c/ietf-draft-analyzer
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
2506b6325a85ce219942b1b6c75ed1683970702f
ietf-draft-analyzer/docs/blog/posts/05-1262-ideas.html
Christian Nennemann 1ec1f69bee v0.3.0: Publication-ready release with blog site, paper update, and polish 
Release prep:
- Version bump to 0.3.0 (pyproject.toml, cli.py)
- Rewrite README.md with current stats (475 drafts, 713 authors, 501 ideas)
- Add CONTRIBUTING.md with dev setup and code conventions

Blog site:
- Add scripts/build-site.py (markdown → HTML with clean CSS, dark mode, nav)
- Generate static site in docs/blog/ (10 pages)
- Ready for GitHub Pages deployment

Academic paper (paper/main.tex):
- Update all counts: 474→475 drafts, 557→710 authors, 1907→462 ideas, 11→12 gaps
- Add false-positive filtering methodology (113 excluded, 361 relevant)
- Add cross-org convergence analysis (132 ideas, 33% rate)
- Add GDPR compliance gap to gap table
- Add LLM-as-judge caveats to rating methodology and limitations
- Add FIPA, IEEE P3394, W3C WoT to related work with bibliography entries
- Fix safety ratio to show monthly variation (1.5:1 to 21:1)

Pipeline:
- Fetch 1 new draft (475 total), 3 new authors (713 total)
- Fix 16 ruff lint errors across test files
- All 106 tests pass

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-08 17:54:43 +01:00

367 lines
23 KiB
HTML
Raw Blame History

<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>Where 434 Drafts Converge (And Where They Don't) — IETF AI Agent Analysis</title>
<link rel="stylesheet" href="/blog/css/style.css">
</head>
<body>
<div class="container">
<nav><a href="/blog/" class="site-title">IETF AI Agent Analysis</a>
<a href="/blog/posts/01-gold-rush.html">Rush</a>
<a href="/blog/posts/02-who-writes-the-rules.html">Rules</a>
<a href="/blog/posts/03-oauth-wars.html">Wars</a>
<a href="/blog/posts/04-what-nobody-builds.html">Builds</a>
<strong>Converge</strong>
<a href="/blog/posts/06-big-picture.html">Picture</a>
<a href="/blog/posts/07-how-we-built-this.html">This</a>
<a href="/blog/posts/08-agents-building-the-analysis.html">Analysis</a></nav>
<h1 id="where-434-drafts-converge-and-where-they-dont">Where 434 Drafts Converge (And Where They Don't)</h1>
<p><em>The fragmentation goes deeper than competing protocols. It extends all the way down to the idea level.</em></p>
<p><em>Analysis based on IETF Datatracker data collected through March 2026. Counts and statistics reflect this snapshot.</em></p>
<hr />
<p>We extracted technical components from 434 Internet-Drafts -- mechanisms, architectures, protocols, and patterns. Then we asked: how many of these ideas does anyone else also propose?</p>
<p>The current database contains <strong>419 extracted ideas</strong> across 377 drafts. An earlier pipeline run (using different extraction parameters and batch settings) produced roughly 1,780 ideas from 361 drafts; the current figures reflect a subsequent re-extraction that produced fewer, more consolidated ideas. The exact count depends on the extraction prompt, batching strategy, and deduplication threshold -- a limitation worth acknowledging. What is robust across both runs is the <em>pattern</em>: the vast majority of extracted ideas appear in exactly one draft. Only a handful show cross-draft convergence by exact title matching. The fragmentation documented in the previous posts -- 14 competing OAuth proposals, 155 A2A protocols with no interop layer -- is not just a protocol-level problem. It extends all the way down. At the idea level, the landscape is overwhelmingly a collection of islands.</p>
<p>But islands are not the whole story. Using fuzzy matching (SequenceMatcher at 0.75 threshold) across organizational boundaries, we found <strong>130 cross-org convergent ideas</strong> where different organizations are working on recognizably similar problems -- even when they use different names and different approaches. (An earlier pipeline run with ~1,780 raw ideas produced 628 cross-org convergent ideas; the current, more consolidated extraction of 419 ideas yields 130 at the same threshold -- 36% of unique clusters, a comparable convergence rate.) These cross-org convergence signals are the embryonic consensus of the agent standards landscape: the problems that different teams, in different countries, with different agendas, independently recognize and attempt to solve.</p>
<p>These convergence signals are more impressive than they first appear. Recall from Post 2 that <strong>55% of all drafts have never been revised</strong> beyond their first submission, and <strong>65% of Huawei's drafts</strong> are fire-and-forget. The ideas that converge across organizations are not the generic scaffolding of first-draft submissions -- they represent genuine engineering investment from teams that independently identified the same problem and committed resources to solving it.</p>
<p>The picture that emerges is paradoxical: the raw material for a complete agent ecosystem exists. The convergent ideas point toward the architecture the ecosystem needs. But they exist in isolation -- proposed by separate teams, embedded in separate drafts, with no connective tissue linking them into a coherent blueprint.</p>
<h2 id="the-taxonomy">The Taxonomy</h2>
<p>Every extracted idea was classified by type. The distribution reveals what kind of thinking dominates the landscape:</p>
<table>
<thead>
<tr>
<th>Type</th>
<th style="text-align: right;">Count</th>
<th style="text-align: right;">Share</th>
<th>What It Means</th>
</tr>
</thead>
<tbody>
<tr>
<td>Protocol</td>
<td style="text-align: right;">96</td>
<td style="text-align: right;">23%</td>
<td>Full protocol specifications</td>
</tr>
<tr>
<td>Architecture</td>
<td style="text-align: right;">95</td>
<td style="text-align: right;">23%</td>
<td>System designs and reference models</td>
</tr>
<tr>
<td>Extension</td>
<td style="text-align: right;">79</td>
<td style="text-align: right;">19%</td>
<td>Additions to existing standards (OAuth, SCIM, DNS)</td>
</tr>
<tr>
<td>Mechanism</td>
<td style="text-align: right;">68</td>
<td style="text-align: right;">16%</td>
<td>Concrete technical solutions: auth flows, routing algorithms, token formats</td>
</tr>
<tr>
<td>Requirement</td>
<td style="text-align: right;">42</td>
<td style="text-align: right;">10%</td>
<td>Formal requirement documents</td>
</tr>
<tr>
<td>Pattern</td>
<td style="text-align: right;">35</td>
<td style="text-align: right;">8%</td>
<td>Reusable design approaches</td>
</tr>
<tr>
<td>Framework</td>
<td style="text-align: right;">3</td>
<td style="text-align: right;">1%</td>
<td>Frameworks, profiles</td>
</tr>
<tr>
<td>Format</td>
<td style="text-align: right;">1</td>
<td style="text-align: right;">&lt;1%</td>
<td>Data format specifications</td>
</tr>
</tbody>
</table>
<p><em>Note: These counts reflect the current database (419 ideas). An earlier pipeline run with different extraction parameters produced higher counts across all categories; the relative proportions are more meaningful than the absolute numbers.</em></p>
<p>The near-equal split between <strong>protocols</strong> (96), <strong>architectures</strong> (95), and <strong>extensions</strong> (79) tells us the community is both building new solutions and extending existing ones. The protocols and extensions show that much of the work builds on established foundations (OAuth 2.0, SCIM, DNS, EDHOC) rather than starting from scratch.</p>
<p>The 95 architectures and 42 requirements suggest healthy standards development: teams are defining reference models before writing code. But the 35 patterns -- reusable approaches without full protocol specification -- indicate that some teams have identified what needs to be done without committing to how.</p>
<h2 id="where-teams-converge">Where Teams Converge</h2>
<p>By exact title, few ideas appear in multiple drafts. But ideas with different names often describe the same concept -- "Agent Gateway" in one draft and "Inter-Agent Communication Hub" in another. Our fuzzy-matching overlap analysis (using SequenceMatcher at 0.75 threshold) across organizational boundaries found <strong>130 ideas</strong> where 2+ distinct organizations are working on recognizably similar problems. These are the genuine consensus signals.</p>
<table>
<thead>
<tr>
<th>Idea</th>
<th style="text-align: right;">Orgs</th>
<th style="text-align: right;">Drafts</th>
<th>Key Organizations</th>
</tr>
</thead>
<tbody>
<tr>
<td>A2A Communication Paradigm</td>
<td style="text-align: right;">8</td>
<td style="text-align: right;">5</td>
<td>CAICT, Deutsche Telekom, Huawei, Orange, Telefonica</td>
</tr>
<tr>
<td>AI Agent Network Architecture</td>
<td style="text-align: right;">8</td>
<td style="text-align: right;">5</td>
<td>China Mobile, Deutsche Telekom, Huawei, Orange, UnionPay</td>
</tr>
<tr>
<td>Multi-Agent Communication Protocol</td>
<td style="text-align: right;">7</td>
<td style="text-align: right;">8</td>
<td>AsiaInfo, BUPT, China Mobile, China Telecom, Huawei</td>
</tr>
<tr>
<td>AI Agent Communication Network (ACN)</td>
<td style="text-align: right;">7</td>
<td style="text-align: right;">5</td>
<td>ANP Open Source, China Mobile, Cisco, Five9, Huawei</td>
</tr>
<tr>
<td>NLIP (Natural Language Interchange)</td>
<td style="text-align: right;">7</td>
<td style="text-align: right;">1</td>
<td>Fordham, IBM, Purdue, ServiceNow, eBay</td>
</tr>
<tr>
<td>ELA Protocol</td>
<td style="text-align: right;">6</td>
<td style="text-align: right;">6</td>
<td>Bitwave, Cisco, Ericsson, Five9, Inria</td>
</tr>
<tr>
<td>AI Gateway</td>
<td style="text-align: right;">6</td>
<td style="text-align: right;">4</td>
<td>AsiaInfo, BUPT, China Telecom, Huawei, UnionPay</td>
</tr>
<tr>
<td>Agent Communication across WAN</td>
<td style="text-align: right;">6</td>
<td style="text-align: right;">3</td>
<td>China Mobile, China Unicom, Deutsche Telekom, Huawei, Orange</td>
</tr>
</tbody>
</table>
<p>The most-converged idea -- "A2A Communication Paradigm" -- draws independent contributions from <strong>8 organizations across 5 countries</strong>. This is simultaneously the strongest convergence signal and the strongest fragmentation signal. Eight organizations agree this is important. They are building separate, incompatible versions.</p>
<p>Look at who bridges the divide. In three of the top eight convergent ideas, the same names appear alongside Chinese institutions: <strong>Deutsche Telekom, Telefonica, and Orange</strong>. These European telecoms show up in "A2A Communication Paradigm," "AI Agent Network Architecture," and "Agent Communication across WAN" -- each time co-listed with Huawei, China Mobile, or China Unicom. Of the <strong>180 ideas that cross the Chinese-Western organizational divide</strong>, European telecoms are present on a disproportionate share. The organizations most likely to prevent the agent ecosystem from splitting into incompatible regional stacks are not Google or Microsoft -- they are European carriers operating in both markets. US Big Tech is almost entirely absent from cross-divide convergence.</p>
<p>The organization-pair overlaps reveal where real collaboration happens -- and where it does not:</p>
<table>
<thead>
<tr>
<th>Org Pair</th>
<th style="text-align: right;">Shared Ideas</th>
<th>Signal</th>
</tr>
</thead>
<tbody>
<tr>
<td>China Unicom -- Huawei</td>
<td style="text-align: right;">32</td>
<td>Deep intra-bloc alignment</td>
</tr>
<tr>
<td>China Mobile -- Huawei</td>
<td style="text-align: right;">27</td>
<td>Deep intra-bloc alignment</td>
</tr>
<tr>
<td>Ericsson -- Inria</td>
<td style="text-align: right;">21</td>
<td>European cross-org collaboration</td>
</tr>
<tr>
<td>Tsinghua -- Zhongguancun Lab</td>
<td style="text-align: right;">20</td>
<td>Chinese academic convergence</td>
</tr>
<tr>
<td>Fraunhofer SIT -- Tradeverifyd</td>
<td style="text-align: right;">10</td>
<td>Verifiable records niche</td>
</tr>
</tbody>
</table>
<p>The pattern is stark: the highest-overlap pairs are Chinese institutions working within established blocs. Formal co-authorship between Chinese and Western organizations is thin -- but idea-level convergence, mediated by European telecoms operating in both markets, is broader than the co-authorship data suggests.</p>
<p>The convergence signals cluster in three areas:</p>
<p><strong>1. Agent communication infrastructure.</strong> How agents discover, connect to, and message each other. This is the most active area with the most redundant proposals. The underlying need is clear; the implementation is contested.</p>
<p><strong>2. Authentication and authorization.</strong> Action-based authorization, agent registration, cryptographic identity verification. OAuth extensions dominate, but the approaches diverge significantly between pure OAuth extension (add claims/scopes) and novel frameworks (DAAP accountability protocol, STAMP delegation proofs).</p>
<p><strong>3. Network architecture.</strong> Agent gateways, agent communication networks, network management architectures. This is where the Chinese institutional ecosystem has the strongest presence, with Huawei and affiliated organizations producing most of the architecture ideas.</p>
<h2 id="where-teams-innovate">Where Teams Innovate</h2>
<p>The 96% of ideas appearing in only one draft are a mix: mostly generic components describing what each draft does ("Agent Gateway," "Transport Configuration System"), but scattered among them are genuinely novel proposals that no other team has attempted -- either because they are too new, too specialized, or ahead of their time.</p>
<p>Some standouts from the unique ideas:</p>
<p><strong>Verifiable Agent Behavior Attestation</strong> (draft-birkholz-verifiable-agent-conversations) -- A CDDL-based format for cryptographically signing agent conversation records, enabling post-hoc verification of agent behavior. This directly addresses the critical behavior verification gap.</p>
<p><strong>ADOL: Agentic Data Optimization Layer</strong> (<a href="https://datatracker.ietf.org/doc/draft-chang-agent-token-efficient/">draft-chang-agent-token-efficient</a>, score 4.5) -- Addresses token bloat in agent communication protocols. As agents exchange increasingly complex context, message sizes explode. ADOL compresses agent communications by 60-80%, a practical necessity that nobody else is working on.</p>
<p><strong>Working Memory</strong> (draft-agent-gw) -- A structured context management system that maintains state across multi-step agent operations. Sounds basic -- but no other draft proposes a standard for how agents should manage persistent operational context.</p>
<p><strong>Autonomous Optical Network Operation</strong> (draft-zhao-ccamp-actn-optical-network-agent) -- Applies agent architecture to the specific domain of optical network management. This is the kind of vertical specialization that validates the horizontal agent architecture work.</p>
<p><strong>Execution Context Token (ECT)</strong> (<a href="https://datatracker.ietf.org/doc/draft-nennemann-wimse-ect/">draft-nennemann-wimse-ect</a>, score 4.0) -- A JWT extension that records what each task did, linked to predecessors via a DAG. This is arguably the single most architecturally significant idea in the corpus: it turns the execution history of a multi-agent workflow into a cryptographically verifiable directed acyclic graph. It is the technical foundation for accountability, rollback, audit, and provenance.</p>
<p><strong>CHEQ Protocol</strong> (<a href="https://datatracker.ietf.org/doc/draft-rosenberg-aiproto-cheq/">draft-rosenberg-aiproto-cheq</a>, score 3.9) -- Human confirmation of agent decisions before execution. The only concrete protocol proposal for human-in-the-loop agent oversight. In a landscape of 30 human-agent interaction drafts, CHEQ stands alone as an implementable solution.</p>
<h2 id="the-five-ideas-that-matter-most">The Five Ideas That Matter Most</h2>
<p>If you are building agent systems today and need to know which IETF proposals to watch, these five represent the highest combination of quality, novelty, and gap-filling potential:</p>
<table>
<thead>
<tr>
<th>Idea</th>
<th>Draft</th>
<th style="text-align: right;">Score</th>
<th>Why It Matters</th>
</tr>
</thead>
<tbody>
<tr>
<td>Execution Context Token</td>
<td>draft-nennemann-wimse-ect</td>
<td style="text-align: right;">4.0</td>
<td>DAG-based execution evidence; foundation for audit, rollback, and accountability</td>
</tr>
<tr>
<td>DAAP Accountability Protocol</td>
<td>draft-aylward-daap-v2</td>
<td style="text-align: right;">4.75</td>
<td>Most comprehensive safety proposal; authentication + monitoring + enforcement</td>
</tr>
<tr>
<td>STAMP Delegation Proofs</td>
<td>draft-guy-bary-stamp-protocol</td>
<td style="text-align: right;">4.5</td>
<td>Cryptographic proof that an agent was authorized for a specific task</td>
</tr>
<tr>
<td>Agent Description Language (ADL)</td>
<td>draft-nederveld-adl</td>
<td style="text-align: right;">4.1</td>
<td>JSON standard for describing agent capabilities, tools, and permissions</td>
</tr>
<tr>
<td>Verifiable Conversations</td>
<td>draft-birkholz-verifiable-agent-conversations</td>
<td style="text-align: right;">4.5</td>
<td>Cryptographic signing of conversation records for auditability</td>
</tr>
</tbody>
</table>
<p>Together, these five ideas sketch the outline of the ecosystem architecture that Post 6 will describe in full: ECT provides the execution backbone, DAAP provides the accountability layer, STAMP proves delegation, ADL describes capabilities, and verifiable conversations create the audit trail.</p>
<h2 id="mapping-ideas-to-gaps">Mapping Ideas to Gaps</h2>
<p>The most revealing analysis is mapping which ideas partially address which gaps:</p>
<table>
<thead>
<tr>
<th>Gap</th>
<th>Severity</th>
<th>Coverage</th>
</tr>
</thead>
<tbody>
<tr>
<td>Agent Behavioral Verification</td>
<td>CRITICAL</td>
<td>Partial: attestation and monitoring ideas exist but no runtime enforcement</td>
</tr>
<tr>
<td>Agent Failure Cascade Prevention</td>
<td>CRITICAL</td>
<td>Near-zero: minimal work on cascade containment</td>
</tr>
<tr>
<td>Real-Time Agent Rollback Mechanisms</td>
<td>HIGH</td>
<td>Near-zero: limited to draft-yue-anima-agent-recovery-networks</td>
</tr>
<tr>
<td>Multi-Agent Consensus Protocols</td>
<td>HIGH</td>
<td>Minimal: no conflict resolution framework</td>
</tr>
<tr>
<td>Human Override Standardization</td>
<td>HIGH</td>
<td>Near-zero: CHEQ exists but no emergency override protocol</td>
</tr>
<tr>
<td>Cross-Domain Agent Audit Trails</td>
<td>HIGH</td>
<td>Partial: identity covered, cross-domain audit not</td>
</tr>
<tr>
<td>Federated Agent Learning Privacy</td>
<td>HIGH</td>
<td>Minimal: privacy-preserving learning not specified</td>
</tr>
<tr>
<td>Cross-Protocol Agent Migration</td>
<td>MEDIUM</td>
<td>Complete absence in the corpus</td>
</tr>
<tr>
<td>Agent Resource Accounting and Billing</td>
<td>MEDIUM</td>
<td>Peripheral: resource types defined but no economic models</td>
</tr>
<tr>
<td>Agent Capability Negotiation</td>
<td>MEDIUM</td>
<td>Partial: tool enumeration exists but not dynamic negotiation</td>
</tr>
<tr>
<td>Agent Performance Benchmarking</td>
<td>MEDIUM</td>
<td>Moderate: benchmarking ideas exist (draft-cui-nmrg-llm-benchmark)</td>
</tr>
</tbody>
</table>
<p>The pattern is clear: the critical and high-severity gaps are those where the <em>periphery</em> of existing work touches the problem but nobody makes it the <em>central</em> problem. Teams building communication protocols think about resources; teams building discovery think about lifecycle. The gaps where no team is even circling the problem -- rollback mechanisms, human override, cascade prevention -- are the true blind spots.</p>
<h2 id="the-ideas-nobody-had">The Ideas Nobody Had</h2>
<p>Sometimes the absence is the finding. Here are technical ideas conspicuous in their absence from the entire corpus:</p>
<ul>
<li>
<p><strong>Agent capability degradation signaling</strong>: No protocol for an agent to advertise that its performance has degraded (model drift, resource constraints, partial failure). Other agents continue relying on it at full trust.</p>
</li>
<li>
<p><strong>Multi-agent transaction semantics</strong>: No ACID-like guarantees for multi-agent workflows. If three agents must all succeed or all roll back, there is no two-phase commit equivalent.</p>
</li>
<li>
<p><strong>Agent migration protocol</strong>: No standard for moving a running agent from one host to another while preserving state and active connections. Critical for cloud deployments.</p>
</li>
<li>
<p><strong>Privacy-preserving agent discovery</strong>: No mechanism for an agent to find capabilities without revealing its intent. "I need a medical diagnosis agent" reveals sensitive information before any trust is established. Under Art. 25 GDPR (data protection by design and by default), this is not just a nice-to-have -- it is a legal requirement for EU-deployed systems where discovery queries may constitute processing of special category data (Art. 9 GDPR, health data).</p>
</li>
<li>
<p><strong>Agent cost and billing</strong>: No standard for agents to negotiate compensation for services. Agents performing work for other agents have no way to express "this costs X" or "you have Y credits remaining."</p>
</li>
</ul>
<p>Each of these absences represents an opportunity for new drafts that would fill genuine needs.</p>
<h2 id="what-the-taxonomy-tells-builders">What the Taxonomy Tells Builders</h2>
<p>Three practical takeaways for anyone implementing agent systems:</p>
<p><strong>1. Build on the convergent ideas.</strong> Agent registration, action-based authorization, and capability-based discovery appear across multiple teams and organizations. These represent genuine consensus about what the infrastructure needs, even if implementations diverge.</p>
<p><strong>2. Watch the single-source innovations.</strong> The long tail of single-draft ideas contains the innovations that will differentiate the next generation of agent platforms. ECT, CHEQ, ADOL, and ADL are not widely known but represent some of the most thoughtful engineering in the corpus.</p>
<p><strong>3. Fill the blank spaces.</strong> Error recovery, cross-protocol translation, and human override are the clearest opportunities for new contributions. The community has signaled these gaps matter (through the severity of the gap analysis) but has not yet produced the ideas to fill them.</p>
<hr />
<h3 id="key-takeaways">Key Takeaways</h3>
<ul>
<li><strong>The vast majority of ideas appear in exactly one draft</strong> -- fragmentation extends all the way down to the idea level</li>
<li><strong>130 cross-org convergent ideas</strong> (36% of unique clusters, via SequenceMatcher fuzzy matching at 0.75 threshold) reveal where organizations independently agree; highest-overlap pairs are Chinese institutions (China Unicom-Huawei: 32 shared ideas)</li>
<li><strong>The critical gaps remain unfilled</strong>: rollback mechanisms, failure cascade prevention, and human override have minimal coverage across 434 drafts</li>
<li><strong>Five ideas to watch</strong>: ECT (execution DAG), DAAP (accountability), STAMP (delegation proof), ADL (agent description), verifiable conversations (audit trail)</li>
<li><strong>Convergence clusters in three areas</strong>: agent communication infrastructure, authentication/authorization, and network architecture</li>
</ul>
<p><em>Next in this series: <a href="06-big-picture.md">Drawing the Big Picture</a> -- 130 cross-org convergent ideas, 11 gaps, and the architectural vision that connects them.</em></p>
<hr />
<p><em>Idea extraction performed by Claude from draft abstracts and full text. Classification into types (protocol, architecture, extension, mechanism, requirement, pattern) based on the technical content of each proposal. The current database contains 419 ideas; figures referencing ~1,780 ideas come from an earlier pipeline run with different extraction parameters. Data current as of March 2026.</em></p>
<div class="post-nav"><a href="/blog/posts/04-what-nobody-builds.html">&larr; What Nobody Builds</a><a href="/blog/posts/06-big-picture.html">The Big Picture &rarr;</a></div>
<footer>
<p>IETF Draft Analyzer &mdash; Data collected through March 2026.
<a href="https://github.com/cnennemann/ietf-draft-analyzer">Source on GitHub</a></p>
</footer>
</div>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink