c/ietf-draft-analyzer
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
7a1aa346b94350ef2d105dfbf3ecb23576f83dc6
ietf-draft-analyzer/data/reports/blog-series/data/06-big-picture-data.md
Christian Nennemann d6beb9c0a0 v0.3.0: Gap-to-Draft pipeline, Living Standards Observatory, blog series 
Gap-to-Draft Pipeline (ietf pipeline):
- Context builder assembles ideas, RFC foundations, similar drafts, ecosystem vision
- Generator produces outlines + sections using rich context with Claude
- Quality gates: novelty (embedding similarity), references, format, self-rating
- Family coordinator generates 5-draft ecosystem (AEM/ATD/HITL/AEPB/APAE)
- I-D formatter with proper headers, references, 72-char wrapping

Living Standards Observatory (ietf observatory):
- Source abstraction with IETF + W3C fetchers
- 7-step update pipeline: snapshot, fetch, analyze, embed, ideas, gaps, record
- Static GitHub Pages dashboard (explorer, gap tracker, timeline)
- Weekly CI/CD automation via GitHub Actions

Also includes:
- 361 drafts (expanded from 260 with 6 new keywords), 403 authors, 1,262 ideas, 12 gaps
- Blog series (8 posts planned), reports, arXiv paper figures
- Agent team infrastructure (CLAUDE.md, scripts, dev journal)
- 5 new DB tables, schema migration, ~15 new query methods

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-04 00:48:57 +01:00

3.7 KiB
Raw Blame History

Data Package: Post 6 — Drawing the Big Picture

Synthesis Numbers

  • 361 drafts, 557 authors, 230 orgs, 1,780 ideas, 12 gaps
  • 136 A2A protocols with no interoperability layer
  • 121 identity/auth drafts building on OAuth 2.0 (RFC 6749, cited by 36 drafts)
  • 45 safety drafts vs 316 capability drafts = 7:1 ratio
  • 36 WG-adopted drafts (10%) — 19 in security WGs, 2 in aipref

The Foundation Layer (RFC Cross-References)

The ecosystem is built on:

  1. OAuth 2.0 (RFC 6749, 36 citations) — the auth foundation
  2. TLS 1.3 (RFC 8446, 42 citations) — the security transport
  3. HTTP Semantics (RFC 9110, 34 citations) — the API layer
  4. JWT (RFC 7519, 22 citations) — token format
  5. X.509 PKI (RFC 5280, 22 citations) — identity certificates
  6. COSE (RFC 9052, 20 citations) — constrained object signing
  7. CBOR (RFC 8949, 19 citations) — binary data format
  8. QUIC (RFC 9000, 16 citations) — transport

This reveals the DNA: the agent ecosystem is being built on web + IoT foundations. OAuth + JWT + TLS for the web side, COSE + CBOR for the constrained/IoT side.

WG Adoption as Traction Signal

Category WG Drafts Individual Drafts WG %
Security/Crypto (lamps, lake, tls, emu, ace) 19 - 53% of WG
Agent-specific (aipref) 2 - 6% of WG
Other (httpbis, anima, suit, etc.) 15 - 42% of WG

Key insight: The IETF is not building new agent WGs — it's retrofitting existing security WGs for agents. This is actually good: it builds on proven foundations.

Five Proposed Ecosystem Drafts (from Architect)

These address the gaps:

  1. AEM (Agent Execution Model) — DAG-based orchestration
  2. ATD (Agent Trust and Delegation) — builds on SPIFFE/WIMSE
  3. HITL (Human-in-the-Loop) — override protocols
  4. AEPB (Agent Ecosystem Profile for Business) — assurance profiles
  5. APAE (Agent Protocol Adaptation and Exchange) — interop layer

Predictions Data Support

  1. WG consolidation is likely: Multiple competing approaches in auth (14+ OAuth drafts) creates pressure for WG adoption
  2. Safety will lag: Only 10% of WG drafts address safety; the structural bias toward capability continues
  3. Chinese institutional advantage: 152 drafts from Chinese orgs, coordinated (Huawei bloc: 94% cohesion); Western response is fragmented and late
  4. The interop layer is the bottleneck: 136 A2A drafts, no interop = the single biggest structural problem

Two Equilibria (from Architect's Vision Document)

  • Microservices chaos: If fragmentation persists and safety ratio holds, the agent ecosystem becomes like early microservices — technically possible but operationally painful, with each deployment requiring custom integration
  • Layered web architecture: If WGs consolidate fragmentation and the safety ratio narrows, the ecosystem converges on a layered architecture like the web (transport -> session -> identity -> application)

The 8:1 safety ratio is the leading indicator. If it narrows toward 4:1 or better, the good equilibrium is achievable.

Builder Guidance Data

For the "What to Do" section:

  1. Watch ECT (Ephemeral Credential Trust) — bridges SPIFFE-WIMSE, already WG-tracked
  2. Build HITL now — only 30 drafts in this space; early movers define the patterns
  3. Design for protocol translation — the 136-protocol zoo means any production system needs translation layers
  4. Invest in error recovery — zero explicit drafts on agent error recovery; this is a field-defining opportunity
  5. Participate in IETF — only 10% of drafts are WG-adopted; there's room for new contributors to shape outcomes
Reference in New Issue View Git Blame Copy Permalink