c/ietf-draft-analyzer
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
02049c37a8ea1938db5edcd8a80405d93b94d75a
ietf-draft-analyzer/data/reports/gaps.md
Christian Nennemann d6beb9c0a0 v0.3.0: Gap-to-Draft pipeline, Living Standards Observatory, blog series 
Gap-to-Draft Pipeline (ietf pipeline):
- Context builder assembles ideas, RFC foundations, similar drafts, ecosystem vision
- Generator produces outlines + sections using rich context with Claude
- Quality gates: novelty (embedding similarity), references, format, self-rating
- Family coordinator generates 5-draft ecosystem (AEM/ATD/HITL/AEPB/APAE)
- I-D formatter with proper headers, references, 72-char wrapping

Living Standards Observatory (ietf observatory):
- Source abstraction with IETF + W3C fetchers
- 7-step update pipeline: snapshot, fetch, analyze, embed, ideas, gaps, record
- Static GitHub Pages dashboard (explorer, gap tracker, timeline)
- Weekly CI/CD automation via GitHub Actions

Also includes:
- 361 drafts (expanded from 260 with 6 new keywords), 403 authors, 1,262 ideas, 12 gaps
- Blog series (8 posts planned), reports, arXiv paper figures
- Agent team infrastructure (CLAUDE.md, scripts, dev journal)
- 5 new DB tables, schema migration, ~15 new query methods

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-04 00:48:57 +01:00

43 KiB
Raw Blame History

Gap Analysis: IETF AI/Agent Draft Landscape

Generated 2026-03-03 19:58 UTC — analyzing 361 drafts, 1780 technical ideas

Overview

This report identifies 12 gaps — areas, problems, or technical challenges not adequately addressed by the current 361 IETF AI/agent drafts. Each gap is cross-referenced with related drafts and extracted technical ideas to show partial coverage.

Severity Count
CRITICAL 3
HIGH 6
MEDIUM 3

Safety Deficit

Only 44 of 361 drafts address AI safety/alignment, while 120 focus on A2A protocols and 93 on autonomous operations. The ratio of capability-building to safety is roughly 4:1.

1. Agent Behavior Verification
Severity CRITICAL
Category AI safety/alignment
Drafts in category 44

While many drafts address agent identity and authentication, few tackle how to verify that an agent is actually behaving according to its declared capabilities and policies. There's a critical gap in runtime behavioral attestation and compliance monitoring mechanisms.

Evidence: High overlap in identity/auth (108 drafts) but only 44 drafts on safety/alignment, with no specific focus on behavioral verification

Related Drafts

Keyword matches (drafts mentioning gap topic):

Top-rated in AI safety/alignment (44 drafts):

  • draft-cowles-volt (4.8) — Defines tamper-evident execution trace format for AI agent workflows using hash chains and cryptogra
  • draft-aylward-daap-v2 (4.8) — Defines comprehensive protocol for AI agent accountability including authentication, monitoring, and
  • draft-guy-bary-stamp-protocol (4.6) — Defines STAMP protocol for cryptographic delegation and proof in AI agent systems. Provides task-bou
  • draft-drake-email-tpm-attestation (4.6) — Defines hardware attestation for email using TPM verification chains to prevent spam and provide Syb
  • draft-goswami-agentic-jwt (4.5) — Extends OAuth 2.0 with Agentic JWT to address authorization challenges in autonomous AI systems. Int

Partially Addressing Ideas

53 extracted ideas touch on this gap:

Idea Draft Type
Verifiable Agent Behavior Attestation draft-birkholz-verifiable-agent-conversations requirement
Behavioral Trustworthiness Assessment draft-chen-agent-decoupled-authorization-model mechanism
Multi-Vendor TEE Attestation (M-TACE) draft-aylward-aiga-1 mechanism
Multi-Vendor TEE Attestation (M-TACE) draft-aylward-aiga-2 mechanism
Cryptographic Identity Verification draft-aylward-daap-v2 mechanism
Behavioral Monitoring Framework draft-aylward-daap-v2 mechanism
Post-Discovery Authorization Handshake draft-barney-caam protocol
Five Enforcement Pillars with Typed Schemas draft-berlinai-vera pattern

...and 45 more

2. Cross-Domain Agent Liability
Severity CRITICAL
Category Policy/governance
Drafts in category 91

When autonomous agents operate across organizational boundaries and cause harm or make decisions with legal implications, there's no standardized framework for liability attribution. The policy/governance drafts don't address cross-jurisdictional legal accountability.

Evidence: 91 policy/governance drafts but legal liability for cross-domain autonomous actions remains unaddressed

Related Drafts

Keyword matches (drafts mentioning gap topic):

Top-rated in Policy/governance (91 drafts):

  • draft-cowles-volt (4.8) — Defines tamper-evident execution trace format for AI agent workflows using hash chains and cryptogra
  • draft-aylward-daap-v2 (4.8) — Defines comprehensive protocol for AI agent accountability including authentication, monitoring, and
  • draft-goswami-agentic-jwt (4.5) — Extends OAuth 2.0 with Agentic JWT to address authorization challenges in autonomous AI systems. Int
  • draft-wang-cats-odsi (4.5) — Specifies framework for decentralized LLM inference across untrusted participants with layer-aware e
  • draft-birkholz-verifiable-agent-conversations (4.5) — Defines CDDL-based data format for verifiable agent conversation records using COSE signing. Support

Partially Addressing Ideas

26 extracted ideas touch on this gap:

Idea Draft Type
Cross-Domain Agent Identity Management draft-abbey-scim-agent-extension protocol
Multi-level Inference Protocol draft-chuyi-nmrg-agentic-network-inference protocol
Cross-Domain Agent Coordination draft-chuyi-nmrg-agentic-network-inference mechanism
Cross-Domain Agent Discovery draft-cui-dmsc-agent-cdi mechanism
Federated Agent Identity Framework draft-cui-dmsc-agent-cdi architecture
Agent Capability Negotiation Protocol draft-cui-dmsc-agent-cdi protocol
Federated Policy Enforcement draft-cui-dmsc-agent-cdi architecture
Cross-Domain Authorization Information Sharing draft-diaconu-agents-authz-info-sharing mechanism

...and 18 more

3. Human Override Protocols
Severity CRITICAL
Category Human-agent interaction
Drafts in category 30

Critical gap in standardized protocols for humans to safely interrupt, override, or take control of autonomous agents in emergency situations. Only 30 drafts address human-agent interaction, with no focus on emergency takeover procedures.

Evidence: Only 30 human-agent interaction drafts compared to 213+ autonomous operation drafts, with no emergency override standards

Related Drafts

Keyword matches (drafts mentioning gap topic):

Top-rated in Human-agent interaction (30 drafts):

Partially Addressing Ideas

7 extracted ideas touch on this gap:

Idea Draft Type
LLM-Human Collaborative Framework draft-irtf-nmrg-llm-nm architecture
CHEQ Protocol draft-rosenberg-aiproto-cheq protocol
Signed Confirmation Objects draft-rosenberg-aiproto-cheq mechanism
Cross-Protocol Integration Pattern draft-rosenberg-aiproto-cheq pattern
CHEQ Protocol draft-rosenberg-cheq protocol
Signed Decision Objects draft-rosenberg-cheq mechanism
Protocol Integration Pattern draft-rosenberg-cheq pattern

4. Agent Resource Exhaustion Protection
Severity HIGH
Category Autonomous netops
Drafts in category 93

Missing standardized mechanisms to prevent malicious or poorly designed agents from consuming excessive network, compute, or storage resources. Current drafts focus on traffic management but not on agent-specific resource quotas and enforcement.

Evidence: 93 autonomous netops drafts and 73 ML traffic management drafts lack agent-specific resource protection mechanisms

Related Drafts

Keyword matches (drafts mentioning gap topic):

Top-rated in Autonomous netops (93 drafts):

Partially Addressing Ideas

40 extracted ideas touch on this gap:

Idea Draft Type
Agent Resource Type draft-abbey-scim-agent-extension extension
Agentic Application Resource Type draft-abbey-scim-agent-extension extension
Collaborative Inference Acceleration (KDN) draft-agent-gw mechanism
Data and Agent Aware-Inference and Training Network (DA-ITN) draft-akhavain-moussa-ai-network architecture
Agent-to-Agent (A2A) Communication Paradigm draft-an-nmrg-i2icf-cits protocol
Network-Level Quarantine Protocol draft-aylward-aiga-1 protocol
Agent Task Negotiation draft-cui-ai-agent-task protocol
Multi-Agent Security Protection draft-fu-nmop-agent-communication-framework mechanism

...and 32 more

5. Agent-Generated Data Provenance
Severity HIGH
Category Data formats/interop
Drafts in category 145

While 145 drafts address data formats for AI interop, there's insufficient attention to tracking the provenance and lineage of data generated by agents. This creates trust and auditability issues in agent-to-agent data exchanges.

Evidence: 145 data format drafts with high overlap but no clear standards for agent-generated data provenance tracking

Related Drafts

Keyword matches (drafts mentioning gap topic):

Top-rated in Data formats/interop (145 drafts):

Partially Addressing Ideas

4 extracted ideas touch on this gap:

Idea Draft Type
Context-Enhanced Training Data draft-improving-data-quality-tags extension
Training Data Provenance Claims draft-messous-eat-ai mechanism
Sentinel Evidence Package draft-reilly-sentinel-protocol architecture
AI Lifecycle Provenance Tracking draft-reilly-sentinel-protocol architecture

6. Agent Capability Degradation Handling
Severity HIGH
Category AI safety/alignment
Drafts in category 44

No standardized approaches for detecting and handling when an agent's capabilities degrade due to model drift, data corruption, or hardware issues. Systems need graceful degradation protocols rather than silent failures.

Evidence: Only 44 safety/alignment drafts don't address capability degradation, while 213+ drafts assume stable agent performance

Related Drafts

Keyword matches (drafts mentioning gap topic):

Top-rated in AI safety/alignment (44 drafts):

  • draft-cowles-volt (4.8) — Defines tamper-evident execution trace format for AI agent workflows using hash chains and cryptogra
  • draft-aylward-daap-v2 (4.8) — Defines comprehensive protocol for AI agent accountability including authentication, monitoring, and
  • draft-guy-bary-stamp-protocol (4.6) — Defines STAMP protocol for cryptographic delegation and proof in AI agent systems. Provides task-bou
  • draft-drake-email-tpm-attestation (4.6) — Defines hardware attestation for email using TPM verification chains to prevent spam and provide Syb
  • draft-goswami-agentic-jwt (4.5) — Extends OAuth 2.0 with Agentic JWT to address authorization challenges in autonomous AI systems. Int

Partially Addressing Ideas

45 extracted ideas touch on this gap:

Idea Draft Type
Semantic Routing draft-agent-gw mechanism
Semantic Routing draft-ainp-protocol mechanism
Capability-based Discovery draft-ainp-protocol pattern
Complex Delegation Relationship Management draft-chen-ai-agent-auth-new-requirements architecture
Capability-Based Discovery Mechanism draft-cui-ai-agent-discovery-invocation mechanism
Agent Capability Negotiation Protocol draft-cui-dmsc-agent-cdi protocol
Agent Capability-Based Routing draft-du-catalist-routing-considerations mechanism
Agent Monitoring and Tracking draft-fu-nmop-agent-communication-framework mechanism

...and 37 more

7. Multi-Agent Coordination Deadlocks
Severity HIGH
Category A2A protocols
Drafts in category 120

With 120+ A2A protocol drafts, there's insufficient attention to preventing deadlock situations where multiple agents create circular dependencies or resource conflicts. Missing are standardized deadlock detection and resolution mechanisms.

Evidence: 120 A2A protocol drafts with high internal overlap but no systematic deadlock prevention frameworks

Related Drafts

Keyword matches (drafts mentioning gap topic):

Top-rated in A2A protocols (120 drafts):

Partially Addressing Ideas

11 extracted ideas touch on this gap:

Idea Draft Type
Multi-Agent Task Coordination draft-du-ai-agent-communication-6g-aspect mechanism
AI Gateway draft-fu-nmop-agent-communication-framework architecture
DMSC Infrastructure Architecture draft-li-dmsc-inf-architecture architecture
Multi-agent Collaboration Protocol Suite draft-li-dmsc-macp protocol
Task-based Multi-Agent Coordination draft-li-dmsc-mcps-agw pattern
Cognitive Networking Substrate draft-li-semantic-routing-architecture architecture
Agent Communication Use Cases draft-stephan-ai-agent-6g pattern
Structured Responsibility and Traceability Architecture (SRTA) draft-takagi-srta-trinity architecture

...and 3 more

8. Agent Privacy Preservation
Severity HIGH
Category Agent identity/auth
Drafts in category 108

Agents often process sensitive data but current drafts don't adequately address privacy-preserving computation, differential privacy, or secure multi-party computation for agent interactions. This is critical for deployment in regulated industries.

Evidence: 108 identity/auth drafts focus on authentication but lack privacy preservation mechanisms for agent data processing

Related Drafts

Keyword matches (drafts mentioning gap topic):

Top-rated in Agent identity/auth (108 drafts):

Partially Addressing Ideas

11 extracted ideas touch on this gap:

Idea Draft Type
Agent Card Structure draft-nandakumar-agent-sd-jwt protocol
Pseudonymous Key Generation draft-bradleylundberg-cfrg-arkg mechanism
Privacy-Preserving Human Tokens draft-dhir-http-agent-profile mechanism
Cryptographic Erasure Compliance draft-gaikwad-aps-profile mechanism
Privacy-Respecting Capability Attestation draft-huang-rats-agentic-eat-cap-attest pattern
Differential Privacy for Agent Models draft-kale-agntcy-federated-privacy mechanism
Agent Identity Preservation draft-liu-oauth-a2a-profile pattern
Inference-Time Data Access Policy Claims draft-messous-eat-ai mechanism

...and 3 more

9. Agent Firmware/Model Update Security
Severity HIGH
Category Model serving/inference
Drafts in category 42

While model serving is addressed in 42 drafts, there's insufficient focus on secure update mechanisms for agent models and firmware. Missing are standards for cryptographically verified, rollback-capable agent updates.

Evidence: 42 model serving drafts but no comprehensive security standards for agent software/model updates

Related Drafts

Keyword matches (drafts mentioning gap topic):

Top-rated in Model serving/inference (42 drafts):

Partially Addressing Ideas

79 extracted ideas touch on this gap:

Idea Draft Type
Multi-layered Security Architecture draft-aylward-daap-v2 architecture
VERA Zero Trust Reference Architecture draft-berlinai-vera architecture
Evidence-Based Maturity Runtime draft-berlinai-vera mechanism
Five Enforcement Pillars with Typed Schemas draft-berlinai-vera pattern
AI Agent Structured Threat Model draft-berlinai-vera requirement
Cryptographic Proof-Based Autonomy draft-berlinai-vera mechanism
Pseudonymous Key Generation draft-bradleylundberg-cfrg-arkg mechanism
Multi-Agent Security Protection draft-fu-nmop-agent-communication-framework mechanism

...and 71 more

10. Real-time Agent Debugging
Severity MEDIUM
Category Other AI/agent
Drafts in category 26

Missing standardized protocols for debugging autonomous agents in production environments. When agents make unexpected decisions, there are no standard interfaces for real-time introspection without disrupting operations.

Evidence: 26 other AI/agent drafts suggest various approaches but no standardized debugging protocols for production agents

Related Drafts

Keyword matches (drafts mentioning gap topic):

Top-rated in Other AI/agent (26 drafts):

Partially Addressing Ideas

23 extracted ideas touch on this gap:

Idea Draft Type
A2A Protocol Transport over MOQT draft-a2a-moqt-transport protocol
QUIC-based Publish/Subscribe for AI Agents draft-a2a-moqt-transport mechanism
Streaming Capabilities Integration draft-a2a-moqt-transport mechanism
Action-Based Authorization draft-aylward-aiga-2 mechanism
Multi-layered Security Architecture draft-aylward-daap-v2 architecture
Behavioral Monitoring Framework draft-aylward-daap-v2 mechanism
Context-Aware Task Scheduling draft-cui-ai-agent-task mechanism
Real-Time Task Adaptability draft-cui-ai-agent-task requirement

...and 15 more

11. Cross-Protocol Agent Migration
Severity MEDIUM
Category A2A protocols
Drafts in category 120

No standardized mechanisms for migrating agent state and context when moving between different A2A protocols or infrastructure providers. This creates vendor lock-in and limits agent mobility.

Evidence: 120 A2A protocol drafts with high overlap suggest competing approaches but no migration standards between them

Related Drafts

Keyword matches (drafts mentioning gap topic):

Top-rated in A2A protocols (120 drafts):

Partially Addressing Ideas

3 extracted ideas touch on this gap:

Idea Draft Type
Transport-Independent Attestation Format draft-drake-email-tpm-attestation extension
Cross-Protocol Integration Pattern draft-rosenberg-aiproto-cheq pattern
Agent Mobility with IPv6 MIPv6 draft-yc-ipv6-for-ioa mechanism

12. Agent Energy Consumption Optimization
Severity MEDIUM
Category ML traffic mgmt
Drafts in category 73

Missing standards for energy-aware agent deployment and operation. As AI workloads are energy-intensive, there's no framework for agents to optimize their energy consumption or for infrastructure to enforce energy budgets.

Evidence: 73 ML traffic management drafts focus on performance but lack energy consumption considerations for sustainable AI deployment

Related Drafts

Keyword matches (drafts mentioning gap topic):

Top-rated in ML traffic mgmt (73 drafts):

Partially Addressing Ideas

17 extracted ideas touch on this gap:

Idea Draft Type
SmartPDU Telemetry Framework draft-ahc-green-smartpdu-yang mechanism
Agent Context Distribution draft-chang-agent-context-interaction mechanism
Context Distribution Optimization Procedures draft-chang-agent-context-interaction protocol
Schema Deduplication via JSON References draft-chang-agent-token-efficient mechanism
Agentic Data Optimization Layer (ADOL) draft-chang-agent-token-efficient architecture
Information Exchange Efficiency draft-chuyi-nmrg-agentic-network-inference mechanism
Vector Index Workload Optimization draft-gaikwad-aps-profile pattern
Collaboration Tunnel Protocol (TCT) draft-jurkovikj-collab-tunnel protocol

...and 9 more

Cross-Cutting Analysis

Gaps by Category

Category Drafts Gaps Gap Topics
a2a protocols 120 2 Multi-Agent Coordination Deadlocks; Cross-Protocol Agent Migration
agent identity/auth 108 1 Agent Privacy Preservation
ai safety/alignment 44 2 Agent Behavior Verification; Agent Capability Degradation Handling
autonomous netops 93 1 Agent Resource Exhaustion Protection
data formats/interop 145 1 Agent-Generated Data Provenance
human-agent interaction 30 1 Human Override Protocols
ml traffic mgmt 73 1 Agent Energy Consumption Optimization
model serving/inference 42 1 Agent Firmware/Model Update Security
other ai/agent 26 1 Real-time Agent Debugging
policy/governance 91 1 Cross-Domain Agent Liability

Recommendations

Based on the gap analysis, the highest-impact areas for new standardization work:

  1. Runtime behavior verification — The most critical safety gap. Agents declare policies but nothing validates compliance at runtime.
  2. Error recovery and rollback — Autonomous operations need standardized failure handling before real deployment at scale.
  3. Protocol interoperability layer — 92 competing A2A protocols need a translation/negotiation framework to avoid fragmentation.
  4. Dynamic trust systems — Static certificates cannot scale to long-running agent ecosystems. Trust must be earned and revocable.
  5. Human emergency override — The 7:1 ratio of autonomous capability to human oversight drafts is concerning for production deployments.
Reference in New Issue View Git Blame Copy Permalink