network-optimization](https://datatracker.ietf.org/doc/draft-bernardos-nmrg-agentic-network-optimization/)** (score: 3.3) — Focuses on agentic AI for distributed sensing in ISAC networks with joint optimization of sensing an
## Policy / governance / ethical frameworks (1 drafts)
- **[draft-chen-agent-decoupled-authorization-model](https://datatracker.ietf.org/doc/draft-chen-agent-decoupled-authorization-model/)** (score: 3.5) — This draft proposes a decoupled authorization framework for AI agents that enables dynamic, intent-b
## Policy/governance (53 drafts)
## Policy/governance (63 drafts)
- **[draft-cowles-volt](https://datatracker.ietf.org/doc/draft-cowles-volt/)** (score: 4.8) — Defines tamper-evident execution trace format for AI agent workflows using hash chains and cryptogra
- **[draft-aylward-daap-v2](https://datatracker.ietf.org/doc/draft-aylward-daap-v2/)** (score: 4.8) — Defines comprehensive protocol for AI agent accountability including authentication, monitoring, and
- **[draft-goswami-agentic-jwt](https://datatracker.ietf.org/doc/draft-goswami-agentic-jwt/)** (score: 4.5) — Extends OAuth 2.0 with Agentic JWT to address authorization challenges in autonomous AI systems. Int
- **[draft-wang-cats-odsi](https://datatracker.ietf.org/doc/draft-wang-cats-odsi/)** (score: 4.5) — Specifies framework for decentralized LLM inference across untrusted participants with layer-aware e
- **[draft-birkholz-verifiable-agent-conversations](https://datatracker.ietf.org/doc/draft-birkholz-verifiable-agent-conversations/)** (score: 4.5) — Defines CDDL-based data format for verifiable agent conversation records using COSE signing. Support
- **[draft-aylward-aiga-2](https://datatracker.ietf.org/doc/draft-aylward-aiga-2/)** (score: 4.5) — Comprehensive AI governance framework with tiered risk model, federated authority network, and econo
- **[draft-ietf-aipref-vocab](https://datatracker.ietf.org/doc/draft-ietf-aipref-vocab/)** (score: 4.4) — Defines a standardized vocabulary for expressing preferences about how digital assets should be used
- **[draft-cui-nmrg-llm-benchmark](https://datatracker.ietf.org/doc/draft-cui-nmrg-llm-benchmark/)** (score: 4.3) — Provides comprehensive evaluation framework for LLM-based network configuration agents. Includes emu
- **[draft-mw-wimse-transitive-attestation](https://datatracker.ietf.org/doc/draft-mw-wimse-transitive-attestation/)** (score: 4.3) — Defines WIMSE profile for cryptographically binding workload identities to their execution environme
- **[draft-wmz-nmrg-agent-ndt-arch](https://datatracker.ietf.org/doc/draft-wmz-nmrg-agent-ndt-arch/)** (score: 4.2) — Comprehensive architecture combining Network Digital Twin with Agentic AI for intent-based network o
@@ -536,14 +539,19 @@
- **[draft-liu-agent-operation-authorization](https://datatracker.ietf.org/doc/draft-liu-agent-operation-authorization/)** (score: 4.1) — Specifies framework for verifiable delegation of actions from humans to AI agents using JWT tokens.
- **[draft-yue-anima-agent-recovery-networks](https://datatracker.ietf.org/doc/draft-yue-anima-agent-recovery-networks/)** (score: 4.1) — Defines task-oriented multi-agent framework for fault recovery in converged mobile networks. Targets
- **[draft-schulze-ecap](https://datatracker.ietf.org/doc/draft-schulze-ecap/)** (score: 4.1) — ECAP defines a cryptographically-verified protocol for web crawlers to obtain consent from hosts bef
- **[draft-jadoon-nmrg-agentic-ai-autonomous-networks](https://datatracker.ietf.org/doc/draft-jadoon-nmrg-agentic-ai-autonomous-networks/)** (score: 4.1) — Introduces architectural principles for integrating AI agents into IP protocol stack layers while pr
- **[draft-steele-agent-considerations](https://datatracker.ietf.org/doc/draft-steele-agent-considerations/)** (score: 4.0) — Defines guidelines for IETF specifications to support AI agent consumption and code generation. Intr
- **[draft-chen-nmrg-multi-provider-inference-api](https://datatracker.ietf.org/doc/draft-chen-nmrg-multi-provider-inference-api/)** (score: 4.0) — Specifies extensions for multi-provider AI inference using OpenAI API as reference standard. Enables
- **[draft-mishra-oauth-agent-grants](https://datatracker.ietf.org/doc/draft-mishra-oauth-agent-grants/)** (score: 4.0) — Extends OAuth 2.0 for AI agent authorization with human consent verification, revocation, and audit
- **[draft-barney-caam](https://datatracker.ietf.org/doc/draft-barney-caam/)** (score: 4.0) — Specifies Contextual Agent Authorization Mesh for runtime authorization of agents after discovery, p
- **[draft-nennemann-wimse-ect](https://datatracker.ietf.org/doc/draft-nennemann-wimse-ect/)** (score: 4.0) — Defines Execution Context Tokens as JWT extension to WIMSE for tracking task execution in distribute
- **[draft-liao-aipref-autoctl-core](https://datatracker.ietf.org/doc/draft-liao-aipref-autoctl-core/)** (score: 4.0) — Defines core machine-readable protocol for server-side automation permissions targeting AI-driven we
- **[draft-berlinai-vera](https://datatracker.ietf.org/doc/draft-berlinai-vera/)** (score: 3.9) — Introduces VERA, a zero-trust architecture for AI agent security with five enforcement pillars and c
- **[draft-ietf-tls-deprecate-obsolete-kex](https://datatracker.ietf.org/doc/draft-ietf-tls-deprecate-obsolete-kex/)** (score: 3.8) — Deprecates obsolete key exchange methods in TLS 1.2 including finite field DH and RSA. Updates multi
- **[draft-srijal-agents-policy](https://datatracker.ietf.org/doc/draft-srijal-agents-policy/)** (score: 3.8) — Specifies AGENTS.TXT protocol as strict plaintext policy file for automated clients, bots, and crawl
- **[draft-zhao-nmop-network-management-agent](https://datatracker.ietf.org/doc/draft-zhao-nmop-network-management-agent/)** (score: 3.8) — Defines AI-driven Network Management Agent concept for Level 4 autonomous networks. Specifies integr
- **[draft-ietf-aipref-attach](https://datatracker.ietf.org/doc/draft-ietf-aipref-attach/)** (score: 3.8) — Specifies how AI usage preferences can be signaled during HTTP content acquisition. Updates RFC 9309
- **[draft-farzdusa-aipref-enduser](https://datatracker.ietf.org/doc/draft-farzdusa-aipref-enduser/)** (score: 3.8) — Documents potential end user impacts of AI preference signaling standards across technological, lega
- **[draft-scim-agent-extension](https://datatracker.ietf.org/doc/draft-scim-agent-extension/)** (score: 3.7) — Extends SCIM 2.0 specification to manage agents and agentic applications across domains. Builds on e
- **[draft-rosenberg-aiproto-framework](https://datatracker.ietf.org/doc/draft-rosenberg-aiproto-framework/)** (score: 3.7) — Provides framework and requirements for AI agent protocols on the Internet. Surveys existing approac
- **[draft-melnikov-sasl2](https://datatracker.ietf.org/doc/draft-melnikov-sasl2/)** (score: 3.7) — Updates SASL framework to support modern authentication requirements including multi-factor authenti
@@ -553,8 +561,11 @@
- **[draft-kotecha-agentic-dispute-protocol](https://datatracker.ietf.org/doc/draft-kotecha-agentic-dispute-protocol/)** (score: 3.6) — Defines a protocol for autonomous agents to file and resolve disputes through structured automated p
- **[draft-vandoulas-aidp](https://datatracker.ietf.org/doc/draft-vandoulas-aidp/)** (score: 3.6) — Defines a comprehensive control-plane protocol for secure agent interactions with delegation, author
- **[draft-messous-eat-ai](https://datatracker.ietf.org/doc/draft-messous-eat-ai/)** (score: 3.6) — Defines an Entity Attestation Token profile for remote attestation of autonomous AI agents, specifyi
- **[draft-reilly-sentinel-protocol](https://datatracker.ietf.org/doc/draft-reilly-sentinel-protocol/)** (score: 3.6) — Defines blockchain-anchored integrity protocol for AI lifecycle provenance using Sentinel Evidence P
- **[draft-xsaopig-nsttlp-traffic-labeling](https://datatracker.ietf.org/doc/draft-xsaopig-nsttlp-traffic-labeling/)** (score: 3.6) — Specifies protocol for embedding service type identifiers in network packets to enable intelligent t
- **[draft-gaikwad-aps-profile](https://datatracker.ietf.org/doc/draft-gaikwad-aps-profile/)** (score: 3.6) — Storage service profile for agent persistent state including embeddings, preferences, and audit logs
- **[draft-pbs-sidrops-roaanycast](https://datatracker.ietf.org/doc/draft-pbs-sidrops-roaanycast/)** (score: 3.6) — Defines best practices for managing Route Origin Authorizations (ROAs) for globally anycasted servic
- **[draft-vaughan-aipref-vocab](https://datatracker.ietf.org/doc/draft-vaughan-aipref-vocab/)** (score: 3.6) — Proposes vocabulary for rightsholders to express content preferences for AI training use through met
- **[draft-song-oauth-ai-agent-collaborate-authz](https://datatracker.ietf.org/doc/draft-song-oauth-ai-agent-collaborate-authz/)** (score: 3.5) — Proposes OAuth 2.0 extension for multi-AI agent collaboration with applier-on-behalf-of authorizatio
- **[draft-wang-hjs-accountability](https://datatracker.ietf.org/doc/draft-wang-hjs-accountability/)** (score: 3.5) — Defines HJS accountability layer for AI agents using blockchain-anchored timestamps to create immuta
- **[draft-ahn-nmrg-5g-security-i2nsf-framework](https://datatracker.ietf.org/doc/draft-ahn-nmrg-5g-security-i2nsf-framework/)** (score: 3.5) — Presents integrated framework for automated 5G edge network security using I2NSF architecture and In
@@ -563,13 +574,12 @@
- **[draft-yuan-rtgwg-security-agent-usecase](https://datatracker.ietf.org/doc/draft-yuan-rtgwg-security-agent-usecase/)** (score: 3.4) — Proposes AI Network Security Agents for routers to provide intelligent, adaptive security capabiliti
- **[draft-huang-rats-agentic-eat-cap-attest](https://datatracker.ietf.org/doc/draft-huang-rats-agentic-eat-cap-attest/)** (score: 3.4) — Extends Entity Attestation Token (EAT) to support capability attestation for agentic AI systems. Ena
- **[draft-romanchuk-normative-admissibility](https://datatracker.ietf.org/doc/draft-romanchuk-normative-admissibility/)** (score: 3.4) — Establishes a framework for evaluating whether autonomous agent speech acts are admissible based on
- **[draft-tan-ccamp-uonaco-problem-statement](https://datatracker.ietf.org/doc/draft-tan-ccamp-uonaco-problem-statement/)** (score: 3.4) — Defines requirements for unified orchestration between optical networks and AI computing to enable c
- **[draft-jimenez-tbd-robotstxt-update](https://datatracker.ietf.org/doc/draft-jimenez-tbd-robotstxt-update/)** (score: 3.4) — Proposes updates to robots.txt standard to handle AI-specific crawlers with new syntax for user-agen
- **[draft-thomson-aipref-sup](https://datatracker.ietf.org/doc/draft-thomson-aipref-sup/)** (score: 3.4) — Defines simple format for content usage preference expressions with HTTP header field. Updates RFC93
- **[draft-zhu-anima-service-intent](https://datatracker.ietf.org/doc/draft-zhu-anima-service-intent/)** (score: 3.4) — Defines a structured semantic model for expressing service-level objectives and constraints across n
- **[draft-cosmos-protocol-specification](https://datatracker.ietf.org/doc/draft-cosmos-protocol-specification/)** (score: 3.3) — Defines comprehensive badge-based identity and communication system with trust scoring, post-quantum
- **[draft-jeong-opsawg-intent-based-sdv-framework](https://datatracker.ietf.org/doc/draft-jeong-opsawg-intent-based-sdv-framework/)** (score: 3.3) — Proposes intent-based management framework for Software-Defined Vehicles in ITS environments. Covers
- **[draft-diaconu-agents-authz-info-sharing](https://datatracker.ietf.org/doc/draft-diaconu-agents-authz-info-sharing/)** (score: 3.2) — Addresses authorization challenges in distributed multi-agent systems across multiple domains. Cover
- **[draft-ahn-opsawg-5g-security-i2nsf-framework](https://datatracker.ietf.org/doc/draft-ahn-opsawg-5g-security-i2nsf-framework/)** (score: 3.2) — Proposes an integrated security framework for 5G edge networks using I2NSF architecture with Intent-
- **[draft-kale-agntcy-federated-privacy](https://datatracker.ietf.org/doc/draft-kale-agntcy-federated-privacy/)** (score: 3.2) — Specifies architecture for privacy-preserving federated learning across multi-tenant AI agent system
- **[draft-yao-agent-auth-considerations](https://datatracker.ietf.org/doc/draft-yao-agent-auth-considerations/)** (score: 3.1) — Extends OAuth model for AI agent authentication and authorization in Agent Communication Networks. P
- **[draft-ietf-lamps-e2e-mail-guidance](https://datatracker.ietf.org/doc/draft-ietf-lamps-e2e-mail-guidance/)** (score: 3.0) — Provides comprehensive guidance for implementing end-to-end email encryption securely. Addresses usa
- **[draft-hong-nmrg-agenticai-ps](https://datatracker.ietf.org/doc/draft-hong-nmrg-agenticai-ps/)** (score: 3.0) — Presents problem statement and motivations for applying Agentic AI to network management. Emphasizes
- **[draft-cui-dmsc-agent-cdi](https://datatracker.ietf.org/doc/draft-cui-dmsc-agent-cdi/)** (score: 3.0) — Defines comprehensive framework for cross-domain AI agent interoperability including identity federa
- **[draft-condrey-rats-witnessd-enrollment](https://datatracker.ietf.org/doc/draft-condrey-rats-witnessd-enrollment/)** (score: 3.0) — Specifies trust anchor bootstrap protocol for proof of process framework. Defines device enrollment,
- **[draft-zhao-detnet-enhanced-use-cases](https://datatracker.ietf.org/doc/draft-zhao-detnet-enhanced-use-cases/)** (score: 3.2) — Describes enhanced use cases for scaling deterministic networks beyond RFC8578, covering industrial

100
data/reports/overview.md
View File

@@ -1,17 +1,22 @@
# IETF AI/Agent Draft Overview
*Generated 2026-02-27 23:29 UTC — 200 rated / 260 tracked drafts*
*Generated 2026-03-03 19:58 UTC — 200 rated / 361 tracked drafts*
| Score | Draft | Date | N | M | O | Mom | R | Summary |
|------:|-------|------|:-:|:-:|:-:|:---:|:-:|---------|
| 4.8 | [draft-cowles-volt](https://datatracker.ietf.org/doc/draft-cowles-volt/) | 2026-02-28 | █ | █ | ▁ | ▇ | █ | Defines tamper-evident execution trace format for AI agent workflows using hash ... |
| 4.8 | [draft-aylward-daap-v2](https://datatracker.ietf.org/doc/draft-aylward-daap-v2/) | 2026-01-02 | █ | ▇ | ▁ | █ | █ | Defines comprehensive protocol for AI agent accountability including authenticat... |
| 4.6 | [draft-guy-bary-stamp-protocol](https://datatracker.ietf.org/doc/draft-guy-bary-stamp-protocol/) | 2025-11-03 | █ | ▇ | ▁ | ▇ | █ | Defines STAMP protocol for cryptographic delegation and proof in AI agent system... |
| 4.6 | [draft-drake-email-tpm-attestation](https://datatracker.ietf.org/doc/draft-drake-email-tpm-attestation/) | 2026-02-20 | █ | ▇ | ▁ | ▇ | █ | Defines hardware attestation for email using TPM verification chains to prevent ... |
| 4.6 | [draft-williams-netmod-lm-hierarchy-topology](https://datatracker.ietf.org/doc/draft-williams-netmod-lm-hierarchy-topology/) | 2026-02-11 | █ | ▇ | ▁ | ▇ | █ | Defines YANG data model for hierarchical language model coordination across tiny... |
| 4.6 | [draft-ietf-lake-app-profiles](https://datatracker.ietf.org/doc/draft-ietf-lake-app-profiles/) | 2025-11-21 | ▇ | █ | ▃ | █ | █ | Defines canonical CBOR representation for EDHOC application profiles and coordin... |
| 4.5 | [draft-goswami-agentic-jwt](https://datatracker.ietf.org/doc/draft-goswami-agentic-jwt/) | 2026-01-01 | █ | ▇ | ▃ | ▇ | █ | Extends OAuth 2.0 with Agentic JWT to address authorization challenges in autono... |
| 4.5 | [draft-chang-agent-token-efficient](https://datatracker.ietf.org/doc/draft-chang-agent-token-efficient/) | 2026-01-12 | █ | ▇ | ▃ | ▇ | █ | Defines ADOL (Agentic Data Optimization Layer) to address token bloat in agent c... |
| 4.5 | [draft-calabria-bmwg-ai-fabric-inference-bench](https://datatracker.ietf.org/doc/draft-calabria-bmwg-ai-fabric-inference-bench/) | 2026-02-27 | ▇ | █ | ▁ | ▇ | █ | Defines benchmarking methodology for AI inference network fabrics. Establishes K... |
| 4.5 | [draft-wang-cats-odsi](https://datatracker.ietf.org/doc/draft-wang-cats-odsi/) | 2026-03-02 | █ | ▇ | ▃ | ▇ | █ | Specifies framework for decentralized LLM inference across untrusted participant... |
| 4.5 | [draft-birkholz-verifiable-agent-conversations](https://datatracker.ietf.org/doc/draft-birkholz-verifiable-agent-conversations/) | 2026-02-25 | ▇ | █ | ▃ | ▇ | █ | Defines CDDL-based data format for verifiable agent conversation records using C... |
| 4.5 | [draft-aylward-aiga-2](https://datatracker.ietf.org/doc/draft-aylward-aiga-2/) | 2026-01-26 | █ | ▅ | ▁ | ▇ | █ | Comprehensive AI governance framework with tiered risk model, federated authorit... |
| 4.4 | [draft-ietf-tls-ecdhe-mlkem](https://datatracker.ietf.org/doc/draft-ietf-tls-ecdhe-mlkem/) | 2026-02-17 | ▇ | ▇ | ▃ | █ | █ | Defines hybrid post-quantum key agreement mechanisms for TLS 1.3 that combine ML... |
| 4.4 | [draft-ietf-aipref-vocab](https://datatracker.ietf.org/doc/draft-ietf-aipref-vocab/) | 2025-12-01 | ▇ | ▇ | ▃ | █ | █ | Defines a standardized vocabulary for expressing preferences about how digital a... |
| 4.3 | [draft-cui-nmrg-llm-benchmark](https://datatracker.ietf.org/doc/draft-cui-nmrg-llm-benchmark/) | 2025-12-30 | ▇ | ▇ | ▁ | ▇ | █ | Provides comprehensive evaluation framework for LLM-based network configuration ... |
| 4.3 | [draft-ietf-anima-constrained-voucher](https://datatracker.ietf.org/doc/draft-ietf-anima-constrained-voucher/) | 2026-02-27 | ▇ | █ | ▅ | ▇ | █ | Adapts BRSKI secure device onboarding for constrained IoT environments using CBO... |
| 4.3 | [draft-ietf-hpke-hpke](https://datatracker.ietf.org/doc/draft-ietf-hpke-hpke/) | 2025-11-04 | ▅ | █ | ▃ | █ | █ | Comprehensive specification for hybrid public key encryption supporting arbitrar... |
@@ -25,6 +30,9 @@
| 4.2 | [draft-gaikwad-llm-benchmarking-methodology](https://datatracker.ietf.org/doc/draft-gaikwad-llm-benchmarking-methodology/) | 2026-01-20 | ▇ | ▇ | ▃ | ▇ | █ | Defines comprehensive benchmarking methodologies for LLM inference serving syste... |
| 4.2 | [draft-ietf-sshm-mlkem-hybrid-kex](https://datatracker.ietf.org/doc/draft-ietf-sshm-mlkem-hybrid-kex/) | 2026-02-26 | ▇ | ▇ | ▃ | ▇ | █ | Defines post-quantum hybrid key exchange combining ML-KEM with traditional ECDH ... |
| 4.2 | [draft-ietf-tls-extended-key-update](https://datatracker.ietf.org/doc/draft-ietf-tls-extended-key-update/) | 2026-02-19 | ▇ | ▇ | ▃ | ▇ | █ | Adds post-compromise security to TLS 1.3 through fresh Diffie-Hellman exchanges ... |
| 4.2 | [draft-calabria-bmwg-ai-fabric-terminology](https://datatracker.ietf.org/doc/draft-calabria-bmwg-ai-fabric-terminology/) | 2026-02-27 | ▇ | ▇ | ▃ | ▇ | █ | Defines comprehensive benchmarking terminology for AI network fabrics including ... |
| 4.2 | [draft-li-spring-rdma-multicast-over-srv6](https://datatracker.ietf.org/doc/draft-li-spring-rdma-multicast-over-srv6/) | 2026-03-01 | ▇ | ▇ | ▃ | ▇ | █ | Specifies SRv6 extensions for RDMA multicast delivery with new End.MT behavior a... |
| 4.2 | [draft-song-tsvwg-camp](https://datatracker.ietf.org/doc/draft-song-tsvwg-camp/) | 2026-03-02 | ▇ | ▇ | ▃ | ▇ | █ | Proposes CAMP, a multipath transport protocol for interactive multimodal LLM sys... |
| 4.2 | [draft-narajala-ans](https://datatracker.ietf.org/doc/draft-narajala-ans/) | 2025-11-18 | █ | ▅ | ▃ | ▅ | █ | Introduces Agent Name Service (ANS) as a DNS-based universal directory for AI ag... |
| 4.2 | [draft-oauth-transaction-tokens-for-agents](https://datatracker.ietf.org/doc/draft-oauth-transaction-tokens-for-agents/) | 2026-02-11 | ▇ | ▇ | ▅ | ▇ | █ | Extends OAuth Transaction Tokens framework to support agent context propagation ... |
| 4.2 | [draft-zhang-dmsc-mas-communication](https://datatracker.ietf.org/doc/draft-zhang-dmsc-mas-communication/) | 2026-01-16 | ▇ | ▅ | ▁ | ▇ | █ | Analyzes security risks in multi-agent communication and limitations of existing... |
@@ -32,6 +40,7 @@
| 4.2 | [draft-li-dmsc-macp](https://datatracker.ietf.org/doc/draft-li-dmsc-macp/) | 2026-02-26 | ▇ | ▇ | ▅ | ▇ | █ | Specifies a comprehensive multi-agent collaboration protocol suite using Agent G... |
| 4.2 | [draft-gaikwad-llm-benchmarking-profiles](https://datatracker.ietf.org/doc/draft-gaikwad-llm-benchmarking-profiles/) | 2026-01-20 | ▇ | ▇ | ▅ | ▇ | █ | Defines performance benchmarking profiles binding terminology and methodology to... |
| 4.2 | [draft-lake-pocero-authkem-ikr-edhoc](https://datatracker.ietf.org/doc/draft-lake-pocero-authkem-ikr-edhoc/) | 2026-01-08 | ▇ | ▇ | ▅ | ▇ | █ | Specifies an optimized KEM-based authentication variant for EDHOC protocol in sc... |
| 4.2 | [draft-yao-tsvwg-cco-requirement-and-analysis](https://datatracker.ietf.org/doc/draft-yao-tsvwg-cco-requirement-and-analysis/) | 2025-01-09 | ▇ | ▇ | ▅ | ▇ | █ | Analyzes collective communication optimizations for AI training and inference cl... |
| 4.1 | [draft-cui-dns-native-agent-naming-resolution](https://datatracker.ietf.org/doc/draft-cui-dns-native-agent-naming-resolution/) | 2025-12-22 | ▇ | ▇ | ▃ | ▅ | █ | Specifies DNS-native naming and resolution for AI agents using FQDNs and SVCB re... |
| 4.1 | [draft-liu-agent-operation-authorization](https://datatracker.ietf.org/doc/draft-liu-agent-operation-authorization/) | 2025-11-25 | ▇ | ▅ | ▃ | ▇ | █ | Specifies framework for verifiable delegation of actions from humans to AI agent... |
| 4.1 | [draft-yue-anima-agent-recovery-networks](https://datatracker.ietf.org/doc/draft-yue-anima-agent-recovery-networks/) | 2026-02-06 | ▇ | ▅ | ▃ | ▇ | █ | Defines task-oriented multi-agent framework for fault recovery in converged mobi... |
@@ -40,14 +49,22 @@
| 4.1 | [draft-nederveld-adl](https://datatracker.ietf.org/doc/draft-nederveld-adl/) | 2026-02-18 | ▇ | ▅ | ▃ | ▇ | █ | Defines ADL, a JSON-based standard for describing AI agents including their capa... |
| 4.1 | [draft-mw-spice-actor-chain](https://datatracker.ietf.org/doc/draft-mw-spice-actor-chain/) | 2026-02-26 | ▇ | ▅ | ▃ | ▇ | █ | Extends OAuth 2.0 Token Exchange with cryptographically verifiable actor chains ... |
| 4.1 | [draft-spm-lake-pqsuites](https://datatracker.ietf.org/doc/draft-spm-lake-pqsuites/) | 2025-10-20 | ▇ | ▅ | ▃ | ▇ | █ | Defines quantum-resistant cipher suites for EDHOC using ML-DSA signatures and ML... |
| 4.1 | [draft-jadoon-nmrg-agentic-ai-autonomous-networks](https://datatracker.ietf.org/doc/draft-jadoon-nmrg-agentic-ai-autonomous-networks/) | 2026-03-02 | ▇ | ▅ | ▃ | ▇ | █ | Introduces architectural principles for integrating AI agents into IP protocol s... |
| 4.1 | [draft-chen-nmrg-semantic-inference-routing](https://datatracker.ietf.org/doc/draft-chen-nmrg-semantic-inference-routing/) | 2025-10-01 | ▇ | ▅ | ▃ | ▇ | █ | Defines SIRP protocol for content-aware routing of AI inference requests. Enable... |
| 4.0 | [draft-steele-agent-considerations](https://datatracker.ietf.org/doc/draft-steele-agent-considerations/) | 2025-11-05 | █ | ▅ | ▁ | ▅ | ▇ | Defines guidelines for IETF specifications to support AI agent consumption and c... |
| 4.0 | [draft-chen-nmrg-multi-provider-inference-api](https://datatracker.ietf.org/doc/draft-chen-nmrg-multi-provider-inference-api/) | 2025-10-20 | ▅ | █ | ▅ | ▇ | █ | Specifies extensions for multi-provider AI inference using OpenAI API as referen... |
| 4.0 | [draft-mishra-oauth-agent-grants](https://datatracker.ietf.org/doc/draft-mishra-oauth-agent-grants/) | 2026-02-27 | ▇ | ▇ | ▅ | ▅ | █ | Extends OAuth 2.0 for AI agent authorization with human consent verification, re... |
| 4.0 | [draft-ietf-lisp-nexagon](https://datatracker.ietf.org/doc/draft-ietf-lisp-nexagon/) | 2025-09-23 | ▇ | ▇ | ▃ | ▇ | ▇ | Combines LISP with H3 spatial indexing to create geospatial intelligence network... |
| 4.0 | [draft-barney-caam](https://datatracker.ietf.org/doc/draft-barney-caam/) | 2026-02-25 | ▇ | ▇ | ▅ | ▅ | █ | Specifies Contextual Agent Authorization Mesh for runtime authorization of agent... |
| 4.0 | [draft-nennemann-wimse-ect](https://datatracker.ietf.org/doc/draft-nennemann-wimse-ect/) | 2026-02-25 | ▇ | ▇ | ▃ | ▇ | ▇ | Defines Execution Context Tokens as JWT extension to WIMSE for tracking task exe... |
| 4.0 | [draft-jennings-ai-mcp-over-moq](https://datatracker.ietf.org/doc/draft-jennings-ai-mcp-over-moq/) | 2026-03-02 | ▇ | ▇ | ▃ | ▇ | ▇ | Defines how to transport Model Context Protocol (MCP) messages over Media over Q... |
| 4.0 | [draft-dunbar-neotec-ac-te-applicability](https://datatracker.ietf.org/doc/draft-dunbar-neotec-ac-te-applicability/) | 2025-06-23 | ▇ | ▇ | ▁ | ▅ | ▇ | Applies existing IETF YANG models for Attachment Circuits and Traffic Engineerin... |
| 4.0 | [draft-han-anima-ai-asa](https://datatracker.ietf.org/doc/draft-han-anima-ai-asa/) | 2026-01-16 | ▇ | ▃ | ▁ | ▇ | █ | Analyzes the impact of enhancing ANIMA's Autonomic Service Agents with AI/LLM ca... |
| 4.0 | [draft-liao-aipref-autoctl-core](https://datatracker.ietf.org/doc/draft-liao-aipref-autoctl-core/) | 2025-11-03 | ▇ | ▅ | ▅ | ▇ | █ | Defines core machine-readable protocol for server-side automation permissions ta... |
| 3.9 | [draft-ainp-protocol](https://datatracker.ietf.org/doc/draft-ainp-protocol/) | 2025-11-24 | █ | ▃ | ▁ | ▃ | █ | Defines semantic communication protocol for AI agents using intent-based routing... |
| 3.9 | [draft-ietf-lake-authz](https://datatracker.ietf.org/doc/draft-ietf-lake-authz/) | 2025-11-21 | ▇ | ▇ | ▅ | ▇ | ▇ | Specifies lightweight authorization using EDHOC for zero-touch device onboarding... |
| 3.9 | [draft-ietf-ace-coap-est-oscore](https://datatracker.ietf.org/doc/draft-ietf-ace-coap-est-oscore/) | 2025-10-20 | ▇ | ▇ | ▅ | ▇ | ▇ | Specifies carrying EST certificate provisioning over CoAP using OSCORE protectio... |
| 3.9 | [draft-zhang-rtgwg-multicast-requirements-gaps-aidc](https://datatracker.ietf.org/doc/draft-zhang-rtgwg-multicast-requirements-gaps-aidc/) | 2026-03-02 | ▇ | ▅ | ▁ | ▇ | ▇ | Identifies requirements for multicast technology in AI Data Centers to improve e... |
| 3.9 | [draft-nandakumar-agent-sd-jwt](https://datatracker.ietf.org/doc/draft-nandakumar-agent-sd-jwt/) | 2025-10-20 | ▇ | ▅ | ▃ | ▅ | █ | This draft defines SD-Card, a Selective Disclosure JWT encoding of Agent Cards t... |
| 3.9 | [draft-wahl-scim-agent-schema](https://datatracker.ietf.org/doc/draft-wahl-scim-agent-schema/) | 2026-02-20 | ▇ | ▅ | ▃ | ▅ | █ | This draft extends the SCIM (System for Cross-domain Identity Management) protoc... |
| 3.9 | [draft-agent-gw](https://datatracker.ietf.org/doc/draft-agent-gw/) | 2026-02-16 | ▇ | ▅ | ▃ | ▅ | █ | Proposes an Intelligent Agent Communication Gateway for large-scale multi-agent ... |
@@ -60,9 +77,13 @@
| 3.9 | [draft-josefsson-chempat](https://datatracker.ietf.org/doc/draft-josefsson-chempat/) | 2025-10-20 | ▇ | ▅ | ▃ | ▅ | █ | Generic framework for Post-Quantum/Traditional hybrid key encapsulation mechanis... |
| 3.9 | [draft-cui-ai-agent-discovery-invocation](https://datatracker.ietf.org/doc/draft-cui-ai-agent-discovery-invocation/) | 2026-02-12 | ▅ | ▇ | ▅ | ▇ | █ | Proposes standardized protocol for AI agent discovery and invocation with common... |
| 3.9 | [draft-ravikiran-clawdentity-protocol](https://datatracker.ietf.org/doc/draft-ravikiran-clawdentity-protocol/) | 2026-02-21 | ▅ | ▇ | ▅ | ▇ | █ | Specifies Clawdentity protocol for cryptographic identity and trust in AI agent ... |
| 3.9 | [draft-pan-tsvwg-pie](https://datatracker.ietf.org/doc/draft-pan-tsvwg-pie/) | 2024-09-24 | ▇ | █ | ▅ | ▇ | ▅ | Presents PIE queue management algorithm to address bufferbloat by controlling qu... |
| 3.9 | [draft-jurkovikj-httpapi-agentic-state](https://datatracker.ietf.org/doc/draft-jurkovikj-httpapi-agentic-state/) | 2025-12-10 | ▇ | ▇ | ▃ | ▅ | ▇ | Defines Agentic State Transfer (AST) HTTP profile for managing canonical resourc... |
| 3.9 | [draft-tejido-swp-core](https://datatracker.ietf.org/doc/draft-tejido-swp-core/) | 2026-02-20 | ▇ | ▇ | ▃ | ▅ | ▇ | Specifies SlimWire Protocol Core, a binary framing layer for agent/tool messagin... |
| 3.9 | [draft-bradleylundberg-cfrg-arkg](https://datatracker.ietf.org/doc/draft-bradleylundberg-cfrg-arkg/) | 2026-02-27 | ▇ | ▇ | ▃ | ▅ | ▇ | Defines Asynchronous Remote Key Generation algorithm enabling delegation of publ... |
| 3.9 | [draft-tsyrulnikov-rats-attested-inference-receipt](https://datatracker.ietf.org/doc/draft-tsyrulnikov-rats-attested-inference-receipt/) | 2026-03-01 | ▇ | ▇ | ▃ | ▅ | ▇ | Defines Attested Inference Receipt (AIR) using COSE/CWT to create verifiable rec... |
| 3.9 | [draft-templin-intarea-aero2](https://datatracker.ietf.org/doc/draft-templin-intarea-aero2/) | 2024-04-04 | ▇ | ▇ | ▃ | ▅ | ▇ | Specifies AERO service for IP internetworking over overlay multilink networks us... |
| 3.8 | [draft-ramadan-mboned-sonar](https://datatracker.ietf.org/doc/draft-ramadan-mboned-sonar/) | 2025-11-04 | █ | ▇ | ▁ | ▃ | ▅ | Specifies a protocol for verifiable multicast delivery using cryptoeconomic acco... |
| 3.8 | [draft-ietf-emu-hybrid-pqc-eapaka](https://datatracker.ietf.org/doc/draft-ietf-emu-hybrid-pqc-eapaka/) | 2026-02-26 | ▇ | ▅ | ▃ | ▇ | ▇ | Enhances EAP-AKA' with post-quantum cryptography to address quantum computing th... |
| 3.8 | [draft-luan-rtgwg-sdaf](https://datatracker.ietf.org/doc/draft-luan-rtgwg-sdaf/) | 2026-02-25 | ▇ | ▅ | ▃ | ▇ | ▇ | Proposes symmetry-driven forwarding mechanism for LEO satellite networks to avoi... |
| 3.8 | [draft-chen-ai-agent-auth-new-requirements](https://datatracker.ietf.org/doc/draft-chen-ai-agent-auth-new-requirements/) | 2026-01-06 | ▇ | ▃ | ▁ | ▅ | █ | Identifies new authentication and authorization requirements for AI agents that ... |
@@ -72,6 +93,9 @@
| 3.8 | [draft-abbey-scim-agent-extension](https://datatracker.ietf.org/doc/draft-abbey-scim-agent-extension/) | 2025-10-16 | ▇ | ▅ | ▁ | ▅ | ▇ | Extends SCIM 2.0 protocol to manage AI agents and agentic applications across do... |
| 3.8 | [draft-zhao-nmop-network-management-agent](https://datatracker.ietf.org/doc/draft-zhao-nmop-network-management-agent/) | 2026-02-27 | ▇ | ▃ | ▅ | ▇ | █ | Defines AI-driven Network Management Agent concept for Level 4 autonomous networ... |
| 3.8 | [draft-eckert-anima-acp-free-ani](https://datatracker.ietf.org/doc/draft-eckert-anima-acp-free-ani/) | 2025-10-20 | ▇ | ▇ | ▅ | ▅ | ▇ | Describes lightweight variation of Autonomic Networking Infrastructure without e... |
| 3.8 | [draft-li-individual-inip](https://datatracker.ietf.org/doc/draft-li-individual-inip/) | 2026-03-02 | ▇ | ▅ | ▁ | ▅ | ▇ | Specifies a protocol for performing lightweight ML inference directly in network... |
| 3.8 | [draft-ietf-aipref-attach](https://datatracker.ietf.org/doc/draft-ietf-aipref-attach/) | 2025-11-03 | ▅ | ▇ | ▅ | █ | ▇ | Specifies how AI usage preferences can be signaled during HTTP content acquisiti... |
| 3.8 | [draft-farzdusa-aipref-enduser](https://datatracker.ietf.org/doc/draft-farzdusa-aipref-enduser/) | 2025-11-27 | ▇ | ▅ | ▁ | ▅ | ▇ | Documents potential end user impacts of AI preference signaling standards across... |
| 3.7 | [draft-scim-agent-extension](https://datatracker.ietf.org/doc/draft-scim-agent-extension/) | 2025-10-11 | ▅ | ▇ | ▃ | ▇ | ▇ | Extends SCIM 2.0 specification to manage agents and agentic applications across ... |
| 3.7 | [draft-zheng-agent-identity-management](https://datatracker.ietf.org/doc/draft-zheng-agent-identity-management/) | 2025-11-02 | ▇ | ▅ | ▇ | ▅ | █ | Defines comprehensive agent identity management for Internet of Agents systems. ... |
| 3.7 | [draft-yuan-rtgwg-traffic-agent-usecase](https://datatracker.ietf.org/doc/draft-yuan-rtgwg-traffic-agent-usecase/) | 2025-11-02 | ▅ | ▇ | ▃ | ▇ | ▇ | Presents use cases for AI agents optimizing network traffic through dynamic reso... |
@@ -84,6 +108,7 @@
| 3.7 | [draft-ietf-suit-firmware-encryption](https://datatracker.ietf.org/doc/draft-ietf-suit-firmware-encryption/) | 2025-12-08 | ▅ | ▇ | ▃ | ▇ | ▇ | Specifies encryption techniques for firmware and software payloads in SUIT manif... |
| 3.7 | [draft-ietf-lamps-est-renewal-info](https://datatracker.ietf.org/doc/draft-ietf-lamps-est-renewal-info/) | 2026-02-12 | ▅ | ▇ | ▃ | ▇ | ▇ | Extends EST protocol to provide server-side recommendations for certificate rene... |
| 3.7 | [draft-ietf-netconf-configuration-tracing](https://datatracker.ietf.org/doc/draft-ietf-netconf-configuration-tracing/) | 2025-11-03 | ▅ | ▇ | ▃ | ▇ | ▇ | Specifies a NETCONF mechanism to map configuration modifications to their origin... |
| 3.7 | [draft-howe-sipcore-mcp-extension](https://datatracker.ietf.org/doc/draft-howe-sipcore-mcp-extension/) | 2025-09-29 | ▇ | ▇ | ▁ | ▅ | ▅ | Defines SIP extension to carry Model Context Protocol with new option-tags, head... |
| 3.7 | [draft-gaikwad-south-authorization](https://datatracker.ietf.org/doc/draft-gaikwad-south-authorization/) | 2025-11-28 | ▇ | ▇ | ▃ | ▃ | ▇ | Authorization protocol supporting probabilistic decisions for agents and service... |
| 3.7 | [draft-sogomonian-aiip-architecture](https://datatracker.ietf.org/doc/draft-sogomonian-aiip-architecture/) | 2025-12-15 | █ | ▃ | ▁ | ▃ | ▇ | Defines architectural model for Artificial Intelligence Internet Protocol (AIIP)... |
| 3.7 | [draft-oauth-ai-agents-on-behalf-of-user](https://datatracker.ietf.org/doc/draft-oauth-ai-agents-on-behalf-of-user/) | 2026-02-27 | ▇ | ▅ | ▅ | ▃ | █ | This draft extends OAuth 2.0 to enable AI agents to securely obtain access token... |
@@ -105,15 +130,21 @@
| 3.6 | [draft-vandoulas-aidp](https://datatracker.ietf.org/doc/draft-vandoulas-aidp/) | 2026-01-18 | ▇ | ▅ | ▃ | ▅ | ▇ | Defines a comprehensive control-plane protocol for secure agent interactions wit... |
| 3.6 | [draft-messous-eat-ai](https://datatracker.ietf.org/doc/draft-messous-eat-ai/) | 2026-02-24 | ▇ | ▅ | ▃ | ▅ | ▇ | Defines an Entity Attestation Token profile for remote attestation of autonomous... |
| 3.6 | [draft-cui-nmrg-auto-test](https://datatracker.ietf.org/doc/draft-cui-nmrg-auto-test/) | 2026-02-22 | ▇ | ▅ | ▃ | ▅ | ▇ | Framework for AI-assisted network protocol testing using LLMs and automated test... |
| 3.6 | [draft-reilly-sentinel-protocol](https://datatracker.ietf.org/doc/draft-reilly-sentinel-protocol/) | 2025-09-26 | ▇ | ▅ | ▃ | ▅ | ▇ | Defines blockchain-anchored integrity protocol for AI lifecycle provenance using... |
| 3.6 | [draft-altanai-aipref-realtime-protocol-bindings](https://datatracker.ietf.org/doc/draft-altanai-aipref-realtime-protocol-bindings/) | 2026-02-03 | ▇ | ▅ | ▃ | ▅ | ▇ | Defines how AI preference expressions are bound to real-time protocols like SIP ... |
| 3.6 | [draft-mozleywilliams-dnsop-dnsaid](https://datatracker.ietf.org/doc/draft-mozleywilliams-dnsop-dnsaid/) | 2026-02-24 | ▅ | ▇ | ▅ | ▇ | ▇ | Uses existing DNS infrastructure for AI agent discovery through structured names... |
| 3.6 | [draft-eggert-mailmaint-uaautoconf](https://datatracker.ietf.org/doc/draft-eggert-mailmaint-uaautoconf/) | 2025-09-28 | ▅ | ▇ | ▅ | ▇ | ▇ | Specifies automatic configuration mechanism for email, calendar, and contact app... |
| 3.6 | [draft-ietf-ace-edhoc-oscore-profile](https://datatracker.ietf.org/doc/draft-ietf-ace-edhoc-oscore-profile/) | 2025-10-20 | ▅ | ▇ | ▅ | ▇ | ▇ | Defines ACE framework profile using EDHOC for mutual authentication and OSCORE f... |
| 3.6 | [draft-xsaopig-nsttlp-traffic-labeling](https://datatracker.ietf.org/doc/draft-xsaopig-nsttlp-traffic-labeling/) | 2026-01-29 | ▅ | ▇ | ▅ | ▇ | ▇ | Specifies protocol for embedding service type identifiers in network packets to ... |
| 3.6 | [draft-gaikwad-aps-profile](https://datatracker.ietf.org/doc/draft-gaikwad-aps-profile/) | 2025-11-30 | ▇ | ▅ | ▁ | ▃ | ▇ | Storage service profile for agent persistent state including embeddings, prefere... |
| 3.6 | [draft-moreno-lisp-uberlay](https://datatracker.ietf.org/doc/draft-moreno-lisp-uberlay/) | 2025-10-09 | ▇ | ▇ | ▃ | ▅ | ▅ | Describes using LISP to interconnect multiple independent network overlays throu... |
| 3.6 | [draft-li-cats-idn](https://datatracker.ietf.org/doc/draft-li-cats-idn/) | 2026-03-02 | ▅ | ▅ | ▃ | ▅ | █ | Introduces Intelligence Delivery Network (IDN) framework for deploying ML models... |
| 3.6 | [draft-liu-oauth-a2a-profile](https://datatracker.ietf.org/doc/draft-liu-oauth-a2a-profile/) | 2025-10-20 | ▇ | ▃ | ▅ | ▅ | █ | Specifies OAuth Transaction Token profile for Agent-to-Agent communication. Embe... |
| 3.6 | [draft-templin-6man-aero3](https://datatracker.ietf.org/doc/draft-templin-6man-aero3/) | 2026-02-28 | ▇ | ▇ | ▅ | ▃ | ▇ | Specifies automatic extended route optimization for IP internetworking over over... |
| 3.6 | [draft-liu-dmsc-acps-arc](https://datatracker.ietf.org/doc/draft-liu-dmsc-acps-arc/) | 2026-01-29 | ▅ | ▅ | ▇ | ▇ | █ | Proposes Agent Collaboration Protocols architecture for Internet of Agents, cove... |
| 3.6 | [draft-ietf-lake-edhoc-psk](https://datatracker.ietf.org/doc/draft-ietf-lake-edhoc-psk/) | 2025-11-21 | ▅ | ▇ | ▃ | ▅ | ▇ | Specifies pre-shared key authentication method for EDHOC key exchange protocol. ... |
| 3.6 | [draft-pbs-sidrops-roaanycast](https://datatracker.ietf.org/doc/draft-pbs-sidrops-roaanycast/) | 2025-09-03 | ▅ | ▇ | ▃ | ▅ | ▇ | Defines best practices for managing Route Origin Authorizations (ROAs) for globa... |
| 3.6 | [draft-vaughan-aipref-vocab](https://datatracker.ietf.org/doc/draft-vaughan-aipref-vocab/) | 2025-07-24 | ▅ | ▅ | ▇ | ▇ | █ | Proposes vocabulary for rightsholders to express content preferences for AI trai... |
| 3.5 | [draft-liu-agent-context-protocol](https://datatracker.ietf.org/doc/draft-liu-agent-context-protocol/) | 2026-01-26 | ▇ | ▃ | ▃ | ▃ | █ | This draft proposes a standard protocol for AI agents to communicate context inf... |
| 3.5 | [draft-liang-agentdns](https://datatracker.ietf.org/doc/draft-liang-agentdns/) | 2025-10-09 | ▇ | ▅ | ▅ | ▅ | ▇ | Proposes a DNS-inspired naming and service discovery system for LLM agents to en... |
| 3.5 | [draft-song-oauth-ai-agent-collaborate-authz](https://datatracker.ietf.org/doc/draft-song-oauth-ai-agent-collaborate-authz/) | 2025-11-06 | ▇ | ▅ | ▅ | ▅ | ▇ | Proposes OAuth 2.0 extension for multi-AI agent collaboration with applier-on-be... |
@@ -121,6 +152,8 @@
| 3.5 | [draft-ye-problems-and-requirements-of-dns-for-ioa](https://datatracker.ietf.org/doc/draft-ye-problems-and-requirements-of-dns-for-ioa/) | 2025-11-02 | ▇ | ▃ | ▁ | ▅ | ▇ | Analyzes DNS challenges for Internet of Agents scenarios and identifies technica... |
| 3.5 | [draft-wang-hjs-accountability](https://datatracker.ietf.org/doc/draft-wang-hjs-accountability/) | 2026-02-21 | ▇ | ▃ | ▁ | ▅ | ▇ | Defines HJS accountability layer for AI agents using blockchain-anchored timesta... |
| 3.5 | [draft-irtf-nmrg-llm-nm](https://datatracker.ietf.org/doc/draft-irtf-nmrg-llm-nm/) | 2025-09-14 | ▇ | ▅ | ▅ | ▅ | ▇ | Defines framework for collaborative network management between LLMs and human op... |
| 3.5 | [draft-zeng-mcp-network-measurement](https://datatracker.ietf.org/doc/draft-zeng-mcp-network-measurement/) | 2025-10-20 | ▇ | ▅ | ▅ | ▅ | ▇ | Proposes MCP framework for intelligent network measurement with AI assistance. E... |
| 3.5 | [draft-templin-intarea-aero](https://datatracker.ietf.org/doc/draft-templin-intarea-aero/) | 2024-02-16 | ▇ | ▅ | ▅ | ▅ | ▇ | Specifies Automatic Extended Route Optimization (AERO) service for IP internetwo... |
| 3.5 | [draft-ahn-nmrg-5g-security-i2nsf-framework](https://datatracker.ietf.org/doc/draft-ahn-nmrg-5g-security-i2nsf-framework/) | 2026-02-25 | ▅ | ▇ | ▇ | ▇ | ▇ | Presents integrated framework for automated 5G edge network security using I2NSF... |
| 3.5 | [draft-jia-oauth-scope-aggregation](https://datatracker.ietf.org/doc/draft-jia-oauth-scope-aggregation/) | 2026-02-10 | ▅ | ▅ | ▃ | ▇ | ▇ | Extends OAuth 2.0 with scope aggregation to reduce authorization round-trips in ... |
| 3.5 | [draft-meta-layer-overview](https://datatracker.ietf.org/doc/draft-meta-layer-overview/) | 2025-10-06 | █ | ▁ | ▁ | ▃ | ▇ | Introduces Meta-layer concept as coordination substrate for presence, annotation... |
@@ -137,71 +170,38 @@
| 3.4 | [draft-jiang-seat-dynamic-attestation](https://datatracker.ietf.org/doc/draft-jiang-seat-dynamic-attestation/) | 2025-11-13 | ▇ | ▃ | ▃ | ▅ | ▇ | Defines dynamic attestation mechanisms for AI agents to convey runtime posture c... |
| 3.4 | [draft-romanchuk-normative-admissibility](https://datatracker.ietf.org/doc/draft-romanchuk-normative-admissibility/) | 2026-01-06 | █ | ▃ | ▁ | ▃ | ▅ | Establishes a framework for evaluating whether autonomous agent speech acts are ... |
| 3.4 | [draft-kartha-grd](https://datatracker.ietf.org/doc/draft-kartha-grd/) | 2026-01-19 | ▇ | ▃ | ▃ | ▅ | ▇ | Defines architectural framework for discovering network resources based on physi... |
| 3.4 | [draft-du-catalist-routing-considerations](https://datatracker.ietf.org/doc/draft-du-catalist-routing-considerations/) | 2026-03-02 | ▇ | ▃ | ▃ | ▅ | ▇ | Proposes routing considerations for AI agent-to-agent communication in overlay n... |
| 3.4 | [draft-tan-ccamp-uonaco-problem-statement](https://datatracker.ietf.org/doc/draft-tan-ccamp-uonaco-problem-statement/) | 2026-03-02 | ▇ | ▃ | ▃ | ▅ | ▇ | Defines requirements for unified orchestration between optical networks and AI c... |
| 3.4 | [draft-li-cats-aisemantic-contract](https://datatracker.ietf.org/doc/draft-li-cats-aisemantic-contract/) | 2026-03-02 | ▇ | ▃ | ▃ | ▅ | ▇ | Defines a contract mechanism allowing AI applications to communicate semantic in... |
| 3.4 | [draft-kartha-internet20-ainative](https://datatracker.ietf.org/doc/draft-kartha-internet20-ainative/) | 2025-11-20 | ▇ | ▃ | ▃ | ▅ | ▇ | Proposes Internet 2.0 architecture with AI models as first-class network entitie... |
| 3.4 | [draft-yan-a2a-device-agent-applicability](https://datatracker.ietf.org/doc/draft-yan-a2a-device-agent-applicability/) | 2026-02-12 | ▅ | ▅ | ▅ | ▇ | ▇ | Discusses applying Agent-to-Agent (A2A) Protocol to network management for commu... |
| 3.4 | [draft-ietf-lamps-private-key-stmt-attr](https://datatracker.ietf.org/doc/draft-ietf-lamps-private-key-stmt-attr/) | 2025-10-13 | ▅ | ▇ | ▁ | ▅ | ▅ | Defines X.509 attribute for private key possession statements as alternative to ... |
| 3.4 | [draft-yue-moq-transporting-sensing-data](https://datatracker.ietf.org/doc/draft-yue-moq-transporting-sensing-data/) | 2025-10-19 | ▅ | ▅ | ▅ | ▇ | ▇ | Proposes using Media Over QUIC (MOQ) to transport large-scale, real-time sensing... |
| 3.4 | [draft-ramakrishna-satp-views-addresses](https://datatracker.ietf.org/doc/draft-ramakrishna-satp-views-addresses/) | 2025-09-15 | ▇ | ▅ | ▃ | ▅ | ▅ | Defines view and addressing mechanisms for secure asset transfer between DLT sys... |
| 3.4 | [draft-jimenez-tbd-robotstxt-update](https://datatracker.ietf.org/doc/draft-jimenez-tbd-robotstxt-update/) | 2025-05-10 | ▅ | ▃ | ▁ | ▇ | ▇ | Proposes updates to robots.txt standard to handle AI-specific crawlers with new ... |
| 3.4 | [draft-zw-rtgwg-mcp-network-mgmt](https://datatracker.ietf.org/doc/draft-zw-rtgwg-mcp-network-mgmt/) | 2025-10-20 | ▅ | ▇ | ▇ | ▅ | ▇ | Specifies MCP extensions for network equipment management with routers/switches ... |
| 3.4 | [draft-thomson-aipref-sup](https://datatracker.ietf.org/doc/draft-thomson-aipref-sup/) | 2025-08-20 | ▅ | ▇ | ▇ | ▅ | ▇ | Defines simple format for content usage preference expressions with HTTP header ... |
| 3.4 | [draft-stephan-ai-agent-6g](https://datatracker.ietf.org/doc/draft-stephan-ai-agent-6g/) | 2025-10-20 | ▅ | ▅ | ▃ | ▅ | ▇ | Examines AI agent communication protocols specifically for 6G systems based on 3... |
| 3.4 | [draft-zeng-nmrg-mcp-usecases-requirements](https://datatracker.ietf.org/doc/draft-zeng-nmrg-mcp-usecases-requirements/) | 2026-02-14 | ▅ | ▅ | ▃ | ▅ | ▇ | Presents problem statement for integrating Model Context Protocol into network m... |
| 3.4 | [draft-zhu-anima-service-intent](https://datatracker.ietf.org/doc/draft-zhu-anima-service-intent/) | 2026-03-02 | ▅ | ▅ | ▃ | ▅ | ▇ | Defines a structured semantic model for expressing service-level objectives and ... |
| 3.4 | [draft-han-rtgwg-codeployment-pfc-fgfc](https://datatracker.ietf.org/doc/draft-han-rtgwg-codeployment-pfc-fgfc/) | 2026-02-28 | ▅ | ▅ | ▃ | ▅ | ▇ | Describes use cases for coordinating flow control between data center PFC and WA... |
| 3.3 | [draft-cosmos-protocol-specification](https://datatracker.ietf.org/doc/draft-cosmos-protocol-specification/) | 2026-01-02 | █ | ▃ | ▃ | ▃ | ▅ | Defines comprehensive badge-based identity and communication system with trust s... |
| 3.3 | [draft-sz-dmsc-iaip](https://datatracker.ietf.org/doc/draft-sz-dmsc-iaip/) | 2026-02-10 | ▇ | ▃ | ▅ | ▅ | ▇ | Defines Intent-based Agent Interconnection Protocol (IAIP) for dynamic agent dis... |
| 3.3 | [draft-wang-cats-innetwork-infer](https://datatracker.ietf.org/doc/draft-wang-cats-innetwork-infer/) | 2026-03-02 | ▇ | ▃ | ▅ | ▅ | ▇ | Proposes a framework for decentralized LLM inference across untrusted participan... |
| 3.3 | [draft-xsaopig-nmop-service-flow-modal-mapping](https://datatracker.ietf.org/doc/draft-xsaopig-nmop-service-flow-modal-mapping/) | 2025-10-16 | ▇ | ▃ | ▅ | ▅ | ▇ | Proposes a framework using ALTO protocol and SDN architecture for mapping servic... |
| 3.3 | [draft-mcp-over-moqt](https://datatracker.ietf.org/doc/draft-mcp-over-moqt/) | 2025-10-20 | ▇ | ▇ | █ | ▅ | ▅ | Defines transport mapping for Model Context Protocol over Media over QUIC Transp... |
| 3.3 | [draft-jennings-mcp-over-moqt](https://datatracker.ietf.org/doc/draft-jennings-mcp-over-moqt/) | 2025-10-20 | ▇ | ▇ | █ | ▅ | ▅ | Defines transport mapping for Model Context Protocol over Media over QUIC Transp... |
| 3.3 | [draft-khatri-sipcore-call-transfer-fail-response](https://datatracker.ietf.org/doc/draft-khatri-sipcore-call-transfer-fail-response/) | 2024-01-25 | ▅ | ▇ | ▃ | ▅ | ▅ | Defines a new SIP response code (497) for indicating call transfer failures with... |
| 3.3 | [draft-zheng-dispatch-agent-identity-management](https://datatracker.ietf.org/doc/draft-zheng-dispatch-agent-identity-management/) | 2025-11-03 | ▅ | ▃ | ▅ | ▅ | █ | This draft proposes an identity management framework for agents in an Internet o... |
| 3.3 | [draft-narvaneni-agent-uri](https://datatracker.ietf.org/doc/draft-narvaneni-agent-uri/) | 2025-10-16 | ▇ | ▃ | ▃ | ▃ | ▇ | This draft defines the agent:// URI scheme for addressing and interoperating wit... |
| 3.3 | [draft-jeong-opsawg-intent-based-sdv-framework](https://datatracker.ietf.org/doc/draft-jeong-opsawg-intent-based-sdv-framework/) | 2025-12-12 | ▇ | ▃ | ▃ | ▃ | ▇ | Proposes intent-based management framework for Software-Defined Vehicles in ITS ... |
| 3.3 | [draft-bernardos-nmrg-agentic-network-optimization](https://datatracker.ietf.org/doc/draft-bernardos-nmrg-agentic-network-optimization/) | 2026-03-02 | ▇ | ▅ | ▅ | ▅ | ▅ | Focuses on agentic AI for distributed sensing in ISAC networks with joint optimi... |
| 3.2 | [draft-chuyi-nmrg-ai-agent-network](https://datatracker.ietf.org/doc/draft-chuyi-nmrg-ai-agent-network/) | 2025-10-20 | ▅ | ▅ | ▅ | ▅ | ▇ | Focuses on large language model-based agents for network operations and maintena... |
| 3.2 | [draft-liu-rtgwg-agent-gateway-requirements](https://datatracker.ietf.org/doc/draft-liu-rtgwg-agent-gateway-requirements/) | 2025-11-28 | ▅ | ▅ | ▅ | ▅ | ▇ | Discusses requirements for Agent Gateways in agent-to-agent communications to im... |
| 3.2 | [draft-pioli-agent-discovery](https://datatracker.ietf.org/doc/draft-pioli-agent-discovery/) | 2026-02-24 | ▅ | ▅ | ▅ | ▅ | ▇ | Specifies ARDP, a lightweight protocol for agent registration and discovery in d... |
| 3.2 | [draft-diaconu-agents-authz-info-sharing](https://datatracker.ietf.org/doc/draft-diaconu-agents-authz-info-sharing/) | 2026-02-06 | ▅ | ▅ | ▅ | ▅ | ▇ | Addresses authorization challenges in distributed multi-agent systems across mul... |
| 3.2 | [draft-gaikwad-woa](https://datatracker.ietf.org/doc/draft-gaikwad-woa/) | 2025-11-30 | ▅ | ▅ | ▅ | ▅ | ▇ | Specifies Web of Agents (WoA) format using JSON Schema to describe AI agent inpu... |
| 3.2 | [draft-ahn-opsawg-5g-security-i2nsf-framework](https://datatracker.ietf.org/doc/draft-ahn-opsawg-5g-security-i2nsf-framework/) | 2026-01-09 | ▅ | ▅ | ▅ | ▅ | ▇ | Proposes an integrated security framework for 5G edge networks using I2NSF archi... |
| 3.2 | [draft-tong-network-agent-use-cases-in-6g](https://datatracker.ietf.org/doc/draft-tong-network-agent-use-cases-in-6g/) | 2025-11-02 | ▅ | | | ▇ | | Introduces network AI agent use cases in 6G focusing on connectivity services an... |
| 3.2 | [draft-gupta-httpapi-events-query](https://datatracker.ietf.org/doc/draft-gupta-httpapi-events-query/) | 2025-10-17 | ▅ | ▇ | ▅ | ▅ | ▅ | Proposes Events Query Protocol (EQP) built on HTTP for user agents to receive ev... |
| 3.2 | [draft-ietf-emu-eap-edhoc](https://datatracker.ietf.org/doc/draft-ietf-emu-eap-edhoc/) | 2026-02-14 | ▅ | ▇ | ▅ | ▅ | ▅ | Defines EAP authentication method based on EDHOC for constrained environments. I... |
| 3.2 | [draft-lake-pocero-authkem-edhoc](https://datatracker.ietf.org/doc/draft-lake-pocero-authkem-edhoc/) | 2025-10-16 | ▅ | ▃ | ▅ | ▇ | ▇ | This draft extends the EDHOC protocol to provide quantum-resistant authenticatio... |
| 3.2 | [draft-meunier-webbotauth-registry](https://datatracker.ietf.org/doc/draft-meunier-webbotauth-registry/) | 2025-10-20 | ▅ | ▅ | ▃ | ▃ | ▇ | Defines a JSON format for web bot signature agent cards to advertise identity, p... |
| 3.2 | [draft-kale-agntcy-federated-privacy](https://datatracker.ietf.org/doc/draft-kale-agntcy-federated-privacy/) | 2026-01-08 | ▅ | ▅ | ▇ | ▅ | ▇ | Specifies architecture for privacy-preserving federated learning across multi-te... |
| 3.2 | [draft-mao-rtgwg-apn-framework-for-ioa](https://datatracker.ietf.org/doc/draft-mao-rtgwg-apn-framework-for-ioa/) | 2025-11-02 | ▅ | ▅ | ▇ | ▅ | ▇ | Applies Application-aware Performance Network framework to Internet of Agents sc... |
| 3.2 | [draft-zhang-dmsc-ioa-semantic-interaction](https://datatracker.ietf.org/doc/draft-zhang-dmsc-ioa-semantic-interaction/) | 2026-02-27 | ▅ | ▅ | ▇ | ▅ | ▇ | Specifies a semantic layer for Internet of Agents using ontology models and JSON... |
| 3.2 | [draft-sun-zhang-iaip](https://datatracker.ietf.org/doc/draft-sun-zhang-iaip/) | 2026-02-05 | ▅ | ▅ | ▇ | ▅ | ▇ | Defines Intent-based Agent Interconnection Protocol for Agent Gateways, focusing... |
| 3.2 | [draft-liu-nmrg-ai-llm-inference-requirements](https://datatracker.ietf.org/doc/draft-liu-nmrg-ai-llm-inference-requirements/) | 2025-11-04 | ▅ | ▅ | ▇ | ▅ | ▇ | Analyzes system and network requirements for large-scale LLM inference services.... |
| 3.2 | [draft-ra-emu-pqc-eapaka](https://datatracker.ietf.org/doc/draft-ra-emu-pqc-eapaka/) | 2025-07-10 | ▅ | ▅ | ▇ | ▅ | ▇ | Enhances EAP-AKA' with post-quantum key encapsulation mechanisms to protect agai... |
| 3.1 | [draft-hw-ai-agent-6g](https://datatracker.ietf.org/doc/draft-hw-ai-agent-6g/) | 2026-01-21 | ▅ | ▃ | ▃ | ▅ | ▇ | This draft analyzes requirements for agent protocols specifically tailored to 6G... |
| 3.1 | [draft-yao-agent-auth-considerations](https://datatracker.ietf.org/doc/draft-yao-agent-auth-considerations/) | 2025-10-20 | ▅ | ▃ | ▃ | ▅ | ▇ | Extends OAuth model for AI agent authentication and authorization in Agent Commu... |
| 3.1 | [draft-li-dmsc-inf-architecture](https://datatracker.ietf.org/doc/draft-li-dmsc-inf-architecture/) | 2026-02-05 | ▅ | ▃ | ▃ | ▅ | ▇ | Proposes a network infrastructure architecture for large-scale multi-agent colla... |
| 3.1 | [draft-zeng-mcp-troubleshooting](https://datatracker.ietf.org/doc/draft-zeng-mcp-troubleshooting/) | 2025-10-20 | ▅ | ▃ | ▃ | ▅ | ▇ | Applies Model Context Protocol to network management for intent-based troublesho... |
| 3.1 | [draft-a2a-moqt-transport](https://datatracker.ietf.org/doc/draft-a2a-moqt-transport/) | 2025-10-20 | ▇ | ▃ | █ | ▅ | ▇ | Specifies transport of Agent-to-Agent protocol over Media over QUIC Transport. L... |
| 3.1 | [draft-levy-llm-uri-scheme](https://datatracker.ietf.org/doc/draft-levy-llm-uri-scheme/) | 2026-02-06 | ▅ | ▃ | ▃ | ▅ | ▇ | Defines a URI scheme for identifying LLM endpoints with embedded configuration p... |
| 3.1 | [draft-mvieuille-kerpass-ephemsec](https://datatracker.ietf.org/doc/draft-mvieuille-kerpass-ephemsec/) | 2025-11-22 | ▇ | ▅ | ▅ | ▃ | ▅ | Specifies EPHEMSEC algorithm for generating one-time passwords using public key ... |
| 3.1 | [draft-tojens-dhcp-option-concat-considerations](https://datatracker.ietf.org/doc/draft-tojens-dhcp-option-concat-considerations/) | 2025-09-04 | ▃ | ▇ | ▁ | ▅ | ▅ | Updates RFC 3396 to make DHCP option concatenation requirements more flexible. A... |
| 3.1 | [draft-ietf-lamps-rfc5274bis](https://datatracker.ietf.org/doc/draft-ietf-lamps-rfc5274bis/) | 2026-02-26 | ▃ | ▇ | ▁ | ▅ | ▅ | Defines compliance requirements for Certificate Management Messages over CMS (CM... |
| 3.1 | [draft-vinaysingh-awp-wellknown](https://datatracker.ietf.org/doc/draft-vinaysingh-awp-wellknown/) | 2025-11-02 | ▅ | ▅ | ▃ | ▅ | ▅ | Defines well-known URI and link relation for exposing website workflows to autom... |
| 3.1 | [draft-contario-totp-secure-enrollment](https://datatracker.ietf.org/doc/draft-contario-totp-secure-enrollment/) | 2025-09-27 | ▅ | ▅ | ▃ | ▅ | ▅ | Extends TOTP enrollment to prevent key compromise through QR code capture or key... |
| 3.1 | [draft-architect-cittamarket](https://datatracker.ietf.org/doc/draft-architect-cittamarket/) | 2025-12-19 | █ | ▁ | ▁ | ▁ | ▅ | Specifies protocol for immutable AGI system identification using Bitcoin blockch... |
| 3.0 | [draft-ni-wimse-ai-agent-identity](https://datatracker.ietf.org/doc/draft-ni-wimse-ai-agent-identity/) | 2025-10-20 | ▅ | ▃ | ▅ | ▅ | ▇ | Applies WIMSE (Workload Identity in Multi System Environments) framework to AI a... |
| 3.0 | [draft-sipos-dtn-bp-safe](https://datatracker.ietf.org/doc/draft-sipos-dtn-bp-safe/) | 2025-12-07 | ▅ | █ | ▇ | ▅ | ▃ | Defines security association negotiation protocol for Bundle Protocol agents in ... |
| 3.0 | [draft-chen-lake-edhoc-aka](https://datatracker.ietf.org/doc/draft-chen-lake-edhoc-aka/) | 2025-10-20 | ▅ | ▃ | ▅ | ▅ | ▇ | Defines EDHOC-AKA authentication method combining AKA protocol with EDHOC for mo... |
| 3.0 | [draft-bernardos-cats-isac-uc](https://datatracker.ietf.org/doc/draft-bernardos-cats-isac-uc/) | 2026-01-05 | ▅ | ▃ | ▅ | ▅ | ▇ | Presents Integrated Sensing and Communications (ISAC) as a use case for CATS arc... |
| 3.0 | [draft-wendt-stir-vesper](https://datatracker.ietf.org/doc/draft-wendt-stir-vesper/) | 2025-11-04 | ▅ | ▇ | ▇ | ▇ | ▃ | Formalizes framework for verifiable telephone number identity using delegate cer... |
| 3.0 | [draft-ietf-lamps-e2e-mail-guidance](https://datatracker.ietf.org/doc/draft-ietf-lamps-e2e-mail-guidance/) | 2025-08-23 | ▃ | █ | ▅ | ▇ | ▃ | Provides comprehensive guidance for implementing end-to-end email encryption sec... |
| 3.0 | [draft-nandakumar-a2a-moqt-transport](https://datatracker.ietf.org/doc/draft-nandakumar-a2a-moqt-transport/) | 2025-10-20 | ▇ | ▃ | █ | ▃ | ▇ | Identical specification to draft-a2a-moqt-transport for transporting Agent-to-Ag... |
| 3.0 | [draft-zhang-agent-gap-network](https://datatracker.ietf.org/doc/draft-zhang-agent-gap-network/) | 2026-01-09 | ▅ | ▃ | ▃ | ▃ | ▇ | This draft identifies problems and gaps in mobile core networks for supporting A... |
| 3.0 | [draft-cui-ai-agent-task](https://datatracker.ietf.org/doc/draft-cui-ai-agent-task/) | 2026-01-09 | ▅ | ▃ | ▃ | ▃ | ▇ | This draft proposes requirements for standardized AI agent protocols to enable t... |
| 3.0 | [draft-hong-nmrg-agenticai-ps](https://datatracker.ietf.org/doc/draft-hong-nmrg-agenticai-ps/) | 2025-10-20 | ▅ | ▃ | ▇ | ▅ | ▇ | Presents problem statement and motivations for applying Agentic AI to network ma... |
| 3.0 | [draft-zhao-nmrg-ai-agent-for-dtn](https://datatracker.ietf.org/doc/draft-zhao-nmrg-ai-agent-for-dtn/) | 2025-10-20 | ▇ | ▃ | ▅ | ▃ | ▅ | Proposes AI agent architecture for Digital Twin Networks, integrating autonomous... |
| 3.0 | [draft-fu-nmop-agent-communication-framework](https://datatracker.ietf.org/doc/draft-fu-nmop-agent-communication-framework/) | 2026-01-25 | ▅ | ▃ | ▇ | ▅ | ▇ | Proposes a multi-agent communication framework for network AIOps with AI gateway... |
| 3.0 | [draft-cui-dmsc-agent-cdi](https://datatracker.ietf.org/doc/draft-cui-dmsc-agent-cdi/) | 2026-02-11 | ▅ | ▃ | ▇ | ▅ | ▇ | Defines comprehensive framework for cross-domain AI agent interoperability inclu... |
| 3.0 | [draft-leon-distributed-multi-signer](https://datatracker.ietf.org/doc/draft-leon-distributed-multi-signer/) | 2025-08-11 | ▅ | ▇ | ▅ | ▅ | ▃ | Defines distributed DNSSEC multi-signer architecture with multi-signer agents an... |
| 3.0 | [draft-ietf-httpbis-rfc6265bis](https://datatracker.ietf.org/doc/draft-ietf-httpbis-rfc6265bis/) | 2025-12-09 | ▃ | █ | █ | █ | ▃ | Updates HTTP Cookie specification to replace RFC 6265 with improved security and... |
| 3.0 | [draft-yang-dmsc-ioa-task-protocol](https://datatracker.ietf.org/doc/draft-yang-dmsc-ioa-task-protocol/) | 2026-01-29 | ▅ | ▃ | ▇ | ▅ | ▇ | Defines a protocol for distributed collaboration among heterogeneous AI agents, ... |
| 3.0 | [draft-condrey-rats-witnessd-enrollment](https://datatracker.ietf.org/doc/draft-condrey-rats-witnessd-enrollment/) | 2026-02-07 | ▇ | ▃ | ▅ | ▃ | ▅ | Specifies trust anchor bootstrap protocol for proof of process framework. Define... |
| 3.0 | [draft-pocero-authkem-ikr-edhoc](https://datatracker.ietf.org/doc/draft-pocero-authkem-ikr-edhoc/) | 2026-01-20 | ▅ | ▃ | ▇ | ▅ | ▇ | This draft proposes a KEM-based authentication variant for EDHOC that optimizes ... |
| 2.9 | [draft-happel-structured-email-trust](https://datatracker.ietf.org/doc/draft-happel-structured-email-trust/) | 2025-08-30 | ▅ | ▅ | ▃ | ▃ | ▅ | Provides trust and security recommendations for handling structured data in emai... |
| 2.9 | [draft-ramakrishna-satp-data-sharing](https://datatracker.ietf.org/doc/draft-ramakrishna-satp-data-sharing/) | 2025-09-15 | ▅ | ▅ | ▃ | ▃ | ▅ | Defines a DLT-neutral protocol for sharing asset views and metadata across block... |
| 2.9 | [draft-bastian-jose-pkdh](https://datatracker.ietf.org/doc/draft-bastian-jose-pkdh/) | 2025-11-04 | ▅ | ▅ | ▃ | ▃ | ▅ | Defines a method to derive symmetric MAC keys from public information in JSON We... |
| 2.9 | [draft-ietf-roll-enrollment-priority](https://datatracker.ietf.org/doc/draft-ietf-roll-enrollment-priority/) | 2026-02-20 | ▃ | ▇ | ▅ | ▅ | ▅ | Provides mechanism for RPL Root to control enrollment announcements and adjust e... |
| 2.9 | [draft-zhang-rtgwg-ai-agents-troubleshooting](https://datatracker.ietf.org/doc/draft-zhang-rtgwg-ai-agents-troubleshooting/) | 2025-11-03 | ▅ | ▃ | ▅ | ▃ | ▇ | This draft defines use cases and communication protocol requirements for trouble... |
| 2.9 | [draft-yl-agent-id-requirements](https://datatracker.ietf.org/doc/draft-yl-agent-id-requirements/) | 2026-01-03 | ▅ | ▃ | ▅ | ▃ | ▇ | This draft proposes requirements for digital identity management in AI agent com... |
| 2.9 | [draft-wang-nmrg-magent-im](https://datatracker.ietf.org/doc/draft-wang-nmrg-magent-im/) | 2026-01-09 | ▅ | ▃ | ▅ | ▃ | ▇ | This draft proposes a protocol-agnostic data model for multi-agent communication... |
| 2.9 | [draft-xie-ai-agent-multimodal](https://datatracker.ietf.org/doc/draft-xie-ai-agent-multimodal/) | 2026-01-09 | ▅ | ▃ | ▅ | ▃ | ▇ | This draft outlines requirements for multimodal communication in AI agent protoc... |
| 3.2 | [draft-zhao-detnet-enhanced-use-cases](https://datatracker.ietf.org/doc/draft-zhao-detnet-enhanced-use-cases/) | 2026-02-24 | ▅ | | | ▇ | | Describes enhanced use cases for scaling deterministic networks beyond RFC8578, ... |
*N=Novelty, M=Maturity, O=Overlap, Mom=Momentum, R=Relevance (block height = score 1-5)*

136
data/reports/refs.md Normal file
View File

@@ -0,0 +1,136 @@
# Cross-Reference Report: Standards Foundation of the AI Agent Ecosystem
*Generated 2026-03-03 19:59 UTC — 360 of 361 drafts analyzed, 4231 total references (2443 RFC, 698 draft, 1090 BCP)*
## Most-Referenced RFCs
These are the standards building blocks of the IETF AI/agent ecosystem.
| # | RFC | Name | Referenced By |
|--:|-----|------|-------------:|
| 1 | RFC 2119 | Key words (MUST/SHALL/MAY) | 285 drafts |
| 2 | RFC 8174 | Key words update | 237 drafts |
| 3 | RFC 8446 | TLS 1.3 | 42 drafts |
| 4 | RFC 6749 | OAuth 2.0 | 36 drafts |
| 5 | RFC 9110 | HTTP Semantics | 34 drafts |
| 6 | RFC 8126 | | 26 drafts |
| 7 | RFC 8259 | JSON | 26 drafts |
| 8 | RFC 5280 | | 22 drafts |
| 9 | RFC 7519 | JWT | 22 drafts |
| 10 | RFC 9052 | COSE | 20 drafts |
| 11 | RFC 8949 | | 19 drafts |
| 12 | RFC 9528 | | 19 drafts |
| 13 | RFC 8392 | CWT | 18 drafts |
| 14 | RFC 7515 | JWS | 16 drafts |
| 15 | RFC 9000 | | 16 drafts |
| 16 | RFC 4648 | | 14 drafts |
| 17 | RFC 5234 | | 14 drafts |
| 18 | RFC 9334 | | 14 drafts |
| 19 | RFC 3986 | URIs | 13 drafts |
| 20 | RFC 6241 | | 13 drafts |
| 21 | RFC 8610 | | 13 drafts |
| 22 | RFC 8615 | | 13 drafts |
| 23 | RFC 9053 | | 12 drafts |
| 24 | RFC 9309 | | 12 drafts |
| 25 | RFC 5869 | | 11 drafts |
| 26 | RFC 7252 | CoAP | 11 drafts |
| 27 | RFC 8613 | | 11 drafts |
| 28 | RFC 8693 | | 11 drafts |
| 29 | RFC 7950 | | 10 drafts |
| 30 | RFC 9360 | | 10 drafts |
| 31 | RFC 0791 | | 9 drafts |
| 32 | RFC 1035 | | 9 drafts |
| 33 | RFC 3339 | | 9 drafts |
| 34 | RFC 6750 | OAuth Bearer | 9 drafts |
| 35 | RFC 6838 | | 9 drafts |
| 36 | RFC 7030 | | 9 drafts |
| 37 | RFC 7748 | | 9 drafts |
| 38 | RFC 8415 | | 9 drafts |
| 39 | RFC 8785 | | 9 drafts |
| 40 | RFC 9449 | DPoP | 9 drafts |
### Foundation Categories
Grouping the most-referenced RFCs by function:
- **Language/Conventions** (522 total refs): RFC 2119, RFC 8174
- **Data Formats** (39 total refs): RFC 8259, RFC 3986
- **HTTP** (34 total refs): RFC 9110
- **Security/TLS** (42 total refs): RFC 8446
- **OAuth/Identity** (92 total refs): RFC 6749, RFC 6750, RFC 7519, RFC 7515, RFC 9449
- **IoT/Constrained** (49 total refs): RFC 9052, RFC 8392, RFC 7252
## Most-Referenced Drafts
These drafts are the most-cited within the AI/agent corpus itself.
| # | Draft | Referenced By |
|--:|-------|-------------:|
| 1 | draft-ietf | 44 drafts |
| 2 | draft-rosenberg-ai-protocols | 14 drafts |
| 3 | draft-ietf-cose | 8 drafts |
| 4 | draft-ietf-moq-transport | 7 drafts |
| 5 | draft-ietf-oauth | 7 drafts |
| 6 | draft-ietf-pquip | 7 drafts |
| 7 | draft-ietf-tls | 7 drafts |
| 8 | draft-ietf-core | 6 drafts |
| 9 | draft-ietf-tls-hybrid-design | 5 drafts |
| 10 | draft-irtf-nmrg-ai-challenges | 5 drafts |
| 11 | draft-ietf-ace | 4 drafts |
| 12 | draft-ietf-aipref | 4 drafts |
| 13 | draft-ietf-lake | 4 drafts |
| 14 | draft-ietf-lake-authz | 4 drafts |
| 15 | draft-ietf-lamps-kyber-certificates | 4 drafts |
| 16 | draft-ietf-moq | 4 drafts |
| 17 | draft-ietf-pquip-pqt-hybrid-terminology | 4 drafts |
| 18 | draft-irtf | 4 drafts |
| 19 | draft-irtf-nmrg | 4 drafts |
| 20 | draft-irtf-nmrg-network-digital | 4 drafts |
## Drafts With Most References (most well-connected)
| # | Draft | RFCs | Drafts | BCPs | Total |
|--:|-------|-----:|-------:|-----:|------:|
| 1 | draft-templin-intarea-aero2 | 68 | 10 | 5 | 83 |
| 2 | draft-templin-6man-aero3 | 68 | 9 | 5 | 82 |
| 3 | draft-templin-intarea-aero | 59 | 10 | 4 | 73 |
| 4 | draft-ietf-anima-constrained-voucher | 44 | 14 | 4 | 62 |
| 5 | draft-ietf-anima-brski-prm | 40 | 13 | 5 | 58 |
| 6 | draft-ietf-ace-edhoc-oscore-profile | 33 | 14 | 5 | 52 |
| 7 | draft-eggert-mailmaint-uaautoconf | 41 | 2 | 5 | 48 |
| 8 | draft-ietf-mailmaint-pacc | 39 | 2 | 5 | 46 |
| 9 | draft-mozleywilliams-dnsop-bandaid | 37 | 4 | 4 | 45 |
| 10 | draft-ietf-lamps-e2e-mail-guidance | 26 | 11 | 4 | 41 |
| 11 | draft-ietf-lake-app-profiles | 24 | 6 | 6 | 36 |
| 12 | draft-ietf-ace-coap-est-oscore | 24 | 4 | 3 | 31 |
| 13 | draft-sipos-dtn-bp-safe | 20 | 5 | 6 | 31 |
| 14 | draft-ietf-tls-deprecate-obsolete-kex | 25 | 1 | 4 | 30 |
| 15 | draft-lenders-core-dnr | 18 | 9 | 3 | 30 |
| 16 | draft-cosmos-protocol-specification | 9 | 17 | 3 | 29 |
| 17 | draft-ietf-emu-eap-edhoc | 20 | 5 | 3 | 28 |
| 18 | draft-ietf-sshm-mlkem-hybrid-kex | 12 | 12 | 4 | 28 |
| 19 | draft-ietf-lake-authz | 19 | 4 | 4 | 27 |
| 20 | draft-templin-6man-mla | 16 | 7 | 3 | 26 |
## Category-Specific RFC Dependencies
What each category builds on:
- **A2A protocols**: RFC 2119 (Key words (MUST/SHALL/MAY)), RFC 8174 (Key words update), RFC 8446 (TLS 1.3)
- **AI safety / guardrails / alignment**: RFC 2119 (Key words (MUST/SHALL/MAY)), RFC 6749 (OAuth 2.0), RFC 8174 (Key words update)
- **AI safety/alignment**: RFC 2119 (Key words (MUST/SHALL/MAY)), RFC 8174 (Key words update), RFC 7519 (JWT)
- **Agent discovery / registration**: RFC 2119 (Key words (MUST/SHALL/MAY)), RFC 8174 (Key words update), RFC 6749 (OAuth 2.0)
- **Agent discovery/reg**: RFC 2119 (Key words (MUST/SHALL/MAY)), RFC 8174 (Key words update), RFC 8446 (TLS 1.3)
- **Agent identity/auth**: RFC 2119 (Key words (MUST/SHALL/MAY)), RFC 8174 (Key words update), RFC 8446 (TLS 1.3)
- **Agent-to-agent communication protocols**: RFC 2119 (Key words (MUST/SHALL/MAY)), RFC 8174 (Key words update), RFC 6749 (OAuth 2.0)
- **Autonomous netops**: RFC 2119 (Key words (MUST/SHALL/MAY)), RFC 8174 (Key words update), RFC 6241
- **Autonomous network operations**: RFC 2119 (Key words (MUST/SHALL/MAY)), RFC 8174 (Key words update), RFC 8986
- **Data formats / semantics for AI interop**: RFC 2119 (Key words (MUST/SHALL/MAY)), RFC 8174 (Key words update), RFC 3986 (URIs)
- **Data formats/interop**: RFC 2119 (Key words (MUST/SHALL/MAY)), RFC 8174 (Key words update), RFC 8446 (TLS 1.3)
- **Human-agent interaction**: RFC 2119 (Key words (MUST/SHALL/MAY)), RFC 8174 (Key words update), RFC 9110 (HTTP Semantics)
- **Identity / authentication for AI agents**: RFC 2119 (Key words (MUST/SHALL/MAY)), RFC 8174 (Key words update), RFC 6749 (OAuth 2.0)
- **ML traffic mgmt**: RFC 2119 (Key words (MUST/SHALL/MAY)), RFC 8174 (Key words update), RFC 9110 (HTTP Semantics)
- **ML-based traffic management / optimization**: RFC 2119 (Key words (MUST/SHALL/MAY)), RFC 8174 (Key words update)
- **Model serving/inference**: RFC 2119 (Key words (MUST/SHALL/MAY)), RFC 8174 (Key words update), RFC 8345
- **Other AI/agent**: RFC 2119 (Key words (MUST/SHALL/MAY)), RFC 8174 (Key words update), RFC 8446 (TLS 1.3)
- **Policy / governance / ethical frameworks**: RFC 2119 (Key words (MUST/SHALL/MAY)), RFC 6749 (OAuth 2.0), RFC 8174 (Key words update)
- **Policy/governance**: RFC 2119 (Key words (MUST/SHALL/MAY)), RFC 8174 (Key words update), RFC 6749 (OAuth 2.0)

149
data/reports/revisions.md Normal file
View File

@@ -0,0 +1,149 @@
# Draft Revision Velocity Report
*Generated 2026-03-03 20:12 UTC — 361 drafts analyzed*
## Overview
- **Average revision**: 2.21
- **At -00** (first draft only): **198** (54.8%)
- **Iterated** (rev >= 01): **163** (45.2%)
- **Highly iterated** (rev >= 05): **40**
## Revision Distribution
| Revision | Count | % |
|:---------|------:|--:|
| -00 | 198 | 54.8% |
| -01 | 72 | 19.9% |
| -02 | 27 | 7.5% |
| -03 | 11 | 3.0% |
| -04 | 13 | 3.6% |
| -05 | 7 | 1.9% |
| -06 | 7 | 1.9% |
| -07 | 5 | 1.4% |
| -08 | 1 | 0.3% |
| -09 | 4 | 1.1% |
| -10 | 2 | 0.6% |
| -11 | 1 | 0.3% |
| -13 | 1 | 0.3% |
| -15 | 1 | 0.3% |
| -16 | 1 | 0.3% |
| -17 | 1 | 0.3% |
| -22 | 1 | 0.3% |
| -23 | 2 | 0.6% |
| -26 | 1 | 0.3% |
| -30 | 1 | 0.3% |
| -32 | 1 | 0.3% |
| -57 | 1 | 0.3% |
| -60 | 1 | 0.3% |
| -67 | 1 | 0.3% |
## Revision Velocity by Organization (>= 3 drafts)
| # | Organization | Drafts | Avg Rev | At -00 | %-00 | Iterated | Max |
|--:|:-------------|-------:|--------:|-------:|-----:|---------:|----:|
| 1 | Huawei | 67 | 1.04 | 38 | 57% | 29 | 15 |
| 2 | China Mobile | 35 | 0.97 | 17 | 49% | 18 | 5 |
| 3 | Cisco | 25 | 5.52 | 13 | 52% | 12 | 57 |
| 4 | China Telecom | 24 | 0.96 | 15 | 62% | 9 | 6 |
| 5 | China Unicom | 22 | 0.86 | 12 | 55% | 10 | 3 |
| 6 | Independent | 18 | 0.56 | 12 | 67% | 6 | 3 |
| 7 | Tsinghua University | 16 | 0.44 | 10 | 62% | 6 | 2 |
| 8 | Telefonica | 13 | 1.77 | 6 | 46% | 7 | 6 |
| 9 | ZTE Corporation | 12 | 1.67 | 4 | 33% | 8 | 5 |
| 10 | Google | 11 | 3.55 | 5 | 45% | 6 | 22 |
| 11 | Pengcheng Laboratory | 10 | 0.10 | 9 | 90% | 1 | 1 |
| 12 | Five9 | 10 | 0.10 | 9 | 90% | 1 | 1 |
| 13 | Ericsson | 9 | 4.78 | 1 | 11% | 8 | 9 |
| 14 | BUPT | 7 | 1.14 | 3 | 43% | 4 | 3 |
| 15 | Amazon | 7 | 7.00 | 2 | 29% | 5 | 30 |
| 16 | Futurewei | 7 | 2.71 | 3 | 43% | 4 | 13 |
| 17 | Sandelman Software Works | 7 | 14.29 | 1 | 14% | 6 | 30 |
| 18 | Zhongguancun Laboratory | 6 | 0.67 | 2 | 33% | 4 | 1 |
| 19 | CAICT | 6 | 1.67 | 3 | 50% | 3 | 5 |
| 20 | Inria | 6 | 4.33 | 1 | 17% | 5 | 9 |
| 21 | Tsinghua Shenzhen International Graduate School & Pengcheng Laboratory | 6 | 0.17 | 5 | 83% | 1 | 1 |
| 22 | Deutsche Telekom | 6 | 0.67 | 4 | 67% | 2 | 2 |
| 23 | Bitwave | 6 | 0.17 | 5 | 83% | 1 | 1 |
| 24 | Boeing | 6 | 28.17 | 0 | 0% | 6 | 67 |
| 25 | Nokia | 5 | 3.20 | 1 | 20% | 4 | 9 |
| 26 | InterDigital Europe | 5 | 0.80 | 3 | 60% | 2 | 3 |
| 27 | InterDigital | 5 | 1.60 | 3 | 60% | 2 | 5 |
| 28 | RISE | 5 | 5.20 | 1 | 20% | 4 | 9 |
| 29 | Siemens | 5 | 17.20 | 0 | 0% | 5 | 26 |
| 30 | Department of Computer Science & Engineering | 4 | 1.50 | 1 | 25% | 3 | 4 |
| 31 | Universidad Carlos III de Madrid | 4 | 0.25 | 3 | 75% | 1 | 1 |
| 32 | Apple | 4 | 7.25 | 0 | 0% | 4 | 22 |
| 33 | Daejeon University | 4 | 3.25 | 0 | 0% | 4 | 7 |
| 34 | Mozilla | 4 | 2.25 | 2 | 50% | 2 | 5 |
| 35 | ISI, R.C. ATHENA | 4 | 0.75 | 1 | 25% | 3 | 1 |
| 36 | Aiiva.org | 3 | 0.00 | 3 | 100% | 0 | 0 |
| 37 | DONG-EUI University | 3 | 3.33 | 0 | 0% | 3 | 7 |
| 38 | DistributedApps.ai | 3 | 0.00 | 3 | 100% | 0 | 0 |
| 39 | lispers.net | 3 | 25.67 | 0 | 0% | 3 | 57 |
| 40 | Cloudflare | 3 | 1.67 | 1 | 33% | 2 | 4 |
| 41 | Infoblox, Inc. | 3 | 0.00 | 3 | 100% | 0 | 0 |
| 42 | IBM | 3 | 3.33 | 1 | 33% | 2 | 6 |
| 43 | CNIC, CAS | 3 | 0.00 | 3 | 100% | 0 | 0 |
| 44 | Huazhong University of Science and Technology | 3 | 1.67 | 1 | 33% | 2 | 4 |
## Fire-and-Forget Organizations (>= 70% at -00, >= 5 drafts)
Organizations that submit many drafts but rarely iterate:
- **Pengcheng Laboratory**: 9/10 at -00 (90%), avg rev 0.10
- **Five9**: 9/10 at -00 (90%), avg rev 0.10
- **Tsinghua Shenzhen International Graduate School & Pengcheng Laboratory**: 5/6 at -00 (83%), avg rev 0.17
- **Bitwave**: 5/6 at -00 (83%), avg rev 0.17
## Active Iterators (avg revision >= 3.0)
Organizations that actively revise and improve their drafts:
- **Boeing**: avg rev 28.2, max -67, 6 drafts
- **lispers.net**: avg rev 25.7, max -57, 3 drafts
- **Siemens**: avg rev 17.2, max -26, 5 drafts
- **Sandelman Software Works**: avg rev 14.3, max -30, 7 drafts
- **Apple**: avg rev 7.2, max -22, 4 drafts
- **Amazon**: avg rev 7.0, max -30, 7 drafts
- **Cisco**: avg rev 5.5, max -57, 25 drafts
- **RISE**: avg rev 5.2, max -09, 5 drafts
- **Ericsson**: avg rev 4.8, max -09, 9 drafts
- **Inria**: avg rev 4.3, max -09, 6 drafts
- **Google**: avg rev 3.5, max -22, 11 drafts
- **DONG-EUI University**: avg rev 3.3, max -07, 3 drafts
- **IBM**: avg rev 3.3, max -06, 3 drafts
- **Daejeon University**: avg rev 3.2, max -07, 4 drafts
- **Nokia**: avg rev 3.2, max -09, 5 drafts
## Most-Revised Drafts (Top 20)
| # | Rev | Name | Title |
|--:|----:|:-----|:------|
| 1 | -67 | draft-templin-intarea-aero | Automatic Extended Route Optimization (AERO) |
| 2 | -60 | draft-templin-6man-aero3 | Automatic Extended Route Optimization (AERO) |
| 3 | -57 | draft-ietf-lisp-nexagon | Geo-Intelligence Network Based On H3 and LISP |
| 4 | -32 | draft-templin-6man-mla | IPv6 Addresses for Ad Hoc Networks |
| 5 | -30 | draft-ietf-anima-constrained-voucher | Constrained Bootstrapping Remote Secure Key Infras |
| 6 | -26 | draft-ietf-suit-firmware-encryption | Encrypted Payloads in SUIT Manifests |
| 7 | -23 | draft-ietf-anima-brski-prm | BRSKI with Pledge in Responder Mode (BRSKI-PRM) |
| 8 | -23 | draft-ietf-lamps-rfc7030-csrattrs | Clarification and enhancement of RFC7030 CSR Attri |
| 9 | -22 | draft-ietf-httpbis-rfc6265bis | Cookies: HTTP State Management Mechanism |
| 10 | -17 | draft-ietf-lamps-e2e-mail-guidance | Guidance on End-to-End E-mail Security |
| 11 | -16 | draft-ietf-sshm-ssh-agent | SSH Agent Protocol |
| 12 | -15 | draft-ietf-roll-enrollment-priority | Controlling Secure Network Enrollment in RPL netwo |
| 13 | -13 | draft-ietf-pim-zeroconf-mcast-addr-alloc-ps | Zeroconf Multicast Address Allocation Problem Stat |
| 14 | -11 | draft-ietf-lamps-rfc5274bis | Certificate Management Messages over CMS (CMC): Co |
| 15 | -10 | draft-bradleylundberg-cfrg-arkg | The Asynchronous Remote Key Generation (ARKG) algo |
| 16 | -10 | draft-ietf-sshm-mlkem-hybrid-kex | PQ/T Hybrid Key Exchange with ML-KEM in SSH |
| 17 | -09 | draft-ietf-ace-coap-est-oscore | Protecting EST Payloads with OSCORE |
| 18 | -09 | draft-ietf-lamps-private-key-stmt-attr | An Attribute for Statement of Possession of a Priv |
| 19 | -09 | draft-ietf-ace-edhoc-oscore-profile | Ephemeral Diffie-Hellman Over COSE (EDHOC) and Obj |
| 20 | -09 | draft-ietf-tls-extended-key-update | Extended Key Update for Transport Layer Security ( |
## Score Comparison: Iterated vs First-Draft
| Metric | Iterated (rev > 00) | First-Draft (rev 00) |
|--------|--------------------:|---------------------:|
| Count | 163 | 198 |
| Average Score | 3.31 | 3.36 |
| Max Score | 4.65 | 4.85 |

408
data/reports/sprint-plan.md Normal file
View File

@@ -0,0 +1,408 @@
# Sprint Plan: Next 3 Sprints
*Created: 2026-03-03 | Status: Ready for execution*
**Decisions made:**
- **Publication platform**: GitHub Pages (Markdown-native, pairs with open-source release)
- **Publication cadence**: Staggered, 1 post per day (Post 1 + series overview on day 1)
- **License**: MIT
---
## Current State (Sprint 0 — Where We Are)
| Asset | Status | Details |
|-------|--------|---------|
| Blog series (8 posts + overview) | Final polish | ~22K words across 10 files. Writer doing final editorial pass. All numbers updated to 361-draft dataset. |
| CLI tool | Working | 24+ commands, 6,882 lines Python, 13 source files. 7 new features built this session (refs, trends, idea-overlap, status, revisions, centrality, co-occurrence). |
| Database | Fully processed | 361 drafts, 557 authors, 230 orgs, 1,780 ideas (628 cross-org convergent), 12 gaps. Pipeline complete on all drafts. |
| Reports | Fresh | All 15 report types regenerated from full dataset. 7 data packages in `data/reports/blog-series/data/`. |
| arXiv paper | Draft v1 | 13 pages at `paper/main.tex`, based on 260-draft dataset — needs update to 361+ with new analyses. |
| Packaging | Minimal | pyproject.toml exists (version 0.1.0). No tests, no CI, no LICENSE, no CONTRIBUTING.md. |
| README | Outdated | References 260 drafts, version 0.1.0, missing new commands and features. |
| Open source readiness | Not ready | No tests, no CI, no contribution guide, stale README. Tool works but isn't packaged for others. |
---
## Sprint 1: Publish the Blog Series + Begin Outreach (Highest Value, Time-Sensitive)
**Theme**: Get the analysis in front of people while the landscape is still moving fast. IETF 122 is upcoming and the data changes monthly — publishing now maximizes relevance. The pipeline is complete, the blog series is in final editorial polish — this sprint is about getting it live and in front of the right people.
**Duration**: 3-5 days
**NOTE**: Tasks 1.1-1.3 from the original plan are ALREADY DONE:
- Pipeline ran on all 361 drafts (557 authors, 1,780 ideas, 628 cross-org convergent, 12 gaps)
- All 15 reports regenerated
- All 8 blog posts updated with expanded-dataset numbers and verified for consistency
- Two deep analysis rounds completed (revision velocity, safety ratio trends, RFC divergence, co-occurrence, IETF meeting timing)
- Seven new CLI features implemented (refs, trends, idea-overlap, status, revisions, centrality, co-occurrence)
### Task 1.1: Complete Final Editorial Polish
**Agent**: Writer
**Effort**: S
**What**: Finish the ongoing editorial pass. The Writer is currently on this task. Once complete, the series is publication-ready.
**Acceptance criteria**: All 8 posts finalized. Writer confirms no further changes needed. Series overview (Post 00) is consistent with all posts.
**Dependencies**: None (in progress now)
### Task 1.2: Choose a Publication Platform and Publish
**Agent**: Writer + Architect
**Effort**: M
**What**: Decide where to publish the blog series and get posts live. Options (in order of recommendation):
1. **GitHub Pages** (fastest, free, Markdown-native) — create a simple static site with Jekyll/Hugo from the blog-series directory. Can publish straight from the repo.
2. **Substack / Medium / dev.to** — wider audience, built-in discovery, but requires manual formatting and copy-paste from Markdown.
3. **Personal blog** — if the author already has one, lowest friction.
Key decisions:
- Publish all 8 at once (series dump) or staggered (1 per day / every 2 days)?
- **Recommendation**: Publish Post 1 + Post 00 (series overview) on day 1, then one post per day. This builds anticipation and makes each post shareable individually.
- Interlink: each post should link to the previous and next post in the series.
- If GitHub Pages: set up a minimal Jekyll/Hugo site with posts from `data/reports/blog-series/`.
**Acceptance criteria**: Post 1 is live and publicly accessible. Publication schedule for posts 2-8 is set.
**Dependencies**: Task 1.1
### Task 1.3: Social Media and IETF Community Outreach
**Agent**: Architect (drafts messaging) + Writer (final copy)
**Effort**: M
**What**: Write announcement copy and identify channels:
- **Short-form posts** (Twitter/X, LinkedIn, Mastodon, Bluesky): 3-4 variations highlighting different angles:
- The growth stat + safety deficit angle ("IETF AI agent drafts went from 0.5% to 9.3% of all submissions in 15 months — with a 4:1 capability-to-safety ratio")
- The geopolitics angle ("One company writes 18% of all AI agent standards drafts")
- The fragmentation angle ("120 A2A protocols, 14 competing OAuth proposals, zero interop layer")
- The methodology angle ("We analyzed 361 IETF drafts with Claude for ~$9 and found the standards world is building highways before traffic lights")
- **IETF mailing lists**: Post to relevant lists (art@ietf.org, agents@ietf.org if it exists, or general discussion) with a brief summary and link to Post 1
- **Hacker News / Reddit /r/networking /r/machinelearning**: Submit Post 1 or Post 4 (gaps — the most newsworthy finding)
- **Direct outreach**: Identify 5-10 people who would care most (IETF area directors, authors of top-ranked drafts like DAAP and VOLT, AI standards researchers, MCP/A2A protocol teams) and share directly
**Acceptance criteria**: Announcement text ready for 3+ platforms. List of 5-10 direct outreach targets with contact method. Post submitted to at least one community (HN or IETF list).
**Dependencies**: Task 1.2
### Task 1.4: Fetch Latest Drafts (IETF 122 Prep)
**Agent**: Analyst
**Effort**: S
**What**: Run `ietf fetch` to pick up any new drafts submitted since the last fetch (2026-03-03). IETF meetings drive submission spikes — capture anything new before the paper update. Process any new drafts through the full pipeline (analyze, authors, ideas, embed, gaps).
**Acceptance criteria**: Any new drafts since 2026-03-03 are fetched, stored, and fully processed. Count reported.
**Dependencies**: None (can run in parallel with publishing tasks)
### Task 1.5: Commit All Current Work
**Agent**: Coder
**Effort**: S
**What**: The git status shows extensive uncommitted work: modified source files (cli.py, db.py, analyzer.py, reports.py, visualize.py, models.py, config.py), new files (CLAUDE.md, orgs.py, scripts/, blog series), new reports, agent definitions. Create a clean commit (or a few topical commits) capturing the current state: v0.3.0 with expanded dataset, 8-post blog series, 7 new features, agent team artifacts.
**Acceptance criteria**: All meaningful changes committed. Working tree clean. Version bumped to 0.3.0 in pyproject.toml and cli.py.
**Dependencies**: Task 1.1 (want final polished blog posts in the commit)
### Sprint 1 Success Criteria
- [ ] Blog series editorial polish complete
- [ ] Blog Post 1 is live and publicly accessible
- [ ] Publication schedule set for remaining 7 posts
- [ ] Announcement posted to at least 2 channels
- [ ] Latest drafts fetched for IETF 122 coverage
- [ ] All current work committed to git (v0.3.0)
---
## Sprint 2: Update the arXiv Paper + Deepen Analysis
**Theme**: Turn the expanded dataset into a credible academic contribution. The paper at `paper/main.tex` is solid but frozen at 260 drafts — updating it to 361+ with the new analyses makes it publishable.
**Duration**: 5-7 days
### Task 2.1: Run Pipeline on Any Newly Fetched Drafts
**Agent**: Analyst
**Effort**: S-M
**What**: Process any new drafts picked up in Sprint 1 Task 1.4 (IETF 122 fetch). Run the full pipeline: analyze, authors, ideas, embed, gaps. Regenerate reports.
**Acceptance criteria**: All drafts in the database are fully analyzed. Reports refreshed.
**Dependencies**: Sprint 1 Task 1.4
### Task 2.2: Generate Updated Figures for the Paper
**Agent**: Analyst + Coder
**Effort**: M
**What**: The paper has placeholder figures ([TIMELINE], [QUALITY], [RADAR], [NETWORK]). Run `ietf viz all` to regenerate the HTML visualizations, then use `paper/export_figures.py` (or write one if it doesn't work) to export publication-quality PNG/PDF versions.
Figures needed:
- Figure 1: Monthly submission timeline (stacked area by category) — with 361+ drafts
- Figure 2: Rating distributions by category (violin plots) — updated
- Figure 3: Similarity heatmap (now 361x361) — updated
- Figure 4: Quality vs. uniqueness scatter — updated
- Figure 5: Radar charts for top categories — updated
- Figure 6: Author collaboration network — updated with expanded dataset
**Acceptance criteria**: All 6 figures exported as PDF/PNG in `paper/figures/`. Each figure reflects the full expanded dataset.
**Dependencies**: Task 2.1
### Task 2.3: Update Paper Text and Tables
**Agent**: Writer + Architect
**Effort**: L
**What**: Update `paper/main.tex` throughout:
- **Title**: Change "260" to the current count
- **Abstract**: Update all numbers (drafts, authors, ideas, similarity pairs, tokens)
- **Section 3 (Methodology)**: Add the 6 new keywords (mcp, agentic, inference, generative, intelligent, aipref). Update seed keyword list from 6 to 12.
- **Section 4 (Dataset Overview)**: Update Table 1 with new numbers. Time span now extends further.
- **Section 5 (Findings)**: All tables and stats need updating with 361+ draft data. Particularly:
- Table 2 (categories) — will likely have new entries from expanded keywords
- Table 4 (organizations) — author/org counts will change
- Table 5 (top-ranked drafts) — new top drafts may emerge
- All prose stats (percentages, counts, growth rates)
- **Section 6 (Discussion)**: Revisit conclusions — do they still hold with 40% more data? Any new insights?
- **Section 7 (Future Work)**: Several items are now done (citation network via refs, gap-driven standardization). Update.
- **Section 8 (Conclusion)**: Update closing numbers
- **Appendix A**: Full category list will likely expand
- **Repository URL**: Fill in the [TODO] with actual URL after open-source release (or leave as "available upon publication")
- **References**: Add citations for MCP, any new relevant work
**Acceptance criteria**: Paper compiles cleanly with `make` (or `pdflatex`). All numbers match the current database. No [TODO] placeholders remain (except possibly author name/email if not yet decided).
**Dependencies**: Tasks 2.1, 2.2
### Task 2.4: Add New Analysis Sections to Paper
**Agent**: Architect + Analyst
**Effort**: M
**What**: The blog series uncovered findings that aren't in the paper. Consider adding:
- **Cross-organization convergence**: The idea-overlap analysis showing which technical ideas appear across multiple independent organizations (convergence signals vs. within-org duplication)
- **Team bloc analysis**: The 33 detected collaboration clusters and what they mean for coordination
- **RFC cross-reference graph**: Which foundational RFCs underpin the agent ecosystem (if `ietf refs` data is available)
- **Gap evolution**: Whether any of the 12 identified gaps are being filled by newer submissions
Pick the 1-2 most compelling additions that strengthen the paper's contribution without bloating it past 15 pages.
**Acceptance criteria**: 1-2 new subsections added. Paper is <= 16 pages. New sections have supporting data tables/figures.
**Dependencies**: Task 2.3
### Task 2.5: Submit to arXiv
**Agent**: Architect
**Effort**: S
**What**: Prepare the arXiv submission package:
- Compile the final PDF
- Ensure all figures are included
- Write the arXiv abstract (may differ slightly from paper abstract)
- Choose categories: cs.AI, cs.SE, or cs.CY (Computers and Society) — recommend cs.AI as primary, cs.SE as secondary
- Upload to arXiv
**Acceptance criteria**: Paper submitted to arXiv with no compilation errors. arXiv ID received.
**Dependencies**: Tasks 2.3, 2.4
### Task 2.6: Continue Blog Publication (Posts 2-8)
**Agent**: Writer
**Effort**: S (per post, ongoing)
**What**: Continue publishing the remaining blog posts on the schedule set in Sprint 1. For each post: format for the platform, add interlinks, publish, announce on social media.
**Acceptance criteria**: All 8 posts published by end of Sprint 2. Each post has at least one social media announcement.
**Dependencies**: Sprint 1 Task 1.4
### Sprint 2 Success Criteria
- [ ] arXiv paper updated with 361+ draft data and submitted
- [ ] All 8 blog posts published
- [ ] At least one new analysis (cross-org convergence or RFC cross-refs) added to paper
- [ ] Paper figures reflect the expanded dataset
---
## Sprint 3: Open-Source Release + Tool Polish
**Theme**: Make the tool usable by others. The analysis is interesting, but the *methodology* — combining LLM rating with embedding similarity at scale — is the reusable contribution. A clean open-source release turns a one-off project into a tool others can use to monitor IETF standardization activity.
**Duration**: 7-10 days
### Task 3.1: Add Tests
**Agent**: Coder
**Effort**: L
**What**: Currently zero tests. Add a test suite covering the critical paths:
- `tests/test_db.py` — Database operations (upsert, query, FTS search, embedding storage)
- `tests/test_config.py` — Config load/save, defaults, overrides
- `tests/test_models.py` — Dataclass creation, serialization
- `tests/test_fetcher.py` — Mock Datatracker API responses, parse draft metadata
- `tests/test_analyzer.py` — Mock Claude API, parse ratings/ideas from responses
- `tests/test_cli.py` — Click CLI integration tests (using CliRunner)
- `tests/test_reports.py` — Report generation produces valid markdown
Use pytest. Mock all external APIs (Datatracker, Claude, Ollama). Include a small test fixture database with ~5 drafts.
Add to pyproject.toml:
```toml
[project.optional-dependencies]
dev = ["pytest>=7.0", "pytest-cov", "responses>=0.25"]
```
**Acceptance criteria**: `pytest` passes with >= 70% coverage on db.py, config.py, models.py. All tests run without network access.
**Dependencies**: None
### Task 3.2: Set Up CI/CD (GitHub Actions)
**Agent**: Coder
**Effort**: M
**What**: Create `.github/workflows/ci.yml`:
- Trigger on push to main and PRs
- Python 3.11+ matrix
- Install deps, run pytest
- Run linting (ruff or flake8)
- Optionally: build the package and check it installs cleanly
**Acceptance criteria**: CI green on current main. PRs get automatic test runs. Badge in README.
**Dependencies**: Task 3.1
### Task 3.3: Clean Up Code for Public Release
**Agent**: Coder
**Effort**: M
**What**: Audit and fix:
- **Version**: Update from 0.1.0 to 0.3.0 (0.2.0 was the viz release, 0.3.0 is the expanded+blog release) in both `pyproject.toml` and `cli.py`
- **Config portability**: `config.py` uses `Path(__file__).resolve().parent.parent.parent / "data"` as default — this only works in dev mode. For installed packages, default to `~/.ietf-analyzer/` or use XDG conventions. Keep current behavior as fallback for dev.
- **Remove stale files**: `data/ietf_drafts.db` (empty/stale per MEMORY.md). Clean up any other debris.
- **Error handling at boundaries**: Ensure graceful failures when:
- Ollama is not running (`ietf embed` should say "Ollama not reachable" not crash)
- ANTHROPIC_API_KEY is not set (`ietf analyze` should say "Set ANTHROPIC_API_KEY" not crash)
- Network is unavailable (`ietf fetch` should handle timeouts)
- **Type hints**: Ensure public API functions have type hints (don't add to internal helpers)
- **.env support**: Already uses python-dotenv — verify it works from any working directory
- **Remove any debug prints or commented-out code**
**Acceptance criteria**: Tool installs cleanly via `pip install .` in a fresh venv. Commands that need external services give clear error messages when those services are unavailable.
**Dependencies**: None
### Task 3.4: Write Proper README and Docs
**Agent**: Writer + Coder
**Effort**: M
**What**: Rewrite `README.md` for an open-source audience:
- Project description with the hook (what it does, why it matters)
- Updated stats (361+ drafts, 557+ authors, 1,780+ ideas)
- Installation: pip install, API key setup, Ollama setup
- Quick start: the 6-command pipeline
- Full CLI reference (all 24 commands with options)
- Configuration: explain config.json, environment variables, defaults
- Architecture overview: how the modules fit together (fetcher -> db -> analyzer -> reports/viz)
- Screenshots/examples of output (report excerpts, viz screenshots)
- Contributing guide (CONTRIBUTING.md)
- Link to the blog series and arXiv paper
- License badge, CI badge
**Acceptance criteria**: A newcomer can go from `git clone` to running their first analysis by following the README. No broken links.
**Dependencies**: Task 3.3
### Task 3.5: Add LICENSE
**Agent**: Coder
**Effort**: S
**What**: Choose and add a license. Recommendations:
- **MIT** — simplest, most permissive, standard for tools like this
- **Apache 2.0** — if patent protection matters
Add to pyproject.toml:
```toml
license = {text = "MIT"}
```
**Acceptance criteria**: LICENSE file in repo root. License field in pyproject.toml. License header convention documented.
**Dependencies**: None
### Task 3.6: Prepare PyPI Package
**Agent**: Coder
**Effort**: M
**What**: Make the package installable from PyPI:
- Update pyproject.toml with full metadata (author, URL, classifiers, keywords, long_description from README)
- Ensure `python -m build` produces a clean sdist and wheel
- Test install from the built wheel in a fresh venv
- Write publish script: `scripts/publish.sh` using twine
- Register the package name on PyPI (or Test PyPI first)
```toml
[project]
name = "ietf-draft-analyzer"
version = "0.3.0"
description = "Track, categorize, and rate AI/agent-related IETF Internet-Drafts"
readme = "README.md"
license = {text = "MIT"}
keywords = ["ietf", "internet-draft", "ai-agents", "standards", "nlp"]
classifiers = [
"Development Status :: 3 - Alpha",
"Environment :: Console",
"Intended Audience :: Science/Research",
"Topic :: Scientific/Engineering :: Artificial Intelligence",
"Programming Language :: Python :: 3.11",
]
```
**Acceptance criteria**: `pip install ietf-draft-analyzer` works from PyPI (or Test PyPI). The `ietf` command is available after install.
**Dependencies**: Tasks 3.3, 3.4, 3.5
### Task 3.7: Public Repository Setup
**Agent**: Coder + Architect
**Effort**: S
**What**: Prepare the GitHub repository for public visibility:
- Ensure `.gitignore` covers: `.env`, `__pycache__`, `*.egg-info`, `data/config.json`, `data/drafts.db` (the actual user data shouldn't be in the repo — but the schema should be recreatable)
- Add `CONTRIBUTING.md` with: how to set up dev environment, how to run tests, code style, PR process
- Add issue templates (bug report, feature request)
- Update paper [TODO] repository URL
- Decide: include `data/drafts.db` in repo (useful for reproducibility) or .gitignore it (cleaner)?
- **Recommendation**: Include a snapshot as a GitHub Release asset, not in the git tree. Add a `scripts/download-data.sh` that fetches it.
- Set repo topics: ietf, internet-drafts, ai-agents, standardization, nlp, cli
**Acceptance criteria**: Repo is ready to be made public. No secrets or personal data in git history. README renders correctly on GitHub.
**Dependencies**: Tasks 3.4, 3.5, 3.6
### Sprint 3 Success Criteria
- [ ] Test suite with >= 70% coverage on core modules
- [ ] CI/CD running on GitHub Actions
- [ ] Tool installable via `pip install ietf-draft-analyzer`
- [ ] README guides a newcomer from clone to first analysis
- [ ] LICENSE file present (MIT)
- [ ] Repository is public-ready (no secrets, clean history, proper .gitignore)
---
## Cross-Sprint Dependencies
```
Sprint 1 Sprint 2 Sprint 3
──────── ──────── ────────
1.1 Final polish ────────> 1.2 Publish
1.2 Publish ─────────────> 2.6 Continue publishing
1.4 Fetch latest ────────> 2.1 Process new drafts
1.5 Commit v0.3.0 ──────> 3.3 Code cleanup
2.1 Process new ──────────> 2.2 Figures
2.2 Figures ───────────────> 2.3 Paper text
2.3 Paper ─────────────────> 2.4 New sections
2.4 New sections ──────────> 2.5 Submit arXiv
2.5 Submit arXiv ──────────> 3.7 Add arXiv URL to README
2.2 Figures ───────────────> 3.4 Screenshots in README
3.1 Tests ──────> 3.2 CI/CD
3.3 Cleanup ────> 3.6 PyPI
3.5 License ────> 3.6 PyPI
```
## Parallelization Plan
### Sprint 1 (3-5 days)
- **Day 1**: Writer finishes editorial polish (1.1). Analyst fetches latest drafts (1.4, parallel). Coder prepares commit (1.5, parallel).
- **Day 2**: Architect + Writer choose publication platform and set up (1.2). Architect drafts social media copy (1.3, start).
- **Day 3-4**: Publish Post 1 (1.2). Finalize social media copy (1.3). Begin announcing.
- **Day 5**: First post live, schedule confirmed, announcements out.
### Sprint 2 (5-7 days)
- **Day 1-2**: Analyst processes new drafts (2.1) + generates figures (2.2). Writer publishes posts 2-4 (2.6).
- **Day 3-5**: Writer + Architect update paper text (2.3). Architect + Analyst add new sections (2.4). Writer publishes posts 5-7 (2.6).
- **Day 6-7**: Architect prepares arXiv submission (2.5). Writer publishes post 8 (2.6).
### Sprint 3 (7-10 days)
- **Day 1-3**: Coder writes tests (3.1) and cleans code (3.3) in parallel. Coder adds LICENSE (3.5).
- **Day 4-5**: Coder sets up CI (3.2). Writer + Coder write README/docs (3.4).
- **Day 6-8**: Coder prepares PyPI package (3.6). Coder + Architect prepare public repo (3.7).
- **Day 9-10**: Final testing, publish to PyPI, make repo public.
---
## Risk Register
| Risk | Impact | Mitigation |
|------|--------|------------|
| Blog stats shift significantly with 101 new drafts | M — requires rewriting parts of posts | Run pipeline first (1.1), check before publishing |
| Ollama not available for embeddings | M — blocks pipeline | Can proceed without embeddings; analyze + ideas work independently |
| arXiv paper exceeds page limit after updates | L — need to trim | Set hard limit at 16 pages; prioritize 1-2 new sections max |
| PyPI name `ietf-draft-analyzer` taken | L — just rename | Check name availability early in Sprint 3 |
| IETF 122 generates a burst of new drafts mid-sprint | L — good problem to have | Fetch and process incrementally; blog posts note the snapshot date |
---
## What Value Comes When
| Milestone | Sprint | Impact |
|-----------|--------|--------|
| Blog Post 1 live | Sprint 1 | First public visibility; test the messaging |
| Full blog series published | Sprint 2 | Complete narrative in front of the community |
| arXiv paper submitted | Sprint 2 | Academic credibility; citeable artifact |
| Open-source tool on PyPI | Sprint 3 | Others can reproduce and extend the analysis |
| Public GitHub repo | Sprint 3 | Community contributions; methodology visible |
The highest-value action is publishing the blog series NOW (Sprint 1). The landscape is moving — every week of delay makes the analysis slightly less current. The paper and open-source release build credibility and longevity but can follow.

126
data/reports/status.md Normal file
View File

@@ -0,0 +1,126 @@
# WG Adoption Status Report
*Generated 2026-03-03 20:09 UTC — 361 drafts analyzed*
## Overview
- **WG-adopted** (draft-ietf-*): **36** (10.0%)
- **IRTF** (draft-irtf-*): **2**
- **Individual**: **325** (90.0%)
## Working Groups with AI/Agent Drafts
| # | WG | Drafts | Draft Names |
|--:|:---|-------:|-------------|
| 1 | lamps | 6 | draft-ietf-lamps-e2e-mail-guidance, draft-ietf-lamps-rfc5274bis, draft-ietf-lamps-private-key-stmt-attr, draft-ietf-lamps-attestation-freshness, draft-ietf-lamps-rfc7030-csrattrs, draft-ietf-lamps-est-renewal-info |
| 2 | lake | 5 | draft-ietf-lake-edhoc-impl-cons, draft-ietf-lake-authz, draft-ietf-lake-edhoc-psk, draft-ietf-lake-app-profiles, draft-ietf-lake-ra |
| 3 | tls | 3 | draft-ietf-tls-ecdhe-mlkem, draft-ietf-tls-deprecate-obsolete-kex, draft-ietf-tls-extended-key-update |
| 4 | emu | 3 | draft-ietf-emu-eap-edhoc, draft-ietf-emu-pqc-eapaka, draft-ietf-emu-hybrid-pqc-eapaka |
| 5 | sshm | 2 | draft-ietf-sshm-ssh-agent, draft-ietf-sshm-mlkem-hybrid-kex |
| 6 | anima | 2 | draft-ietf-anima-brski-prm, draft-ietf-anima-constrained-voucher |
| 7 | httpbis | 2 | draft-ietf-httpbis-rfc6265bis, draft-ietf-httpbis-layered-cookies |
| 8 | ace | 2 | draft-ietf-ace-coap-est-oscore, draft-ietf-ace-edhoc-oscore-profile |
| 9 | aipref | 2 | draft-ietf-aipref-vocab, draft-ietf-aipref-attach |
| 10 | lisp | 1 | draft-ietf-lisp-nexagon |
| 11 | dnsop | 1 | draft-ietf-dnsop-ds-automation |
| 12 | mailmaint | 1 | draft-ietf-mailmaint-pacc |
| 13 | sml | 1 | draft-ietf-sml-trust |
| 14 | roll | 1 | draft-ietf-roll-enrollment-priority |
| 15 | hpke | 1 | draft-ietf-hpke-hpke |
| 16 | suit | 1 | draft-ietf-suit-firmware-encryption |
| 17 | netconf | 1 | draft-ietf-netconf-configuration-tracing |
| 18 | pim | 1 | draft-ietf-pim-zeroconf-mcast-addr-alloc-ps |
## Score Comparison: WG-Adopted vs Individual
| Metric | WG-Adopted | Individual |
|--------|----------:|----------:|
| Count (rated) | 36 | 325 |
| Average Score | 3.54 | 3.31 |
| Min Score | 2.40 | 1.35 |
| Max Score | 4.60 | 4.85 |
### Per-Dimension Comparison
| Dimension | WG-Adopted Avg | Individual Avg | Delta |
|-----------|---------------:|---------------:|------:|
| Novelty | 2.92 | 3.36 | -0.45 |
| Maturity | 4.11 | 2.83 | +1.28 |
| Overlap | 2.39 | 2.66 | -0.27 |
| Momentum | 3.89 | 2.91 | +0.98 |
| Relevance | 3.58 | 3.87 | -0.29 |
## Category Distribution: WG-Adopted vs Individual
| Category | WG-Adopted | Individual | % WG |
|----------|----------:|----------:|-----:|
| A2A protocols | 3 | 133 | 2% |
| AI safety/alignment | 1 | 44 | 2% |
| Agent discovery/reg | 3 | 76 | 4% |
| Agent identity/auth | 14 | 107 | 12% |
| Autonomous netops | 4 | 94 | 4% |
| Data formats/interop | 20 | 128 | 14% |
| Human-agent interaction | 1 | 29 | 3% |
| ML traffic mgmt | 0 | 74 | 0% |
| Model serving/inference | 0 | 42 | 0% |
| Other AI/agent | 4 | 22 | 15% |
| Policy/governance | 6 | 87 | 6% |
## Gap Coverage by WG-Adopted Work
Do any WG-adopted drafts address the identified gaps?
| Gap | Severity | WG Coverage |
|-----|----------|-------------|
| Agent Behavior Verification | CRITICAL | Yes |
| Cross-Domain Agent Liability | CRITICAL | Yes |
| Agent Resource Exhaustion Protection | HIGH | Yes |
| Human Override Protocols | CRITICAL | Yes |
| Agent-Generated Data Provenance | HIGH | Yes |
| Agent Capability Degradation Handling | HIGH | Yes |
| Multi-Agent Coordination Deadlocks | HIGH | Yes |
| Agent Privacy Preservation | HIGH | Yes |
| Real-time Agent Debugging | MEDIUM | Yes |
| Agent Firmware/Model Update Security | HIGH | **No** |
| Cross-Protocol Agent Migration | MEDIUM | Yes |
| Agent Energy Consumption Optimization | MEDIUM | **No** |
## All WG-Adopted Drafts
| Draft | WG | Score | Categories | Title |
|-------|:---|------:|------------|-------|
| draft-ietf-mailmaint-pacc | mailmaint | 2.4 | Data formats/interop | Automatic Configuration of Email, Calendar, and Co |
| draft-ietf-anima-constrained-voucher | anima | 4.3 | Agent identity/auth, Data formats/interop | Constrained Bootstrapping Remote Secure Key Infras |
| draft-ietf-dnsop-ds-automation | dnsop | 2.8 | Other AI/agent | Operational Recommendations for DS Automation |
| draft-ietf-sshm-mlkem-hybrid-kex | sshm | 4.2 | Data formats/interop | PQ/T Hybrid Key Exchange with ML-KEM in SSH |
| draft-ietf-pim-zeroconf-mcast-addr-alloc-ps | pim | 2.5 | Agent discovery/reg, Data formats/interop | Zeroconf Multicast Address Allocation Problem Stat |
| draft-ietf-lamps-rfc5274bis | lamps | 3.1 | Data formats/interop | Certificate Management Messages over CMS (CMC): Co |
| draft-ietf-emu-hybrid-pqc-eapaka | emu | 3.8 | Agent identity/auth | Enhancing Security in EAP-AKA' with Hybrid Post-Qu |
| draft-ietf-emu-pqc-eapaka | emu | 3.5 | Agent identity/auth | Post-Quantum Key Encapsulation Mechanisms (PQ KEMs |
| draft-ietf-sshm-ssh-agent | sshm | 2.8 | Agent identity/auth | SSH Agent Protocol |
| draft-ietf-roll-enrollment-priority | roll | 2.9 | Agent discovery/reg, Autonomous netops | Controlling Secure Network Enrollment in RPL netwo |
| draft-ietf-tls-extended-key-update | tls | 4.2 | Data formats/interop | Extended Key Update for Transport Layer Security ( |
| draft-ietf-tls-ecdhe-mlkem | tls | 4.4 | Other AI/agent | Post-quantum hybrid ECDHE-MLKEM Key Agreement for |
| draft-ietf-emu-eap-edhoc | emu | 3.2 | Agent identity/auth | Using the Extensible Authentication Protocol (EAP) |
| draft-ietf-lamps-est-renewal-info | lamps | 3.7 | Data formats/interop | Certificate Renewal Recommendations for Enrollment |
| draft-ietf-tls-deprecate-obsolete-kex | tls | 3.8 | Policy/governance | Deprecating Obsolete Key Exchange Methods in (D)TL |
| draft-ietf-lake-edhoc-impl-cons | lake | 2.8 | Agent identity/auth | Implementation Considerations for Ephemeral Diffie |
| draft-ietf-lamps-rfc7030-csrattrs | lamps | 3.7 | Data formats/interop, Policy/governance | Clarification and enhancement of RFC7030 CSR Attri |
| draft-ietf-httpbis-rfc6265bis | httpbis | 3.0 | Other AI/agent | Cookies: HTTP State Management Mechanism |
| draft-ietf-suit-firmware-encryption | suit | 3.7 | Data formats/interop | Encrypted Payloads in SUIT Manifests |
| draft-ietf-aipref-vocab | aipref | 4.4 | Policy/governance, Data formats/interop | A Vocabulary For Expressing AI Usage Preferences |
| draft-ietf-lake-edhoc-psk | lake | 3.6 | Data formats/interop | EDHOC Authenticated with Pre-Shared Keys (PSK) |
| draft-ietf-lake-app-profiles | lake | 4.6 | Data formats/interop, Agent identity/auth | Coordinating the Use of Application Profiles for E |
| draft-ietf-lake-authz | lake | 3.9 | Agent identity/auth, Agent discovery/reg | Lightweight Authorization using Ephemeral Diffie-H |
| draft-ietf-lake-ra | lake | 3.7 | Agent identity/auth, Policy/governance | Remote attestation over EDHOC |
| draft-ietf-httpbis-layered-cookies | httpbis | 2.8 | Other AI/agent | Cookies: HTTP State Management Mechanism |
| draft-ietf-hpke-hpke | hpke | 4.3 | Agent identity/auth, Data formats/interop | Hybrid Public Key Encryption |
| draft-ietf-netconf-configuration-tracing | netconf | 3.7 | Autonomous netops, Data formats/interop | External Trace ID for Configuration Tracing |
| draft-ietf-aipref-attach | aipref | 3.8 | A2A protocols, Policy/governance | Associating AI Usage Preferences with Content in H |
| draft-ietf-sml-trust | sml | 3.5 | Data formats/interop, AI safety/alignment | Trust and security considerations for Structured E |
| draft-ietf-ace-coap-est-oscore | ace | 3.9 | Agent identity/auth, Data formats/interop | Protecting EST Payloads with OSCORE |
| draft-ietf-ace-edhoc-oscore-profile | ace | 3.6 | Agent identity/auth, A2A protocols | Ephemeral Diffie-Hellman Over COSE (EDHOC) and Obj |
| draft-ietf-lamps-attestation-freshness | lamps | 3.7 | Agent identity/auth | Nonce-based Freshness for Remote Attestation in Ce |
| draft-ietf-lamps-private-key-stmt-attr | lamps | 3.4 | Data formats/interop | An Attribute for Statement of Possession of a Priv |
| draft-ietf-lisp-nexagon | lisp | 4.0 | Autonomous netops, A2A protocols | Geo-Intelligence Network Based On H3 and LISP |
| draft-ietf-lamps-e2e-mail-guidance | lamps | 3.0 | Data formats/interop, Policy/governance | Guidance on End-to-End E-mail Security |
| draft-ietf-anima-brski-prm | anima | 2.9 | Agent identity/auth, Autonomous netops | BRSKI with Pledge in Responder Mode (BRSKI-PRM) |

995
data/reports/team-blocs.md Normal file
View File

@@ -0,0 +1,995 @@
# Team Bloc Analysis
*Generated 2026-03-01 20:02 UTC — 403 authors, 260 drafts*
*Parameters: cohesion >= 70%, min shared drafts >= 2, min size >= 2*
## Summary
| Metric | Value |
|--------|------:|
| Total blocs detected | 33 |
| Authors in blocs | 102 / 403 (25%) |
| Largest bloc | 13 members |
| Most shared drafts | 22 |
### Bloc Size Distribution
| Size | Count |
|------|------:|
| 10+ members | 1 |
| 5-9 members | 2 |
| 3-4 members | 11 |
| 2 members | 19 |
### Blocs by Organization
| Organization | Blocs | Total Members | Total Shared Drafts |
|-------------|------:|--------------:|--------------------:|
| Huawei | 4 | 20 | 29 |
| Cisco | 3 | 9 | 7 |
| Ericsson | 1 | 5 | 6 |
| Bitwave | 1 | 2 | 6 |
| China Telecom | 1 | 6 | 5 |
| Zhongguancun Laboratory | 1 | 4 | 5 |
| Infoblox, Inc. | 1 | 4 | 4 |
| ISI, R.C. ATHENA | 1 | 4 | 4 |
| Nokia | 1 | 2 | 4 |
| China Mobile | 1 | 2 | 4 |
| China Unicom | 2 | 4 | 4 |
| Department of Computer Science & Engineering | 1 | 3 | 3 |
| RISE | 1 | 2 | 3 |
| Bundesdruckerei GmbH | 1 | 4 | 2 |
| JPMorgan Chase & Co | 1 | 4 | 2 |
| IBM | 1 | 4 | 2 |
| Entrust Limited | 1 | 3 | 2 |
| AKAYLA, Inc. | 1 | 2 | 2 |
| Daejeon University | 1 | 2 | 2 |
| National Security Institute, Virginia Tech | 1 | 2 | 2 |
| InterDigital Europe | 1 | 2 | 2 |
| Amazon | 1 | 2 | 2 |
| Fraunhofer SIT | 1 | 2 | 2 |
| ICANN | 1 | 2 | 2 |
| Apple | 1 | 2 | 2 |
| Okta | 1 | 2 | 2 |
| ICT, CAS | 1 | 2 | 2 |
---
## Detailed Bloc Profiles
### 1. Huawei team (13)
| | |
|---|---|
| **Members** | 13 |
| **Shared Drafts** | 22 |
| **Cohesion** | 94% |
| **Primary Org** | Huawei |
| **All Orgs** | Huawei, UnionPay |
**Members:**
| Author | Organization | Drafts | In-Bloc Drafts |
|--------|-------------|-------:|--------------:|
| Bing Liu | Huawei | 21 | 19 |
| Nan Geng | Huawei | 19 | 19 |
| Zhenbin Li | Huawei | 19 | 19 |
| Qiangzhou Gao | Huawei | 18 | 18 |
| Xiaotong Shang | Huawei | 17 | 17 |
| Jianwei Mao | Huawei | 11 | 11 |
| Guanming Zeng | Huawei | 7 | 6 |
| Li Zhang | Huawei | 5 | 5 |
| Chong Zheng | Huawei | 3 | 3 |
| Xiaohua Men | UnionPay | 2 | 2 |
| Yulun Fang | UnionPay | 2 | 2 |
| Quan Yuan | Huawei | 2 | 2 |
| Ruyi Zhang | Huawei | 2 | 2 |
**Shared Drafts:**
| Draft | Co-authors | Score | Categories |
|-------|----------:|------:|------------|
| [draft-men-rtgwg-agent-networking-in-digibank](https://datatracker.ietf.org/doc/draft-men-rtgwg-agent-networking-in-digibank/) | 7/13 | 1.8 | A2A protocols, Agent discovery/reg |
| [draft-men-rtgwg-agent-networking-digibank-scenario](https://datatracker.ietf.org/doc/draft-men-rtgwg-agent-networking-digibank-scenario/) | 7/13 | 2.5 | A2A protocols, Agent discovery/reg |
| [draft-yuan-rtgwg-traffic-agent-usecase](https://datatracker.ietf.org/doc/draft-yuan-rtgwg-traffic-agent-usecase/) | 7/13 | 3.7 | ML traffic mgmt, Autonomous netops |
| [draft-zeng-opsawg-applicability-mcp-a2a](https://datatracker.ietf.org/doc/draft-zeng-opsawg-applicability-mcp-a2a/) | 7/13 | 3.5 | Autonomous netops, A2A protocols |
| [draft-zhang-rtgwg-ai-agents-troubleshooting](https://datatracker.ietf.org/doc/draft-zhang-rtgwg-ai-agents-troubleshooting/) | 7/13 | 2.9 | Agent-to-agent communication protocols, Autonomous network operations |
| [draft-yuan-rtgwg-security-agent-usecase](https://datatracker.ietf.org/doc/draft-yuan-rtgwg-security-agent-usecase/) | 7/13 | 3.4 | Autonomous netops, AI safety/alignment |
| [draft-zeng-opsawg-llm-netconf-gap](https://datatracker.ietf.org/doc/draft-zeng-opsawg-llm-netconf-gap/) | 7/13 | 3.9 | Autonomous netops, A2A protocols |
| [draft-zm-rtgwg-mcp-troubleshooting](https://datatracker.ietf.org/doc/draft-zm-rtgwg-mcp-troubleshooting/) | 7/13 | 3.6 | Autonomous netops, Human-agent interaction |
| [draft-zhang-rtgwg-ai-agents-measurement](https://datatracker.ietf.org/doc/draft-zhang-rtgwg-ai-agents-measurement/) | 7/13 | 2.7 | Autonomous netops, A2A protocols |
| [draft-mzsg-rtgwg-agent-cross-device-comm-framework](https://datatracker.ietf.org/doc/draft-mzsg-rtgwg-agent-cross-device-comm-framework/) | 7/13 | 2.5 | A2A protocols, Autonomous netops |
| [draft-mao-rtgwg-agent-comm-protocol-gap-analysis](https://datatracker.ietf.org/doc/draft-mao-rtgwg-agent-comm-protocol-gap-analysis/) | 7/13 | 3.6 | A2A protocols, Autonomous netops |
| [draft-pang-agents-networking-scenarios](https://datatracker.ietf.org/doc/draft-pang-agents-networking-scenarios/) | 6/13 | 2.3 | Autonomous netops, Other AI/agent |
| [draft-zlgsgl-rtgwg-agents-networking-framework](https://datatracker.ietf.org/doc/draft-zlgsgl-rtgwg-agents-networking-framework/) | 6/13 | 3.6 | Autonomous netops, A2A protocols |
| [draft-zl-agents-networking-framework](https://datatracker.ietf.org/doc/draft-zl-agents-networking-framework/) | 6/13 | 2.4 | Agent discovery / registration, Identity / authentication for AI agents |
| [draft-zheng-agent-identity-management](https://datatracker.ietf.org/doc/draft-zheng-agent-identity-management/) | 6/13 | 3.7 | Agent identity/auth, Agent discovery/reg |
| [draft-zheng-dispatch-agent-identity-management](https://datatracker.ietf.org/doc/draft-zheng-dispatch-agent-identity-management/) | 6/13 | 3.3 | Identity / authentication for AI agents, Agent discovery / registration |
| [draft-liu-rtgwg-agent-gateway-requirements](https://datatracker.ietf.org/doc/draft-liu-rtgwg-agent-gateway-requirements/) | 5/13 | 3.2 | A2A protocols, Agent identity/auth |
| [draft-mao-rtgwg-apn-framework-for-ioa](https://datatracker.ietf.org/doc/draft-mao-rtgwg-apn-framework-for-ioa/) | 4/13 | 3.2 | ML traffic mgmt, A2A protocols |
| [draft-zl-agents-networking-architecture](https://datatracker.ietf.org/doc/draft-zl-agents-networking-architecture/) | 3/13 | 2.5 | Autonomous netops, A2A protocols |
| [draft-zl-agents-networking-scenarios](https://datatracker.ietf.org/doc/draft-zl-agents-networking-scenarios/) | 2/13 | 2.3 | Autonomous netops, Human-agent interaction |
| [draft-ni-a2a-ai-agent-security-requirements](https://datatracker.ietf.org/doc/draft-ni-a2a-ai-agent-security-requirements/) | 2/13 | 3.7 | AI safety/alignment, Agent identity/auth |
| [draft-zeng-mcp-troubleshooting](https://datatracker.ietf.org/doc/draft-zeng-mcp-troubleshooting/) | 2/13 | 3.1 | Autonomous netops, Data formats/interop |
---
### 2. Ericsson team (5)
| | |
|---|---|
| **Members** | 5 |
| **Shared Drafts** | 6 |
| **Cohesion** | 100% |
| **Primary Org** | Ericsson |
| **All Orgs** | Ericsson, Inria, University of Murcia |
**Members:**
| Author | Organization | Drafts | In-Bloc Drafts |
|--------|-------------|-------:|--------------:|
| Göran Selander | Ericsson | 7 | 6 |
| John Preuß Mattsson | Ericsson | 5 | 5 |
| Mališa Vučinić | Inria | 2 | 2 |
| Francisco Lopez-Gomez | University of Murcia | 2 | 2 |
| Rafael Marin-Lopez | University of Murcia | 2 | 2 |
**Shared Drafts:**
| Draft | Co-authors | Score | Categories |
|-------|----------:|------:|------------|
| [draft-ietf-lake-edhoc-psk](https://datatracker.ietf.org/doc/draft-ietf-lake-edhoc-psk/) | 4/5 | 3.6 | Data formats/interop |
| [draft-ietf-emu-eap-edhoc](https://datatracker.ietf.org/doc/draft-ietf-emu-eap-edhoc/) | 4/5 | 3.2 | Agent identity/auth |
| [draft-ietf-lake-authz](https://datatracker.ietf.org/doc/draft-ietf-lake-authz/) | 3/5 | 3.9 | Agent identity/auth, Agent discovery/reg |
| [draft-ietf-ace-coap-est-oscore](https://datatracker.ietf.org/doc/draft-ietf-ace-coap-est-oscore/) | 2/5 | 3.9 | Agent identity/auth, Data formats/interop |
| [draft-spm-lake-pqsuites](https://datatracker.ietf.org/doc/draft-spm-lake-pqsuites/) | 2/5 | 4.1 | Agent identity/auth |
| [draft-ietf-ace-edhoc-oscore-profile](https://datatracker.ietf.org/doc/draft-ietf-ace-edhoc-oscore-profile/) | 2/5 | 3.6 | Agent identity/auth, A2A protocols |
---
### 3. Bitwave team (2)
| | |
|---|---|
| **Members** | 2 |
| **Shared Drafts** | 6 |
| **Cohesion** | 100% |
| **Primary Org** | Bitwave |
| **All Orgs** | Bitwave, Five9 |
**Members:**
| Author | Organization | Drafts | In-Bloc Drafts |
|--------|-------------|-------:|--------------:|
| Jonathan Rosenberg | Five9 | 7 | 6 |
| Pat White | Bitwave | 6 | 6 |
**Shared Drafts:**
| Draft | Co-authors | Score | Categories |
|-------|----------:|------:|------------|
| [draft-rosenberg-aiproto-cheq](https://datatracker.ietf.org/doc/draft-rosenberg-aiproto-cheq/) | 2/2 | 3.9 | Human-agent interaction, AI safety/alignment |
| [draft-rosenberg-aiproto-a2t](https://datatracker.ietf.org/doc/draft-rosenberg-aiproto-a2t/) | 2/2 | 3.9 | A2A protocols, Data formats/interop |
| [draft-rosenberg-cheq](https://datatracker.ietf.org/doc/draft-rosenberg-cheq/) | 2/2 | 3.6 | AI safety/alignment, Human-agent interaction |
| [draft-rosenberg-aiproto-nact](https://datatracker.ietf.org/doc/draft-rosenberg-aiproto-nact/) | 2/2 | 3.7 | A2A protocols, Data formats/interop |
| [draft-rosenberg-oauth-aauth](https://datatracker.ietf.org/doc/draft-rosenberg-oauth-aauth/) | 2/2 | 3.6 | Agent identity/auth, AI safety/alignment |
| [draft-rosenberg-aiproto](https://datatracker.ietf.org/doc/draft-rosenberg-aiproto/) | 2/2 | 3.7 | A2A protocols, Data formats/interop |
---
### 4. China Telecom team (6)
| | |
|---|---|
| **Members** | 6 |
| **Shared Drafts** | 5 |
| **Cohesion** | 100% |
| **Primary Org** | China Telecom |
| **All Orgs** | BUPT, China Telecom, Tsinghua University |
**Members:**
| Author | Organization | Drafts | In-Bloc Drafts |
|--------|-------------|-------:|--------------:|
| Aijun Wang | China Telecom | 8 | 5 |
| Menghan Yu | China Telecom | 3 | 2 |
| Jinyan Li | China Telecom | 3 | 3 |
| Zhiyuan Liu | Tsinghua University | 2 | 2 |
| Cheng Yang | BUPT | 2 | 2 |
| Zhen Li | China Telecom | 2 | 2 |
**Shared Drafts:**
| Draft | Co-authors | Score | Categories |
|-------|----------:|------:|------------|
| [draft-yu-dmsc-ai-agent-use-cases-in-6g](https://datatracker.ietf.org/doc/draft-yu-dmsc-ai-agent-use-cases-in-6g/) | 4/6 | 2.6 | Autonomous netops, ML traffic mgmt |
| [draft-yu-ai-agent-use-cases-in-6g](https://datatracker.ietf.org/doc/draft-yu-ai-agent-use-cases-in-6g/) | 4/6 | 2.5 | Agent-to-agent communication protocols, Identity / authentication for AI agents |
| [draft-yang-ioa-protocol](https://datatracker.ietf.org/doc/draft-yang-ioa-protocol/) | 3/6 | 3.6 | A2A protocols, Agent discovery/reg |
| [draft-yang-dmsc-ioa-task-protocol](https://datatracker.ietf.org/doc/draft-yang-dmsc-ioa-task-protocol/) | 3/6 | 3.0 | A2A protocols, Agent discovery/reg |
| [draft-hw-ai-agent-6g](https://datatracker.ietf.org/doc/draft-hw-ai-agent-6g/) | 2/6 | 3.1 | Agent-to-agent communication protocols, Autonomous network operations |
---
### 5. Zhongguancun Laboratory team (4)
| | |
|---|---|
| **Members** | 4 |
| **Shared Drafts** | 5 |
| **Cohesion** | 94% |
| **Primary Org** | Zhongguancun Laboratory |
| **All Orgs** | Tsinghua University, Zhongguancun Laboratory |
**Members:**
| Author | Organization | Drafts | In-Bloc Drafts |
|--------|-------------|-------:|--------------:|
| Yong Cui | Tsinghua University | 8 | 5 |
| Chenguang Du | Zhongguancun Laboratory | 4 | 3 |
| Lei Zhang | Zhongguancun Laboratory | 2 | 2 |
| Mingzhe Xing | Zhongguancun Laboratory | 2 | 2 |
**Shared Drafts:**
| Draft | Co-authors | Score | Categories |
|-------|----------:|------:|------------|
| [draft-cui-nmrg-llm-nm](https://datatracker.ietf.org/doc/draft-cui-nmrg-llm-nm/) | 3/4 | 4.1 | Human-agent interaction, Autonomous netops |
| [draft-irtf-nmrg-llm-nm](https://datatracker.ietf.org/doc/draft-irtf-nmrg-llm-nm/) | 3/4 | 3.5 | Autonomous netops, Human-agent interaction |
| [draft-cui-nmrg-llm-benchmark](https://datatracker.ietf.org/doc/draft-cui-nmrg-llm-benchmark/) | 2/4 | 4.3 | Autonomous netops, Policy/governance |
| [draft-cui-ai-agent-discovery-invocation](https://datatracker.ietf.org/doc/draft-cui-ai-agent-discovery-invocation/) | 2/4 | 3.9 | Agent discovery/reg, A2A protocols |
| [draft-cui-ai-agent-task](https://datatracker.ietf.org/doc/draft-cui-ai-agent-task/) | 2/4 | 3.0 | Agent-to-agent communication protocols, Agent discovery / registration |
---
### 6. Infoblox, Inc. team (4)
| | |
|---|---|
| **Members** | 4 |
| **Shared Drafts** | 4 |
| **Cohesion** | 100% |
| **Primary Org** | Infoblox, Inc. |
| **All Orgs** | Deutsche Telekom, Independent, Infoblox, Inc. |
**Members:**
| Author | Organization | Drafts | In-Bloc Drafts |
|--------|-------------|-------:|--------------:|
| Roland Schott | Deutsche Telekom | 5 | 4 |
| Behcet Sarikaya | Independent | 4 | 4 |
| Jim Mozley | Infoblox, Inc. | 3 | 3 |
| Nic Williams | Infoblox, Inc. | 3 | 3 |
**Shared Drafts:**
| Draft | Co-authors | Score | Categories |
|-------|----------:|------:|------------|
| [draft-mozleywilliams-dnsop-bandaid](https://datatracker.ietf.org/doc/draft-mozleywilliams-dnsop-bandaid/) | 4/4 | 3.6 | Agent discovery/reg, A2A protocols |
| [draft-mozleywilliams-dnsop-dnsaid](https://datatracker.ietf.org/doc/draft-mozleywilliams-dnsop-dnsaid/) | 4/4 | 3.6 | Agent discovery/reg, Data formats/interop |
| [draft-mozley-aidiscovery](https://datatracker.ietf.org/doc/draft-mozley-aidiscovery/) | 4/4 | 3.5 | Agent discovery/reg, A2A protocols |
| [draft-sarischo-6gip-aiagent-requirements](https://datatracker.ietf.org/doc/draft-sarischo-6gip-aiagent-requirements/) | 2/4 | 2.6 | Agent discovery/reg, Autonomous netops |
---
### 7. ISI, R.C. ATHENA team (4)
| | |
|---|---|
| **Members** | 4 |
| **Shared Drafts** | 4 |
| **Cohesion** | 100% |
| **Primary Org** | ISI, R.C. ATHENA |
**Members:**
| Author | Organization | Drafts | In-Bloc Drafts |
|--------|-------------|-------:|--------------:|
| Evangelos Haleplidis | ISI, R.C. ATHENA | 4 | 4 |
| Lidia Pocero Fraile | ISI, R.C. ATHENA | 4 | 4 |
| Apostolos P. Fournaris | ISI, R.C. ATHENA | 4 | 4 |
| Christos Koulamas | ISI, R.C. ATHENA | 4 | 4 |
**Shared Drafts:**
| Draft | Co-authors | Score | Categories |
|-------|----------:|------:|------------|
| [draft-pocero-authkem-edhoc](https://datatracker.ietf.org/doc/draft-pocero-authkem-edhoc/) | 4/4 | 3.7 | Agent identity/auth, A2A protocols |
| [draft-lake-pocero-authkem-ikr-edhoc](https://datatracker.ietf.org/doc/draft-lake-pocero-authkem-ikr-edhoc/) | 4/4 | 4.2 | Agent identity/auth |
| [draft-pocero-authkem-ikr-edhoc](https://datatracker.ietf.org/doc/draft-pocero-authkem-ikr-edhoc/) | 4/4 | 3.0 | Agent identity/auth |
| [draft-lake-pocero-authkem-edhoc](https://datatracker.ietf.org/doc/draft-lake-pocero-authkem-edhoc/) | 4/4 | 3.2 | Agent identity/auth |
---
### 8. Nokia team (2)
| | |
|---|---|
| **Members** | 2 |
| **Shared Drafts** | 4 |
| **Cohesion** | 100% |
| **Primary Org** | Nokia |
**Members:**
| Author | Organization | Drafts | In-Bloc Drafts |
|--------|-------------|-------:|--------------:|
| Tirumaleswar Reddy.K | Nokia | 5 | 4 |
| Aritra Banerjee | Nokia | 4 | 4 |
**Shared Drafts:**
| Draft | Co-authors | Score | Categories |
|-------|----------:|------:|------------|
| [draft-ra-emu-pqc-eapaka](https://datatracker.ietf.org/doc/draft-ra-emu-pqc-eapaka/) | 2/2 | 3.2 | Agent identity/auth |
| [draft-ietf-emu-pqc-eapaka](https://datatracker.ietf.org/doc/draft-ietf-emu-pqc-eapaka/) | 2/2 | 3.5 | Agent identity/auth |
| [draft-ar-emu-hybrid-pqc-eapaka](https://datatracker.ietf.org/doc/draft-ar-emu-hybrid-pqc-eapaka/) | 2/2 | 3.5 | Agent identity/auth |
| [draft-ietf-emu-hybrid-pqc-eapaka](https://datatracker.ietf.org/doc/draft-ietf-emu-hybrid-pqc-eapaka/) | 2/2 | 3.8 | Agent identity/auth |
---
### 9. China Mobile team (2)
| | |
|---|---|
| **Members** | 2 |
| **Shared Drafts** | 4 |
| **Cohesion** | 100% |
| **Primary Org** | China Mobile |
**Members:**
| Author | Organization | Drafts | In-Bloc Drafts |
|--------|-------------|-------:|--------------:|
| Meiling Chen | China Mobile | 4 | 4 |
| Li Su | China Mobile | 4 | 4 |
**Shared Drafts:**
| Draft | Co-authors | Score | Categories |
|-------|----------:|------:|------------|
| [draft-chen-ai-agent-auth-new-requirements](https://datatracker.ietf.org/doc/draft-chen-ai-agent-auth-new-requirements/) | 2/2 | 3.8 | Agent identity/auth, AI safety/alignment |
| [draft-chen-lake-edhoc-aka](https://datatracker.ietf.org/doc/draft-chen-lake-edhoc-aka/) | 2/2 | 3.0 | Agent identity/auth |
| [draft-chen-oauth-rar-agent-extensions](https://datatracker.ietf.org/doc/draft-chen-oauth-rar-agent-extensions/) | 2/2 | 4.2 | Agent identity/auth, A2A protocols |
| [draft-chen-agent-decoupled-authorization-model](https://datatracker.ietf.org/doc/draft-chen-agent-decoupled-authorization-model/) | 2/2 | 3.5 | Identity / authentication for AI agents, AI safety / guardrails / alignment |
---
### 10. Department of Computer Science & Engineering team (3)
| | |
|---|---|
| **Members** | 3 |
| **Shared Drafts** | 3 |
| **Cohesion** | 100% |
| **Primary Org** | Department of Computer Science & Engineering |
| **All Orgs** | Department of Computer Science & Engineering, School of Electronic Engineering |
**Members:**
| Author | Organization | Drafts | In-Bloc Drafts |
|--------|-------------|-------:|--------------:|
| Jaehoon Paul Jeong | Department of Computer Science & Engineering | 4 | 3 |
| Yoseop Ahn | Department of Computer Science & Engineering | 3 | 3 |
| Younghan Kim | School of Electronic Engineering | 2 | 2 |
**Shared Drafts:**
| Draft | Co-authors | Score | Categories |
|-------|----------:|------:|------------|
| [draft-ahn-nmrg-5g-security-i2nsf-framework](https://datatracker.ietf.org/doc/draft-ahn-nmrg-5g-security-i2nsf-framework/) | 3/3 | 3.5 | Policy/governance, Autonomous netops |
| [draft-ahn-opsawg-5g-security-i2nsf-framework](https://datatracker.ietf.org/doc/draft-ahn-opsawg-5g-security-i2nsf-framework/) | 3/3 | 3.2 | Autonomous netops, Policy/governance |
| [draft-jeong-opsawg-intent-based-sdv-framework](https://datatracker.ietf.org/doc/draft-jeong-opsawg-intent-based-sdv-framework/) | 2/3 | 3.3 | Autonomous netops, Agent discovery/reg |
---
### 11. Cisco team (2)
| | |
|---|---|
| **Members** | 2 |
| **Shared Drafts** | 3 |
| **Cohesion** | 100% |
| **Primary Org** | Cisco |
**Members:**
| Author | Organization | Drafts | In-Bloc Drafts |
|--------|-------------|-------:|--------------:|
| Cullen Fluffy Jennings | Cisco | 6 | 3 |
| Suhas Nandakumar | Cisco | 3 | 3 |
**Shared Drafts:**
| Draft | Co-authors | Score | Categories |
|-------|----------:|------:|------------|
| [draft-a2a-moqt-transport](https://datatracker.ietf.org/doc/draft-a2a-moqt-transport/) | 2/2 | 3.1 | A2A protocols, Data formats/interop |
| [draft-nandakumar-a2a-moqt-transport](https://datatracker.ietf.org/doc/draft-nandakumar-a2a-moqt-transport/) | 2/2 | 3.0 | A2A protocols, Data formats/interop |
| [draft-nandakumar-agent-sd-jwt](https://datatracker.ietf.org/doc/draft-nandakumar-agent-sd-jwt/) | 2/2 | 3.9 | Agent discovery / registration, Identity / authentication for AI agents |
---
### 12. RISE team (2)
| | |
|---|---|
| **Members** | 2 |
| **Shared Drafts** | 3 |
| **Cohesion** | 100% |
| **Primary Org** | RISE |
**Members:**
| Author | Organization | Drafts | In-Bloc Drafts |
|--------|-------------|-------:|--------------:|
| Marco Tiloca | RISE | 4 | 3 |
| Rikard Höglund | RISE | 3 | 3 |
**Shared Drafts:**
| Draft | Co-authors | Score | Categories |
|-------|----------:|------:|------------|
| [draft-tiloca-lake-exporter-output-length](https://datatracker.ietf.org/doc/draft-tiloca-lake-exporter-output-length/) | 2/2 | 2.4 | Agent identity/auth |
| [draft-ietf-ace-edhoc-oscore-profile](https://datatracker.ietf.org/doc/draft-ietf-ace-edhoc-oscore-profile/) | 2/2 | 3.6 | Agent identity/auth, A2A protocols |
| [draft-ietf-lake-app-profiles](https://datatracker.ietf.org/doc/draft-ietf-lake-app-profiles/) | 2/2 | 4.6 | Data formats/interop, Agent identity/auth |
---
### 13. Huawei team (2)
| | |
|---|---|
| **Members** | 2 |
| **Shared Drafts** | 3 |
| **Cohesion** | 100% |
| **Primary Org** | Huawei |
**Members:**
| Author | Organization | Drafts | In-Bloc Drafts |
|--------|-------------|-------:|--------------:|
| Peter Chunchi Liu | Huawei | 4 | 3 |
| Ni Yuan | Huawei | 3 | 3 |
**Shared Drafts:**
| Draft | Co-authors | Score | Categories |
|-------|----------:|------:|------------|
| [draft-liu-oauth-a2a-profile](https://datatracker.ietf.org/doc/draft-liu-oauth-a2a-profile/) | 2/2 | 3.6 | Agent identity/auth, A2A protocols |
| [draft-ni-a2a-ai-agent-security-requirements](https://datatracker.ietf.org/doc/draft-ni-a2a-ai-agent-security-requirements/) | 2/2 | 3.7 | AI safety/alignment, Agent identity/auth |
| [draft-ni-wimse-ai-agent-identity](https://datatracker.ietf.org/doc/draft-ni-wimse-ai-agent-identity/) | 2/2 | 3.0 | Agent identity/auth |
---
### 14. Bundesdruckerei GmbH team (4)
| | |
|---|---|
| **Members** | 4 |
| **Shared Drafts** | 2 |
| **Cohesion** | 100% |
| **Primary Org** | Bundesdruckerei GmbH |
| **All Orgs** | Bundesdruckerei GmbH, IDsec Solutions, The Agency for Digital Government |
**Members:**
| Author | Organization | Drafts | In-Bloc Drafts |
|--------|-------------|-------:|--------------:|
| Micha Kraus | Bundesdruckerei GmbH | 2 | 2 |
| Paul Bastian | Bundesdruckerei GmbH | 2 | 2 |
| Peter Lee Altmann | The Agency for Digital Government | 2 | 2 |
| Stefan Santesson | IDsec Solutions | 2 | 2 |
**Shared Drafts:**
| Draft | Co-authors | Score | Categories |
|-------|----------:|------:|------------|
| [draft-bastian-jose-pkdh](https://datatracker.ietf.org/doc/draft-bastian-jose-pkdh/) | 4/4 | 2.9 | Data formats/interop |
| [draft-bastian-jose-dvs](https://datatracker.ietf.org/doc/draft-bastian-jose-dvs/) | 4/4 | 2.7 | Agent identity/auth, Data formats/interop |
---
### 15. JPMorgan Chase & Co team (4)
| | |
|---|---|
| **Members** | 4 |
| **Shared Drafts** | 2 |
| **Cohesion** | 100% |
| **Primary Org** | JPMorgan Chase & Co |
| **All Orgs** | Aryaka, JPMorgan Chase & Co, Oracle, Telefonica |
**Members:**
| Author | Organization | Drafts | In-Bloc Drafts |
|--------|-------------|-------:|--------------:|
| Diego Lopez | Telefonica | 4 | 2 |
| Ramki Krishnan | JPMorgan Chase & Co | 2 | 2 |
| A Prasad | Oracle | 2 | 2 |
| Srinivasa Addepalli | Aryaka | 2 | 2 |
**Shared Drafts:**
| Draft | Co-authors | Score | Categories |
|-------|----------:|------:|------------|
| [draft-mw-wimse-transitive-attestation](https://datatracker.ietf.org/doc/draft-mw-wimse-transitive-attestation/) | 4/4 | 4.3 | Agent identity/auth, AI safety/alignment |
| [draft-mw-spice-actor-chain](https://datatracker.ietf.org/doc/draft-mw-spice-actor-chain/) | 4/4 | 4.1 | Agent identity/auth, AI safety/alignment |
---
### 16. Cisco team (4)
| | |
|---|---|
| **Members** | 4 |
| **Shared Drafts** | 2 |
| **Cohesion** | 100% |
| **Primary Org** | Cisco |
**Members:**
| Author | Organization | Drafts | In-Bloc Drafts |
|--------|-------------|-------:|--------------:|
| Luca Muscariello | Cisco | 3 | 2 |
| Michele Papalini | Cisco | 2 | 2 |
| Mauro Sardara | Cisco | 2 | 2 |
| Sam Betts | Cisco | 2 | 2 |
**Shared Drafts:**
| Draft | Co-authors | Score | Categories |
|-------|----------:|------:|------------|
| [draft-mpsb-agntcy-messaging](https://datatracker.ietf.org/doc/draft-mpsb-agntcy-messaging/) | 4/4 | 2.6 | A2A protocols, Data formats/interop |
| [draft-mpsb-agntcy-slim](https://datatracker.ietf.org/doc/draft-mpsb-agntcy-slim/) | 4/4 | 2.8 | A2A protocols, Data formats/interop |
---
### 17. IBM team (4)
| | |
|---|---|
| **Members** | 4 |
| **Shared Drafts** | 2 |
| **Cohesion** | 100% |
| **Primary Org** | IBM |
| **All Orgs** | Consensys, IBM |
**Members:**
| Author | Organization | Drafts | In-Bloc Drafts |
|--------|-------------|-------:|--------------:|
| Sandeep Nishad | IBM | 2 | 2 |
| Ermyas Abebe | Consensys | 2 | 2 |
| Vinayaka Pandit | IBM | 2 | 2 |
| Venkatraman Ramakrishna | IBM | 2 | 2 |
**Shared Drafts:**
| Draft | Co-authors | Score | Categories |
|-------|----------:|------:|------------|
| [draft-ramakrishna-satp-views-addresses](https://datatracker.ietf.org/doc/draft-ramakrishna-satp-views-addresses/) | 4/4 | 3.4 | Data formats/interop, Agent identity/auth |
| [draft-ramakrishna-satp-data-sharing](https://datatracker.ietf.org/doc/draft-ramakrishna-satp-data-sharing/) | 4/4 | 2.9 | Data formats/interop, A2A protocols |
---
### 18. Cisco team (3)
| | |
|---|---|
| **Members** | 3 |
| **Shared Drafts** | 2 |
| **Cohesion** | 100% |
| **Primary Org** | Cisco |
| **All Orgs** | Cisco, lispers.net |
**Members:**
| Author | Organization | Drafts | In-Bloc Drafts |
|--------|-------------|-------:|--------------:|
| Dino Farinacci | lispers.net | 3 | 2 |
| Alberto Rodriguez-Natal | Cisco | 2 | 2 |
| Fabio Maino | Cisco | 2 | 2 |
**Shared Drafts:**
| Draft | Co-authors | Score | Categories |
|-------|----------:|------:|------------|
| [draft-ietf-lisp-nexagon](https://datatracker.ietf.org/doc/draft-ietf-lisp-nexagon/) | 3/3 | 4.0 | Autonomous netops, A2A protocols |
| [draft-moreno-lisp-uberlay](https://datatracker.ietf.org/doc/draft-moreno-lisp-uberlay/) | 3/3 | 3.6 | Data formats/interop, Autonomous netops |
---
### 19. Entrust Limited team (3)
| | |
|---|---|
| **Members** | 3 |
| **Shared Drafts** | 2 |
| **Cohesion** | 100% |
| **Primary Org** | Entrust Limited |
| **All Orgs** | Ciena, Entrust Limited, Sandelman Software Works |
**Members:**
| Author | Organization | Drafts | In-Bloc Drafts |
|--------|-------------|-------:|--------------:|
| Michael Richardson | Sandelman Software Works | 7 | 2 |
| Mike Ounsworth | Entrust Limited | 2 | 2 |
| Rifaat Shekh-Yusef | Ciena | 2 | 2 |
**Shared Drafts:**
| Draft | Co-authors | Score | Categories |
|-------|----------:|------:|------------|
| [draft-ietf-lamps-est-renewal-info](https://datatracker.ietf.org/doc/draft-ietf-lamps-est-renewal-info/) | 3/3 | 3.7 | Data formats/interop |
| [draft-yusef-lamps-rfc7030-renewal-recommendation](https://datatracker.ietf.org/doc/draft-yusef-lamps-rfc7030-renewal-recommendation/) | 3/3 | 2.8 | Data formats/interop |
---
### 20. Huawei team (3)
| | |
|---|---|
| **Members** | 3 |
| **Shared Drafts** | 2 |
| **Cohesion** | 100% |
| **Primary Org** | Huawei |
**Members:**
| Author | Organization | Drafts | In-Bloc Drafts |
|--------|-------------|-------:|--------------:|
| Faye Liu | Huawei | 3 | 2 |
| LUN LI | Huawei | 2 | 2 |
| Yurong Song | Huawei | 2 | 2 |
**Shared Drafts:**
| Draft | Co-authors | Score | Categories |
|-------|----------:|------:|------------|
| [draft-song-oauth-ai-agent-authorization](https://datatracker.ietf.org/doc/draft-song-oauth-ai-agent-authorization/) | 3/3 | 2.8 | Identity / authentication for AI agents, Policy / governance / ethical frameworks |
| [draft-song-oauth-ai-agent-collaborate-authz](https://datatracker.ietf.org/doc/draft-song-oauth-ai-agent-collaborate-authz/) | 3/3 | 3.5 | Agent identity/auth, A2A protocols |
---
### 21. AKAYLA, Inc. team (2)
| | |
|---|---|
| **Members** | 2 |
| **Shared Drafts** | 2 |
| **Cohesion** | 100% |
| **Primary Org** | AKAYLA, Inc. |
| **All Orgs** | AKAYLA, Inc., sn3rd |
**Members:**
| Author | Organization | Drafts | In-Bloc Drafts |
|--------|-------------|-------:|--------------:|
| Joe Mandel | AKAYLA, Inc. | 2 | 2 |
| Sean Turner | sn3rd | 2 | 2 |
**Shared Drafts:**
| Draft | Co-authors | Score | Categories |
|-------|----------:|------:|------------|
| [draft-ietf-lamps-rfc5274bis](https://datatracker.ietf.org/doc/draft-ietf-lamps-rfc5274bis/) | 2/2 | 3.1 | Data formats/interop |
| [draft-ietf-lamps-attestation-freshness](https://datatracker.ietf.org/doc/draft-ietf-lamps-attestation-freshness/) | 2/2 | 3.7 | Agent identity/auth |
---
### 22. Daejeon University team (2)
| | |
|---|---|
| **Members** | 2 |
| **Shared Drafts** | 2 |
| **Cohesion** | 100% |
| **Primary Org** | Daejeon University |
| **All Orgs** | Daejeon University, Huawei |
**Members:**
| Author | Organization | Drafts | In-Bloc Drafts |
|--------|-------------|-------:|--------------:|
| Qin Wu | Huawei | 3 | 2 |
| Yong-Geun Hong | Daejeon University | 2 | 2 |
**Shared Drafts:**
| Draft | Co-authors | Score | Categories |
|-------|----------:|------:|------------|
| [draft-wmz-nmrg-agent-ndt-arch](https://datatracker.ietf.org/doc/draft-wmz-nmrg-agent-ndt-arch/) | 2/2 | 4.2 | Autonomous netops, Model serving/inference |
| [draft-hong-nmrg-agenticai-ps](https://datatracker.ietf.org/doc/draft-hong-nmrg-agenticai-ps/) | 2/2 | 3.0 | Autonomous netops, A2A protocols |
---
### 23. National Security Institute, Virginia Tech team (2)
| | |
|---|---|
| **Members** | 2 |
| **Shared Drafts** | 2 |
| **Cohesion** | 100% |
| **Primary Org** | National Security Institute, Virginia Tech |
| **All Orgs** | Boeing, National Security Institute, Virginia Tech |
**Members:**
| Author | Organization | Drafts | In-Bloc Drafts |
|--------|-------------|-------:|--------------:|
| Fred Templin | Boeing | 3 | 2 |
| Daniel J. Jakubisin | National Security Institute, Virginia Tech | 2 | 2 |
**Shared Drafts:**
| Draft | Co-authors | Score | Categories |
|-------|----------:|------:|------------|
| [draft-templin-manet-inet-omni](https://datatracker.ietf.org/doc/draft-templin-manet-inet-omni/) | 2/2 | 2.5 | Autonomous netops, A2A protocols |
| [draft-templin-manet-inet](https://datatracker.ietf.org/doc/draft-templin-manet-inet/) | 2/2 | 2.0 | Other AI/agent |
---
### 24. InterDigital Europe team (2)
| | |
|---|---|
| **Members** | 2 |
| **Shared Drafts** | 2 |
| **Cohesion** | 100% |
| **Primary Org** | InterDigital Europe |
| **All Orgs** | InterDigital Europe, Universidad Carlos III de Madrid |
**Members:**
| Author | Organization | Drafts | In-Bloc Drafts |
|--------|-------------|-------:|--------------:|
| Alain Mourad | InterDigital Europe | 2 | 2 |
| Carlos J. Bernardos | Universidad Carlos III de Madrid | 2 | 2 |
**Shared Drafts:**
| Draft | Co-authors | Score | Categories |
|-------|----------:|------:|------------|
| [draft-bernardos-green-isac-uc](https://datatracker.ietf.org/doc/draft-bernardos-green-isac-uc/) | 2/2 | 2.5 | Autonomous netops, Other AI/agent |
| [draft-bernardos-cats-isac-uc](https://datatracker.ietf.org/doc/draft-bernardos-cats-isac-uc/) | 2/2 | 3.0 | Autonomous netops, ML traffic mgmt |
---
### 25. Amazon team (2)
| | |
|---|---|
| **Members** | 2 |
| **Shared Drafts** | 2 |
| **Cohesion** | 100% |
| **Primary Org** | Amazon |
| **All Orgs** | Amazon, University of Waterloo |
**Members:**
| Author | Organization | Drafts | In-Bloc Drafts |
|--------|-------------|-------:|--------------:|
| Panos Kampanakis | Amazon | 3 | 2 |
| Douglas Stebila | University of Waterloo | 2 | 2 |
**Shared Drafts:**
| Draft | Co-authors | Score | Categories |
|-------|----------:|------:|------------|
| [draft-ietf-sshm-mlkem-hybrid-kex](https://datatracker.ietf.org/doc/draft-ietf-sshm-mlkem-hybrid-kex/) | 2/2 | 4.2 | Data formats/interop |
| [draft-ietf-tls-ecdhe-mlkem](https://datatracker.ietf.org/doc/draft-ietf-tls-ecdhe-mlkem/) | 2/2 | 4.4 | Other AI/agent |
---
### 26. Fraunhofer SIT team (2)
| | |
|---|---|
| **Members** | 2 |
| **Shared Drafts** | 2 |
| **Cohesion** | 100% |
| **Primary Org** | Fraunhofer SIT |
| **All Orgs** | Fraunhofer SIT, Tradeverifyd |
**Members:**
| Author | Organization | Drafts | In-Bloc Drafts |
|--------|-------------|-------:|--------------:|
| Henk Birkholz | Fraunhofer SIT | 2 | 2 |
| Orie Steele | Tradeverifyd | 2 | 2 |
**Shared Drafts:**
| Draft | Co-authors | Score | Categories |
|-------|----------:|------:|------------|
| [draft-birkholz-verifiable-agent-conversations](https://datatracker.ietf.org/doc/draft-birkholz-verifiable-agent-conversations/) | 2/2 | 4.5 | AI safety/alignment, Data formats/interop |
| [draft-steele-agent-considerations](https://datatracker.ietf.org/doc/draft-steele-agent-considerations/) | 2/2 | 4.0 | Data formats/interop, Policy/governance |
---
### 27. Huawei team (2)
| | |
|---|---|
| **Members** | 2 |
| **Shared Drafts** | 2 |
| **Cohesion** | 100% |
| **Primary Org** | Huawei |
**Members:**
| Author | Organization | Drafts | In-Bloc Drafts |
|--------|-------------|-------:|--------------:|
| Arashmid Akhavain | Huawei | 3 | 2 |
| Chenchen Yang | Huawei | 2 | 2 |
**Shared Drafts:**
| Draft | Co-authors | Score | Categories |
|-------|----------:|------:|------------|
| [draft-yue-moq-transporting-sensing-data](https://datatracker.ietf.org/doc/draft-yue-moq-transporting-sensing-data/) | 2/2 | 3.4 | ML traffic mgmt, Data formats/interop |
| [draft-hw-ai-agent-6g](https://datatracker.ietf.org/doc/draft-hw-ai-agent-6g/) | 2/2 | 3.1 | Agent-to-agent communication protocols, Autonomous network operations |
---
### 28. ICANN team (2)
| | |
|---|---|
| **Members** | 2 |
| **Shared Drafts** | 2 |
| **Cohesion** | 100% |
| **Primary Org** | ICANN |
| **All Orgs** | ICANN, audriga |
**Members:**
| Author | Organization | Drafts | In-Bloc Drafts |
|--------|-------------|-------:|--------------:|
| Arnt Gulbrandsen | ICANN | 2 | 2 |
| Hans-Jörg Happel | audriga | 2 | 2 |
**Shared Drafts:**
| Draft | Co-authors | Score | Categories |
|-------|----------:|------:|------------|
| [draft-ietf-sml-trust](https://datatracker.ietf.org/doc/draft-ietf-sml-trust/) | 2/2 | 3.5 | Data formats/interop, AI safety/alignment |
| [draft-happel-structured-email-trust](https://datatracker.ietf.org/doc/draft-happel-structured-email-trust/) | 2/2 | 2.9 | Data formats/interop, Agent identity/auth |
---
### 29. China Unicom team (2)
| | |
|---|---|
| **Members** | 2 |
| **Shared Drafts** | 2 |
| **Cohesion** | 100% |
| **Primary Org** | China Unicom |
**Members:**
| Author | Organization | Drafts | In-Bloc Drafts |
|--------|-------------|-------:|--------------:|
| ZhangYutao | China Unicom | 2 | 2 |
| Lin Zhu | China Unicom | 2 | 2 |
**Shared Drafts:**
| Draft | Co-authors | Score | Categories |
|-------|----------:|------:|------------|
| [draft-zhul-intarea-bnc-up-specific-suboption](https://datatracker.ietf.org/doc/draft-zhul-intarea-bnc-up-specific-suboption/) | 2/2 | 2.9 | Other AI/agent |
| [draft-zhul-dhc-bnc-up-specific-suboption](https://datatracker.ietf.org/doc/draft-zhul-dhc-bnc-up-specific-suboption/) | 2/2 | 2.7 | Other AI/agent |
---
### 30. China Unicom team (2)
| | |
|---|---|
| **Members** | 2 |
| **Shared Drafts** | 2 |
| **Cohesion** | 100% |
| **Primary Org** | China Unicom |
**Members:**
| Author | Organization | Drafts | In-Bloc Drafts |
|--------|-------------|-------:|--------------:|
| Yi Yue | China Unicom | 3 | 2 |
| Xuebei Zhang | China Unicom | 2 | 2 |
**Shared Drafts:**
| Draft | Co-authors | Score | Categories |
|-------|----------:|------:|------------|
| [draft-yue-anima-agent-recovery-networks](https://datatracker.ietf.org/doc/draft-yue-anima-agent-recovery-networks/) | 2/2 | 4.1 | Autonomous netops, A2A protocols |
| [draft-zhang-agent-gap-network](https://datatracker.ietf.org/doc/draft-zhang-agent-gap-network/) | 2/2 | 3.0 | Agent-to-agent communication protocols, Autonomous network operations |
---
### 31. Apple team (2)
| | |
|---|---|
| **Members** | 2 |
| **Shared Drafts** | 2 |
| **Cohesion** | 100% |
| **Primary Org** | Apple |
**Members:**
| Author | Organization | Drafts | In-Bloc Drafts |
|--------|-------------|-------:|--------------:|
| Matt Diephouse | Apple | 2 | 2 |
| Daniel Eggert | Apple | 2 | 2 |
**Shared Drafts:**
| Draft | Co-authors | Score | Categories |
|-------|----------:|------:|------------|
| [draft-ietf-mailmaint-pacc](https://datatracker.ietf.org/doc/draft-ietf-mailmaint-pacc/) | 2/2 | 2.4 | Data formats/interop |
| [draft-eggert-mailmaint-uaautoconf](https://datatracker.ietf.org/doc/draft-eggert-mailmaint-uaautoconf/) | 2/2 | 3.6 | Agent discovery/reg, Data formats/interop |
---
### 32. Okta team (2)
| | |
|---|---|
| **Members** | 2 |
| **Shared Drafts** | 2 |
| **Cohesion** | 100% |
| **Primary Org** | Okta |
**Members:**
| Author | Organization | Drafts | In-Bloc Drafts |
|--------|-------------|-------:|--------------:|
| Rafael S. Cohen | Okta | 2 | 2 |
| Macy Abbey | Okta | 2 | 2 |
**Shared Drafts:**
| Draft | Co-authors | Score | Categories |
|-------|----------:|------:|------------|
| [draft-abbey-scim-agent-extension](https://datatracker.ietf.org/doc/draft-abbey-scim-agent-extension/) | 2/2 | 3.8 | Agent identity/auth, Data formats/interop |
| [draft-scim-agent-extension](https://datatracker.ietf.org/doc/draft-scim-agent-extension/) | 2/2 | 3.7 | Agent identity/auth, Data formats/interop |
---
### 33. ICT, CAS team (2)
| | |
|---|---|
| **Members** | 2 |
| **Shared Drafts** | 2 |
| **Cohesion** | 100% |
| **Primary Org** | ICT, CAS |
| **All Orgs** | CNIC, CAS, ICT, CAS |
**Members:**
| Author | Organization | Drafts | In-Bloc Drafts |
|--------|-------------|-------:|--------------:|
| ShengSun | ICT, CAS | 2 | 2 |
| Xinyi Zhang | CNIC, CAS | 2 | 2 |
**Shared Drafts:**
| Draft | Co-authors | Score | Categories |
|-------|----------:|------:|------------|
| [draft-sun-zhang-iaip](https://datatracker.ietf.org/doc/draft-sun-zhang-iaip/) | 2/2 | 3.2 | A2A protocols, Agent discovery/reg |
| [draft-sz-dmsc-iaip](https://datatracker.ietf.org/doc/draft-sz-dmsc-iaip/) | 2/2 | 3.3 | A2A protocols, Agent discovery/reg |
---
## Cross-Bloc Connections
*Authors who bridge between different blocs or connect blocs to the wider community.*
| Bloc Author | Bloc | External Author | Their Affiliation | Shared |
|-------------|------|-----------------|-------------------|-------:|
| Jonathan Rosenberg | Bitwave team (2) | Cullen Fluffy Jennings | Cisco team (2) | 3 |
| Cullen Fluffy Jennings | Cisco team (2) | Pat White | Bitwave team (2) | 2 |
| Yong Cui | Zhongguancun Laboratory team (4) | Xiaohui Xie | (independent) | 2 |
| Aijun Wang | China Telecom team (6) | Xueting Li | (independent) | 2 |

58
data/reports/timeline.md
View File

@@ -1,33 +1,53 @@
# IETF AI/Agent Drafts Timeline
*Generated 2026-02-28 10:27 UTC — 260 drafts across 9 months*
*Generated 2026-03-03 19:59 UTC — 361 drafts across 19 months*
## Monthly Submission Volume
```
2025-06 | # 2
2025-07 | ## 4
2025-08 | ### 7
2025-09 | ##### 10
2025-10 | ########################### 50
2025-11 | ############################ 51
2025-12 | ####### 13
2026-01 | ############################ 51
2026-02 | ######################################## 72
2024-01 | # 3
2024-02 | 1
2024-04 | 1
2024-09 | 2
2024-10 | 1
2024-12 | 1
2025-01 | # 4
2025-04 | ## 5
2025-05 | 2
2025-06 | ## 5
2025-07 | ## 5
2025-08 | ### 8
2025-09 | ####### 17
2025-10 | ############################### 67
2025-11 | ############################ 61
2025-12 | ####### 16
2026-01 | ######################### 54
2026-02 | ######################################## 86
2026-03 | ########## 22
```
## Category Breakdown by Month
| Month | A2A protocol | AI safety / | AI safety/al | Agent discov | Agent discov | Agent identi | Agent-to-age | Autonomous n | Autonomous n | Data formats | Data formats | Human-agent | Identity / a | ML traffic m | ML-based tra | Model servin | Other AI/age | Policy / gov | Policy/gover | Total |
|---------|------------- | ------------- | ------------- | ------------- | ------------- | ------------- | ------------- | ------------- | ------------- | ------------- | ------------- | ------------- | ------------- | ------------- | ------------- | ------------- | ------------- | ------------- | ------------- | -----:|
| 2025-06 | 1 | 0 | 0 | 0 | 0 | 2 | 0 | 1 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 1 | 2 |
| 2025-07 | 2 | 0 | 1 | 0 | 1 | 2 | 0 | 0 | 0 | 0 | 1 | 1 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 4 |
| 2025-08 | 0 | 0 | 0 | 0 | 0 | 2 | 0 | 2 | 0 | 0 | 5 | 0 | 0 | 0 | 0 | 0 | 2 | 0 | 2 | 7 |
| 2025-09 | 3 | 0 | 2 | 0 | 2 | 2 | 0 | 4 | 0 | 0 | 6 | 1 | 0 | 0 | 0 | 0 | 0 | 0 | 3 | 10 |
| 2025-10 | 22 | 0 | 5 | 2 | 13 | 23 | 2 | 12 | 0 | 1 | 24 | 6 | 1 | 4 | 0 | 2 | 5 | 0 | 7 | 50 |
| 2025-11 | 19 | 0 | 7 | 2 | 15 | 19 | 3 | 14 | 1 | 0 | 21 | 7 | 2 | 6 | 0 | 3 | 2 | 0 | 10 | 51 |
| 2025-12 | 2 | 0 | 3 | 1 | 2 | 7 | 0 | 3 | 0 | 0 | 4 | 0 | 1 | 1 | 0 | 1 | 2 | 0 | 4 | 13 |
| 2026-01 | 12 | 0 | 7 | 7 | 8 | 14 | 9 | 9 | 4 | 2 | 15 | 2 | 4 | 6 | 1 | 4 | 3 | 1 | 12 | 51 |
| 2026-02 | 31 | 1 | 11 | 2 | 16 | 27 | 2 | 15 | 0 | 0 | 26 | 5 | 5 | 6 | 0 | 3 | 7 | 1 | 21 | 72 |
| 2024-01 | 0 | 0 | 1 | 0 | 0 | 1 | 0 | 0 | 0 | 0 | 1 | 0 | 0 | 0 | 0 | 0 | 1 | 0 | 1 | 3 |
| 2024-02 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 1 | 0 | 0 | 0 | 0 | 0 | 1 | 0 | 0 | 0 | 0 | 0 | 1 |
| 2024-04 | 1 | 0 | 0 | 0 | 0 | 0 | 0 | 1 | 0 | 0 | 1 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 1 |
| 2024-09 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 1 | 0 | 0 | 0 | 0 | 0 | 1 | 0 | 0 | 0 | 0 | 1 | 2 |
| 2024-10 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 1 | 0 | 1 | 0 | 0 | 0 | 1 |
| 2024-12 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 1 | 0 | 0 | 1 |
| 2025-01 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 2 | 0 | 0 | 4 | 0 | 2 | 0 | 0 | 0 | 4 |
| 2025-04 | 0 | 0 | 1 | 0 | 0 | 1 | 0 | 1 | 0 | 0 | 2 | 0 | 0 | 1 | 0 | 1 | 0 | 0 | 3 | 5 |
| 2025-05 | 0 | 0 | 0 | 0 | 1 | 0 | 0 | 0 | 0 | 0 | 1 | 1 | 0 | 0 | 0 | 0 | 0 | 0 | 2 | 2 |
| 2025-06 | 1 | 0 | 0 | 0 | 0 | 2 | 0 | 3 | 0 | 0 | 1 | 0 | 0 | 3 | 0 | 1 | 0 | 0 | 1 | 5 |
| 2025-07 | 2 | 0 | 2 | 0 | 1 | 2 | 0 | 0 | 0 | 0 | 2 | 1 | 0 | 0 | 0 | 0 | 0 | 0 | 1 | 5 |
| 2025-08 | 0 | 0 | 0 | 0 | 0 | 2 | 0 | 2 | 0 | 0 | 6 | 1 | 0 | 0 | 0 | 0 | 2 | 0 | 3 | 8 |
| 2025-09 | 4 | 0 | 4 | 0 | 3 | 3 | 0 | 6 | 0 | 0 | 11 | 1 | 0 | 4 | 0 | 1 | 0 | 0 | 6 | 17 |
| 2025-10 | 26 | 0 | 5 | 2 | 13 | 23 | 2 | 19 | 0 | 1 | 35 | 7 | 1 | 13 | 0 | 9 | 5 | 0 | 10 | 67 |
| 2025-11 | 26 | 0 | 7 | 2 | 16 | 21 | 3 | 17 | 1 | 0 | 25 | 9 | 2 | 9 | 0 | 4 | 2 | 0 | 15 | 61 |
| 2025-12 | 2 | 0 | 3 | 1 | 3 | 7 | 0 | 4 | 0 | 0 | 6 | 1 | 1 | 3 | 0 | 1 | 2 | 0 | 6 | 16 |
| 2026-01 | 13 | 0 | 8 | 7 | 8 | 14 | 9 | 12 | 4 | 2 | 15 | 2 | 4 | 7 | 1 | 5 | 4 | 1 | 13 | 54 |
| 2026-02 | 36 | 1 | 12 | 2 | 17 | 29 | 2 | 18 | 0 | 0 | 32 | 6 | 5 | 15 | 0 | 8 | 8 | 1 | 23 | 86 |
| 2026-03 | 9 | 0 | 1 | 0 | 3 | 3 | 0 | 8 | 0 | 0 | 5 | 1 | 0 | 11 | 0 | 9 | 1 | 0 | 6 | 22 |
## Trends

72
data/reports/trends.md Normal file
View File

@@ -0,0 +1,72 @@
# Category Trend Analysis
*Generated 2026-03-03 19:59 UTC — 361 drafts, 19 months, 19 categories*
## Growth Summary
| Category | Total | Last 3mo | Prev 3mo | Growth |
|----------|------:|---------:|---------:|-------:|
| A2A protocols | 120 | 58 | 54 | +7% |
| AI safety / guardrails / alignment | 1 | 1 | 0 | new |
| AI safety/alignment | 44 | 21 | 15 | +40% |
| Agent discovery / registration | 14 | 9 | 5 | +80% |
| Agent discovery/reg | 65 | 28 | 32 | -12% |
| Agent identity/auth | 108 | 46 | 51 | -10% |
| Agent-to-agent communication protocols | 16 | 11 | 5 | +120% |
| Autonomous netops | 93 | 38 | 40 | -5% |
| Autonomous network operations | 5 | 4 | 1 | +300% |
| Data formats / semantics for AI interop | 3 | 2 | 1 | +100% |
| Data formats/interop | 145 | 52 | 66 | -21% |
| Human-agent interaction | 30 | 9 | 17 | -47% |
| Identity / authentication for AI agents | 13 | 9 | 4 | +125% |
| ML traffic mgmt | 73 | 33 | 25 | +32% |
| ML-based traffic management / optimization | 1 | 1 | 0 | new |
| Model serving/inference | 42 | 22 | 14 | +57% |
| Other AI/agent | 26 | 13 | 9 | +44% |
| Policy / governance / ethical frameworks | 2 | 2 | 0 | new |
| Policy/governance | 91 | 42 | 31 | +35% |
## Monthly Breakdown
| Month | A2A protocols | AI safety / gua | AI safety/align | Agent discovery | Agent discovery | Agent identity/ | Agent-to-agent | Autonomous neto | Autonomous netw | Data formats / | Data formats/in | Human-agent int | Identity / auth | ML traffic mgmt | ML-based traffi | Model serving/i | Other AI/agent | Policy / govern | Policy/governan | Total |
|-------|---: | ---: | ---: | ---: | ---: | ---: | ---: | ---: | ---: | ---: | ---: | ---: | ---: | ---: | ---: | ---: | ---: | ---: | ---: | -----:|
| 2024-01 | 0 | 0 | 1 | 0 | 0 | 1 | 0 | 0 | 0 | 0 | 1 | 0 | 0 | 0 | 0 | 0 | 1 | 0 | 1 | 5 |
| 2024-02 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 1 | 0 | 0 | 0 | 0 | 0 | 1 | 0 | 0 | 0 | 0 | 0 | 2 |
| 2024-04 | 1 | 0 | 0 | 0 | 0 | 0 | 0 | 1 | 0 | 0 | 1 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 3 |
| 2024-09 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 1 | 0 | 0 | 0 | 0 | 0 | 1 | 0 | 0 | 0 | 0 | 1 | 3 |
| 2024-10 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 1 | 0 | 1 | 0 | 0 | 0 | 2 |
| 2024-12 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 1 | 0 | 0 | 1 |
| 2025-01 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 2 | 0 | 0 | 4 | 0 | 2 | 0 | 0 | 0 | 8 |
| 2025-04 | 0 | 0 | 1 | 0 | 0 | 1 | 0 | 1 | 0 | 0 | 2 | 0 | 0 | 1 | 0 | 1 | 0 | 0 | 3 | 10 |
| 2025-05 | 0 | 0 | 0 | 0 | 1 | 0 | 0 | 0 | 0 | 0 | 1 | 1 | 0 | 0 | 0 | 0 | 0 | 0 | 2 | 5 |
| 2025-06 | 1 | 0 | 0 | 0 | 0 | 2 | 0 | 3 | 0 | 0 | 1 | 0 | 0 | 3 | 0 | 1 | 0 | 0 | 1 | 12 |
| 2025-07 | 2 | 0 | 2 | 0 | 1 | 2 | 0 | 0 | 0 | 0 | 2 | 1 | 0 | 0 | 0 | 0 | 0 | 0 | 1 | 11 |
| 2025-08 | 0 | 0 | 0 | 0 | 0 | 2 | 0 | 2 | 0 | 0 | 6 | 1 | 0 | 0 | 0 | 0 | 2 | 0 | 3 | 16 |
| 2025-09 | 4 | 0 | 4 | 0 | 3 | 3 | 0 | 6 | 0 | 0 | 11 | 1 | 0 | 4 | 0 | 1 | 0 | 0 | 6 | 43 |
| 2025-10 | 26 | 0 | 5 | 2 | 13 | 23 | 2 | 19 | 0 | 1 | 35 | 7 | 1 | 13 | 0 | 9 | 5 | 0 | 10 | 171 |
| 2025-11 | 26 | 0 | 7 | 2 | 16 | 21 | 3 | 17 | 1 | 0 | 25 | 9 | 2 | 9 | 0 | 4 | 2 | 0 | 15 | 159 |
| 2025-12 | 2 | 0 | 3 | 1 | 3 | 7 | 0 | 4 | 0 | 0 | 6 | 1 | 1 | 3 | 0 | 1 | 2 | 0 | 6 | 40 |
| 2026-01 | 13 | 0 | 8 | 7 | 8 | 14 | 9 | 12 | 4 | 2 | 15 | 2 | 4 | 7 | 1 | 5 | 4 | 1 | 13 | 129 |
| 2026-02 | 36 | 1 | 12 | 2 | 17 | 29 | 2 | 18 | 0 | 0 | 32 | 6 | 5 | 15 | 0 | 8 | 8 | 1 | 23 | 215 |
| 2026-03 | 9 | 0 | 1 | 0 | 3 | 3 | 0 | 8 | 0 | 0 | 5 | 1 | 0 | 11 | 0 | 9 | 1 | 0 | 6 | 57 |
## Fastest Growing Categories (early vs late half)
- **AI safety / guardrails / alignment**: new (0 -> 1 drafts)
- **Agent discovery / registration**: new (0 -> 14 drafts)
- **Agent-to-agent communication protocols**: new (0 -> 16 drafts)
- **Autonomous network operations**: new (0 -> 5 drafts)
- **Data formats / semantics for AI interop**: new (0 -> 3 drafts)
- **Identity / authentication for AI agents**: new (0 -> 13 drafts)
- **ML-based traffic management / optimization**: new (0 -> 1 drafts)
- **Policy / governance / ethical frameworks**: new (0 -> 2 drafts)
- **A2A protocols**: +11800% (1 -> 119 drafts)
- **Agent discovery/reg**: +6300% (1 -> 64 drafts)
- **Agent identity/auth**: +5200% (2 -> 106 drafts)
- **Human-agent interaction**: +2800% (1 -> 29 drafts)
- **Autonomous netops**: +2125% (4 -> 89 drafts)
- **AI safety/alignment**: +2000% (2 -> 42 drafts)
- **Data formats/interop**: +1871% (7 -> 138 drafts)
- **Other AI/agent**: +1100% (2 -> 24 drafts)
- **Policy/governance**: +1100% (7 -> 84 drafts)
- **Model serving/inference**: +850% (4 -> 38 drafts)
- **ML traffic mgmt**: +712% (8 -> 65 drafts)