Christian Nennemann
a46a01bd8c
- Add `ietf auto` command: fetches, analyzes, embeds, extracts ideas, and refreshes gaps across all sources with cost-based auto-approval - Fix SourceDocument→Draft conversion in auto fetch step - Fix gap_analysis method name in auto command - Process all 270 unrated ETSI/ISO/ITU/NIST drafts (761 total, all rated) - Update web UI templates and data layer for multi-source support Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
553 lines
38 KiB
Markdown
553 lines
38 KiB
Markdown
# Gap Analysis: IETF AI/Agent Draft Landscape
|
|
*Generated 2026-03-08 17:16 UTC — analyzing 756 drafts, 501 technical ideas*
|
|
|
|
## Overview
|
|
|
|
This report identifies **11 gaps** — areas, problems, or technical challenges not adequately addressed by the current 756 IETF AI/agent drafts. Each gap is cross-referenced with related drafts and extracted technical ideas to show partial coverage.
|
|
|
|
| Severity | Count |
|
|
|----------|------:|
|
|
| **CRITICAL** | 3 |
|
|
| **HIGH** | 5 |
|
|
| **MEDIUM** | 3 |
|
|
|
|
### Safety Deficit
|
|
|
|
Only **112** of 756 drafts address AI safety/alignment, while **157** focus on A2A protocols and **124** on autonomous operations. The ratio of capability-building to safety is roughly **2:1**.
|
|
|
|
---
|
|
|
|
## 1. Agent Legal Liability Framework
|
|
|
|
| | |
|
|
|---|---|
|
|
| **Severity** | CRITICAL |
|
|
| **Category** | policy/governance |
|
|
| **Drafts in category** | 214 |
|
|
|
|
No standard addresses who is legally responsible when autonomous agents cause harm or make binding commitments. Current frameworks focus on technical risk but ignore liability assignment between agent creators, operators, and users.
|
|
|
|
**Evidence:** Real-world AI agent deployments are stalled due to unclear liability chains, especially in financial and healthcare domains
|
|
|
|
### Related Drafts
|
|
|
|
**Keyword matches** (drafts mentioning gap topic):
|
|
|
|
- [draft-zheng-agent-identity-management](https://datatracker.ietf.org/doc/draft-zheng-agent-identity-management/) (score 3.7) — Agent Identity Managenment
|
|
- [draft-zheng-dispatch-agent-identity-management](https://datatracker.ietf.org/doc/draft-zheng-dispatch-agent-identity-management/) (score 3.3) — Agent Identity Managenment
|
|
- [draft-li-dmsc-macp](https://datatracker.ietf.org/doc/draft-li-dmsc-macp/) (score 4.2) — Multi-agent Collaboration Protocol Suite
|
|
- [draft-fu-nmop-agent-communication-framework](https://datatracker.ietf.org/doc/draft-fu-nmop-agent-communication-framework/) (score 3.0) — Agent Communication Framework for Network AIOps
|
|
- [draft-zyyhl-agent-networks-framework](https://datatracker.ietf.org/doc/draft-zyyhl-agent-networks-framework/) (score 3.6) — Framework for AI Agent Networks
|
|
- [draft-madhavan-aipref-displaybasedpref](https://datatracker.ietf.org/doc/draft-madhavan-aipref-displaybasedpref/) (score 2.5) — A Vocabulary for Controlling Usage of Content Collected by Search and AI Crawler
|
|
|
|
**Top-rated in policy/governance** (214 drafts):
|
|
|
|
- [draft-cowles-volt](https://datatracker.ietf.org/doc/draft-cowles-volt/) (4.8) — Defines tamper-evident execution trace format for AI agent workflows using hash chains and cryptogra
|
|
- [draft-aylward-daap-v2](https://datatracker.ietf.org/doc/draft-aylward-daap-v2/) (4.8) — Defines comprehensive protocol for AI agent accountability including authentication, monitoring, and
|
|
- [itu-t-y-3172](https://datatracker.ietf.org/doc/itu-t-y-3172/) (4.7) — Establishes comprehensive architectural framework for machine learning deployment in future networks
|
|
- [iso-iec-22989-2022](https://datatracker.ietf.org/doc/iso-iec-22989-2022/) (4.7) — ISO/IEC standard defining core AI concepts and establishing standardized terminology across the fiel
|
|
- [iso-iec-42001-2023](https://datatracker.ietf.org/doc/iso-iec-42001-2023/) (4.6) — ISO/IEC standard establishing comprehensive AI management system requirements covering governance, r
|
|
|
|
### Partially Addressing Ideas
|
|
|
|
51 extracted ideas touch on this gap:
|
|
|
|
| Idea | Draft | Type |
|
|
|------|-------|------|
|
|
| Structured Responsibility and Traceability Architecture | draft-takagi-srta-trinity | architecture |
|
|
| Intelligent Agent Communication Gateway Architecture | draft-agent-gw | architecture |
|
|
| Tiered Risk-Based Governance for Autonomous AI Agents | draft-aylward-aiga-1 | architecture |
|
|
| Tiered Risk-Based Governance for Autonomous AI Agents | draft-aylward-aiga-2 | architecture |
|
|
| Distributed AI Accountability Protocol | draft-aylward-daap-v2 | protocol |
|
|
| Zero Trust Runtime Agent Architecture | draft-berlinai-vera | architecture |
|
|
| Agentic Hypercall Protocol | draft-campbell-agentic-http | pattern |
|
|
| Context Distribution Optimization Framework | draft-chang-agent-context-interaction | mechanism |
|
|
|
|
*...and 43 more*
|
|
|
|
---
|
|
|
|
## 2. Agent Capability Degradation Detection
|
|
|
|
| | |
|
|
|---|---|
|
|
| **Severity** | CRITICAL |
|
|
| **Category** | AI safety/alignment |
|
|
| **Drafts in category** | 112 |
|
|
|
|
No standard defines how to detect when an agent's capabilities are degrading due to concept drift, adversarial inputs, or model corruption. Current monitoring focuses on system metrics not capability assessment.
|
|
|
|
**Evidence:** Production AI systems show gradual performance degradation that goes undetected until major failures occur
|
|
|
|
### Related Drafts
|
|
|
|
**Keyword matches** (drafts mentioning gap topic):
|
|
|
|
- [draft-zheng-agent-identity-management](https://datatracker.ietf.org/doc/draft-zheng-agent-identity-management/) (score 3.7) — Agent Identity Managenment
|
|
- [draft-zheng-dispatch-agent-identity-management](https://datatracker.ietf.org/doc/draft-zheng-dispatch-agent-identity-management/) (score 3.3) — Agent Identity Managenment
|
|
- [draft-li-dmsc-macp](https://datatracker.ietf.org/doc/draft-li-dmsc-macp/) (score 4.2) — Multi-agent Collaboration Protocol Suite
|
|
- [draft-fu-nmop-agent-communication-framework](https://datatracker.ietf.org/doc/draft-fu-nmop-agent-communication-framework/) (score 3.0) — Agent Communication Framework for Network AIOps
|
|
- [draft-zyyhl-agent-networks-framework](https://datatracker.ietf.org/doc/draft-zyyhl-agent-networks-framework/) (score 3.6) — Framework for AI Agent Networks
|
|
- [draft-li-dmsc-inf-architecture](https://datatracker.ietf.org/doc/draft-li-dmsc-inf-architecture/) (score 3.1) — Dynamic Multi-agent Secured Collaboration Infrastructure Architecture
|
|
|
|
**Top-rated in AI safety/alignment** (112 drafts):
|
|
|
|
- [draft-cowles-volt](https://datatracker.ietf.org/doc/draft-cowles-volt/) (4.8) — Defines tamper-evident execution trace format for AI agent workflows using hash chains and cryptogra
|
|
- [draft-aylward-daap-v2](https://datatracker.ietf.org/doc/draft-aylward-daap-v2/) (4.8) — Defines comprehensive protocol for AI agent accountability including authentication, monitoring, and
|
|
- [draft-guy-bary-stamp-protocol](https://datatracker.ietf.org/doc/draft-guy-bary-stamp-protocol/) (4.6) — Defines STAMP protocol for cryptographic delegation and proof in AI agent systems. Provides task-bou
|
|
- [draft-drake-email-tpm-attestation](https://datatracker.ietf.org/doc/draft-drake-email-tpm-attestation/) (4.6) — Defines hardware attestation for email using TPM verification chains to prevent spam and provide Syb
|
|
- [iso-iec-42001-2023](https://datatracker.ietf.org/doc/iso-iec-42001-2023/) (4.6) — ISO/IEC standard establishing comprehensive AI management system requirements covering governance, r
|
|
|
|
### Partially Addressing Ideas
|
|
|
|
22 extracted ideas touch on this gap:
|
|
|
|
| Idea | Draft | Type |
|
|
|------|-------|------|
|
|
| Intelligent Agent Communication Gateway Architecture | draft-agent-gw | architecture |
|
|
| AI-Native Network Protocol (AINP) | draft-ainp-protocol | protocol |
|
|
| Agentic Data Optimization Layer (ADOL) | draft-chang-agent-token-efficient | protocol |
|
|
| Structured OAuth Scope Syntax for Agent Permissions | draft-chen-oauth-scope-agent-extensions | extension |
|
|
| Capability-based Agent Discovery Mechanism | draft-cui-ai-agent-discovery-invocation | mechanism |
|
|
| Intent-based Agent Selection | draft-cui-ai-agent-discovery-invocation | extension |
|
|
| Agent Attachment Protocol | draft-dunbar-agent-attachment | protocol |
|
|
| EAT Extensions for Agent Capability Attestation | draft-huang-rats-agentic-eat-cap-attest | extension |
|
|
|
|
*...and 14 more*
|
|
|
|
---
|
|
|
|
## 3. Emergency Agent Override Protocols
|
|
|
|
| | |
|
|
|---|---|
|
|
| **Severity** | CRITICAL |
|
|
| **Category** | AI safety/alignment |
|
|
| **Drafts in category** | 112 |
|
|
|
|
No standard defines how to safely emergency-stop or override autonomous agents across distributed systems when they exhibit dangerous behavior. Current approaches assume centralized control that may not exist.
|
|
|
|
**Evidence:** Incidents with autonomous trading systems and industrial controls show need for fail-safe override mechanisms
|
|
|
|
### Related Drafts
|
|
|
|
**Keyword matches** (drafts mentioning gap topic):
|
|
|
|
- [draft-aylward-daap-v2](https://datatracker.ietf.org/doc/draft-aylward-daap-v2/) (score 4.8) — Distributed AI Accountability Protocol (DAAP) Version 2.0
|
|
- [draft-khatri-sipcore-call-transfer-fail-response](https://datatracker.ietf.org/doc/draft-khatri-sipcore-call-transfer-fail-response/) (score 3.3) — A SIP Response Code (497) for Call Transfer Failure
|
|
- [draft-cui-dmsc-agent-cdi](https://datatracker.ietf.org/doc/draft-cui-dmsc-agent-cdi/) (score 3.0) — Cross-Domain Interoperability Framework for AI Agent Collaboration
|
|
- [iso-22733-1-2021](https://datatracker.ietf.org/doc/iso-22733-1-2021/) (score 4.3) — ISO 22733-1:2021: Road vehicles — Test method to evaluate the performance of aut
|
|
- [iso-22733-1-2022](https://datatracker.ietf.org/doc/iso-22733-1-2022/) (score 2.5) — ISO 22733-1:2022: Road vehicles — Test method to evaluate the performance of aut
|
|
- [draft-zheng-agent-identity-management](https://datatracker.ietf.org/doc/draft-zheng-agent-identity-management/) (score 3.7) — Agent Identity Managenment
|
|
|
|
**Top-rated in AI safety/alignment** (112 drafts):
|
|
|
|
- [draft-cowles-volt](https://datatracker.ietf.org/doc/draft-cowles-volt/) (4.8) — Defines tamper-evident execution trace format for AI agent workflows using hash chains and cryptogra
|
|
- [draft-aylward-daap-v2](https://datatracker.ietf.org/doc/draft-aylward-daap-v2/) (4.8) — Defines comprehensive protocol for AI agent accountability including authentication, monitoring, and
|
|
- [draft-guy-bary-stamp-protocol](https://datatracker.ietf.org/doc/draft-guy-bary-stamp-protocol/) (4.6) — Defines STAMP protocol for cryptographic delegation and proof in AI agent systems. Provides task-bou
|
|
- [draft-drake-email-tpm-attestation](https://datatracker.ietf.org/doc/draft-drake-email-tpm-attestation/) (4.6) — Defines hardware attestation for email using TPM verification chains to prevent spam and provide Syb
|
|
- [iso-iec-42001-2023](https://datatracker.ietf.org/doc/iso-iec-42001-2023/) (4.6) — ISO/IEC standard establishing comprehensive AI management system requirements covering governance, r
|
|
|
|
### Partially Addressing Ideas
|
|
|
|
15 extracted ideas touch on this gap:
|
|
|
|
| Idea | Draft | Type |
|
|
|------|-------|------|
|
|
| LLM-Enhanced Autonomic Service Agent Architecture | draft-han-anima-ai-asa | architecture |
|
|
| Multipath Traffic Engineering Capabilities Advertisement | draft-kompella-lsr-mptecap | mechanism |
|
|
| Agent Collaboration Protocols Architecture | draft-liu-dmsc-acps-arc | architecture |
|
|
| Agent Lifecycle Support | draft-liu-dmsc-acps-arc | protocol |
|
|
| Zero Trust Interoperability Framework | draft-liu-saag-zt-problem-statement | requirement |
|
|
| Cross-device Communication Protocol Gap Analysis for Network AI Agents | draft-mao-rtgwg-agent-comm-protocol-gap-analysis | requirement |
|
|
| Comparative analysis of messaging protocols for agentic AI | draft-mpsb-agntcy-messaging | pattern |
|
|
| Cross-Device Communication Framework for Network AI Agents | draft-mzsg-rtgwg-agent-cross-device-comm-framework | architecture |
|
|
|
|
*...and 7 more*
|
|
|
|
---
|
|
|
|
## 4. Cross-Domain Agent Identity Portability
|
|
|
|
| | |
|
|
|---|---|
|
|
| **Severity** | HIGH |
|
|
| **Category** | agent identity/auth |
|
|
| **Drafts in category** | 160 |
|
|
|
|
Agents cannot maintain consistent identity across different organizational domains or standards bodies' protocols. IETF defines authentication within network boundaries while ISO focuses on domain-specific identity, creating fragmentation.
|
|
|
|
**Evidence:** Enterprise deployments require agents to work across cloud providers, on-premises systems, and partner networks with different identity systems
|
|
|
|
### Related Drafts
|
|
|
|
**Keyword matches** (drafts mentioning gap topic):
|
|
|
|
- [draft-diaconu-agents-authz-info-sharing](https://datatracker.ietf.org/doc/draft-diaconu-agents-authz-info-sharing/) (score 3.2) — Cross-Domain AuthZ Information sharing for Agents
|
|
- [draft-cui-dmsc-agent-cdi](https://datatracker.ietf.org/doc/draft-cui-dmsc-agent-cdi/) (score 3.0) — Cross-Domain Interoperability Framework for AI Agent Collaboration
|
|
- [draft-han-rtgwg-agent-gateway-intercomm-framework](https://datatracker.ietf.org/doc/draft-han-rtgwg-agent-gateway-intercomm-framework/) (score 3.6) — Agent Gateway Intercommunication Framework
|
|
- [draft-ni-a2a-ai-agent-security-requirements](https://datatracker.ietf.org/doc/draft-ni-a2a-ai-agent-security-requirements/) (score 3.7) — Security Requirements for AI Agents
|
|
- [draft-intellinode-ai-semantic-contract](https://datatracker.ietf.org/doc/draft-intellinode-ai-semantic-contract/) (score 3.2) — Semantic-Driven Traffic Shaping Contract for AI Networks
|
|
- [draft-zheng-agent-identity-management](https://datatracker.ietf.org/doc/draft-zheng-agent-identity-management/) (score 3.7) — Agent Identity Managenment
|
|
|
|
**Top-rated in agent identity/auth** (160 drafts):
|
|
|
|
- [draft-cowles-volt](https://datatracker.ietf.org/doc/draft-cowles-volt/) (4.8) — Defines tamper-evident execution trace format for AI agent workflows using hash chains and cryptogra
|
|
- [draft-aylward-daap-v2](https://datatracker.ietf.org/doc/draft-aylward-daap-v2/) (4.8) — Defines comprehensive protocol for AI agent accountability including authentication, monitoring, and
|
|
- [draft-guy-bary-stamp-protocol](https://datatracker.ietf.org/doc/draft-guy-bary-stamp-protocol/) (4.6) — Defines STAMP protocol for cryptographic delegation and proof in AI agent systems. Provides task-bou
|
|
- [draft-drake-email-tpm-attestation](https://datatracker.ietf.org/doc/draft-drake-email-tpm-attestation/) (4.6) — Defines hardware attestation for email using TPM verification chains to prevent spam and provide Syb
|
|
- [draft-williams-netmod-lm-hierarchy-topology](https://datatracker.ietf.org/doc/draft-williams-netmod-lm-hierarchy-topology/) (4.6) — Defines YANG data model for hierarchical language model coordination across tiny, small, and large L
|
|
|
|
### Partially Addressing Ideas
|
|
|
|
33 extracted ideas touch on this gap:
|
|
|
|
| Idea | Draft | Type |
|
|
|------|-------|------|
|
|
| Cross-Domain Agent Interoperability Framework | draft-cui-dmsc-agent-cdi | architecture |
|
|
| Cross-Domain Authorization Information Sharing for Multi-Agent Systems | draft-diaconu-agents-authz-info-sharing | mechanism |
|
|
| Agent Authorization Profile for OAuth 2.0 | draft-aap-oauth-profile | extension |
|
|
| SCIM 2.0 Extension for Agents and Agentic Applications | draft-abbey-scim-agent-extension | extension |
|
|
| Distributed AI Accountability Protocol | draft-aylward-daap-v2 | protocol |
|
|
| Intent-Based Just-in-Time Authorization | draft-chen-agent-decoupled-authorization-model | architecture |
|
|
| Dynamic Behavior-Based Authentication and Authorization Requirements | draft-chen-ai-agent-auth-new-requirements | requirement |
|
|
| Agentic network architecture for multi-agent coordination | draft-chuyi-nmrg-agentic-network-inference | architecture |
|
|
|
|
*...and 25 more*
|
|
|
|
---
|
|
|
|
## 5. Real-Time Agent Behavior Explanation
|
|
|
|
| | |
|
|
|---|---|
|
|
| **Severity** | HIGH |
|
|
| **Category** | human-agent interaction |
|
|
| **Drafts in category** | 57 |
|
|
|
|
No standard defines how autonomous agents should provide real-time explanations of their decision-making to humans during operation. Current explainable AI frameworks are post-hoc rather than interactive.
|
|
|
|
**Evidence:** Regulatory requirements emerging in EU AI Act and similar legislation demand real-time explainability for high-risk AI systems
|
|
|
|
### Related Drafts
|
|
|
|
**Keyword matches** (drafts mentioning gap topic):
|
|
|
|
- [draft-an-nmrg-i2icf-cits](https://datatracker.ietf.org/doc/draft-an-nmrg-i2icf-cits/) (score 3.7) — Interface to In-Network Computing Functions for Cooperative Intelligent Transpor
|
|
- [draft-zhao-detnet-enhanced-use-cases](https://datatracker.ietf.org/doc/draft-zhao-detnet-enhanced-use-cases/) (score 3.2) — Enhanced Use Cases for Scaling Deterministic Networks
|
|
- [draft-zhang-rvp-problem-statement](https://datatracker.ietf.org/doc/draft-zhang-rvp-problem-statement/) (score 3.5) — Problem Statements and Requirements of Real-Virtual Agent Protocol (RVP): Commun
|
|
- [draft-yuan-rtgwg-traffic-agent-usecase](https://datatracker.ietf.org/doc/draft-yuan-rtgwg-traffic-agent-usecase/) (score 3.7) — Use cases of the AI Network Traffic Optimization Agent
|
|
- [draft-altanai-aipref-realtime-protocol-bindings](https://datatracker.ietf.org/doc/draft-altanai-aipref-realtime-protocol-bindings/) (score 3.6) — AI Preferences for Real-Time Protocol Bindings
|
|
- [draft-zheng-agent-identity-management](https://datatracker.ietf.org/doc/draft-zheng-agent-identity-management/) (score 3.7) — Agent Identity Managenment
|
|
|
|
**Top-rated in human-agent interaction** (57 drafts):
|
|
|
|
- [draft-drake-email-tpm-attestation](https://datatracker.ietf.org/doc/draft-drake-email-tpm-attestation/) (4.6) — Defines hardware attestation for email using TPM verification chains to prevent spam and provide Syb
|
|
- [iso-37181-2022](https://datatracker.ietf.org/doc/iso-37181-2022/) (4.5) — Establishes guidelines for introducing and organizing autonomous vehicles on public roads. Addresses
|
|
- [iso-pas-8800-2024](https://datatracker.ietf.org/doc/iso-pas-8800-2024/) (4.5) — Addresses safety-related E/E systems using AI technology in series-production road vehicles, coverin
|
|
- [draft-ietf-aipref-vocab](https://datatracker.ietf.org/doc/draft-ietf-aipref-vocab/) (4.4) — Defines a standardized vocabulary for expressing preferences about how digital assets should be used
|
|
- [iso-iec-ts-6254-2025](https://datatracker.ietf.org/doc/iso-iec-ts-6254-2025/) (4.4) — Provides approaches for achieving explainability and interpretability of ML and AI systems across li
|
|
|
|
### Partially Addressing Ideas
|
|
|
|
13 extracted ideas touch on this gap:
|
|
|
|
| Idea | Draft | Type |
|
|
|------|-------|------|
|
|
| AI Network Security Agent | draft-yuan-rtgwg-security-agent-usecase | architecture |
|
|
| A2A Protocol Transport over MOQT | draft-a2a-moqt-transport | protocol |
|
|
| Distributed AI Accountability Protocol | draft-aylward-daap-v2 | protocol |
|
|
| Post-Discovery Authorization Handshake | draft-barney-caam | protocol |
|
|
| Evidence-based Autonomy Maturity Model | draft-berlinai-vera | mechanism |
|
|
| Intent-Based Just-in-Time Authorization | draft-chen-agent-decoupled-authorization-model | architecture |
|
|
| Dynamic Behavior-Based Authentication and Authorization Requirements | draft-chen-ai-agent-auth-new-requirements | requirement |
|
|
| Dynamic Task Coordination Requirements for AI Agents | draft-cui-ai-agent-task | requirement |
|
|
|
|
*...and 5 more*
|
|
|
|
---
|
|
|
|
## 6. Multi-Agent Conflict Resolution
|
|
|
|
| | |
|
|
|---|---|
|
|
| **Severity** | HIGH |
|
|
| **Category** | A2A protocols |
|
|
| **Drafts in category** | 157 |
|
|
|
|
No protocol exists for resolving conflicts when multiple autonomous agents have competing objectives or try to access the same resources simultaneously. Current A2A protocols assume cooperative scenarios.
|
|
|
|
**Evidence:** Multi-agent systems in production environments frequently deadlock or exhibit emergent adversarial behavior
|
|
|
|
### Related Drafts
|
|
|
|
**Keyword matches** (drafts mentioning gap topic):
|
|
|
|
- [draft-li-dmsc-mcps-agw](https://datatracker.ietf.org/doc/draft-li-dmsc-mcps-agw/) (score 3.5) — Multi-agent Collaboration Protocol Suite based on Agent Gateway
|
|
- [draft-li-dmsc-inf-architecture](https://datatracker.ietf.org/doc/draft-li-dmsc-inf-architecture/) (score 3.1) — Dynamic Multi-agent Secured Collaboration Infrastructure Architecture
|
|
- [draft-yue-anima-agent-recovery-networks](https://datatracker.ietf.org/doc/draft-yue-anima-agent-recovery-networks/) (score 4.1) — Task-Oriented Multi-Agent Recovery Framework for High-Reliability in Converged M
|
|
- [draft-chang-agent-context-interaction](https://datatracker.ietf.org/doc/draft-chang-agent-context-interaction/) (score 2.9) — Agent Context Interaction Optimizations
|
|
- [draft-fu-nmop-agent-communication-framework](https://datatracker.ietf.org/doc/draft-fu-nmop-agent-communication-framework/) (score 3.0) — Agent Communication Framework for Network AIOps
|
|
- [draft-jurkovikj-httpapi-agentic-state](https://datatracker.ietf.org/doc/draft-jurkovikj-httpapi-agentic-state/) (score 3.9) — HTTP Profile for Synchronized Resource State (Agentic State Transfer)
|
|
|
|
**Top-rated in A2A protocols** (157 drafts):
|
|
|
|
- [draft-guy-bary-stamp-protocol](https://datatracker.ietf.org/doc/draft-guy-bary-stamp-protocol/) (4.6) — Defines STAMP protocol for cryptographic delegation and proof in AI agent systems. Provides task-bou
|
|
- [draft-williams-netmod-lm-hierarchy-topology](https://datatracker.ietf.org/doc/draft-williams-netmod-lm-hierarchy-topology/) (4.6) — Defines YANG data model for hierarchical language model coordination across tiny, small, and large L
|
|
- [draft-ietf-lake-edhoc](https://datatracker.ietf.org/doc/draft-ietf-lake-edhoc/) (4.6) — Specifies EDHOC, a compact authenticated Diffie-Hellman key exchange protocol for constrained enviro
|
|
- [draft-chang-agent-token-efficient](https://datatracker.ietf.org/doc/draft-chang-agent-token-efficient/) (4.5) — Defines ADOL (Agentic Data Optimization Layer) to address token bloat in agent communication protoco
|
|
- [iso-23725-2024](https://datatracker.ietf.org/doc/iso-23725-2024/) (4.4) — Defines interoperability interfaces between fleet management and autonomous haulage systems in surfa
|
|
|
|
### Partially Addressing Ideas
|
|
|
|
No directly related technical ideas found in current drafts — this gap is entirely unaddressed.
|
|
|
|
---
|
|
|
|
## 7. Inter-Standards-Body Protocol Bridging
|
|
|
|
| | |
|
|
|---|---|
|
|
| **Severity** | HIGH |
|
|
| **Category** | data formats/interop |
|
|
| **Drafts in category** | 214 |
|
|
|
|
Protocols developed by different standards bodies (IETF, ITU-T, ISO) cannot interoperate, creating silos where agents using ITU-T frameworks cannot communicate with those following IETF protocols.
|
|
|
|
**Evidence:** Enterprise environments need single agents to work across telecom networks (ITU-T), internet protocols (IETF), and industrial systems (ISO)
|
|
|
|
### Related Drafts
|
|
|
|
**Keyword matches** (drafts mentioning gap topic):
|
|
|
|
- [draft-cui-nmrg-auto-test](https://datatracker.ietf.org/doc/draft-cui-nmrg-auto-test/) (score 3.6) — Framework and Automation Levels for AI-Assisted Network Protocol Testing
|
|
- [draft-cosmos-protocol-specification](https://datatracker.ietf.org/doc/draft-cosmos-protocol-specification/) (score 3.3) — The Cosmos Protocol Specification (Trust-Native Semantic Protocol)
|
|
- [draft-tu-nmrg-blockchain-trusted-protocol](https://datatracker.ietf.org/doc/draft-tu-nmrg-blockchain-trusted-protocol/) (score 1.8) — A Blockchain Trusted Protocol for Intelligent Communication Network
|
|
- [draft-yang-ioa-protocol](https://datatracker.ietf.org/doc/draft-yang-ioa-protocol/) (score 3.6) — Internet of Agents Protocol (IoA Protocol) for Heterogeneous Agent Collaboration
|
|
- [draft-yang-dmsc-ioa-task-protocol](https://datatracker.ietf.org/doc/draft-yang-dmsc-ioa-task-protocol/) (score 3.0) — Internet of Agents Task Protocol (IoA Task Protocol) for Heterogeneous Agent Col
|
|
- [draft-song-dmsc-problem-statement](https://datatracker.ietf.org/doc/draft-song-dmsc-problem-statement/) (score 3.0) — Problem Statement and Requirements for Dynamic Multi-agent Secured Collaboration
|
|
|
|
**Top-rated in data formats/interop** (214 drafts):
|
|
|
|
- [draft-cowles-volt](https://datatracker.ietf.org/doc/draft-cowles-volt/) (4.8) — Defines tamper-evident execution trace format for AI agent workflows using hash chains and cryptogra
|
|
- [itu-t-y-3172](https://datatracker.ietf.org/doc/itu-t-y-3172/) (4.7) — Establishes comprehensive architectural framework for machine learning deployment in future networks
|
|
- [iso-iec-22989-2022](https://datatracker.ietf.org/doc/iso-iec-22989-2022/) (4.7) — ISO/IEC standard defining core AI concepts and establishing standardized terminology across the fiel
|
|
- [draft-williams-netmod-lm-hierarchy-topology](https://datatracker.ietf.org/doc/draft-williams-netmod-lm-hierarchy-topology/) (4.6) — Defines YANG data model for hierarchical language model coordination across tiny, small, and large L
|
|
- [draft-ietf-lake-app-profiles](https://datatracker.ietf.org/doc/draft-ietf-lake-app-profiles/) (4.6) — Defines canonical CBOR representation for EDHOC application profiles and coordination mechanisms for
|
|
|
|
### Partially Addressing Ideas
|
|
|
|
No directly related technical ideas found in current drafts — this gap is entirely unaddressed.
|
|
|
|
---
|
|
|
|
## 8. Agent Behavioral Audit Trails
|
|
|
|
| | |
|
|
|---|---|
|
|
| **Severity** | HIGH |
|
|
| **Category** | policy/governance |
|
|
| **Drafts in category** | 214 |
|
|
|
|
Missing standards for maintaining immutable logs of agent decisions and actions that can support forensic analysis and regulatory compliance. Current logging focuses on system events not decision rationale.
|
|
|
|
**Evidence:** Financial and healthcare regulations require detailed audit trails, but AI systems cannot provide decision-level accountability
|
|
|
|
### Related Drafts
|
|
|
|
**Keyword matches** (drafts mentioning gap topic):
|
|
|
|
- [draft-zheng-agent-identity-management](https://datatracker.ietf.org/doc/draft-zheng-agent-identity-management/) (score 3.7) — Agent Identity Managenment
|
|
- [draft-zheng-dispatch-agent-identity-management](https://datatracker.ietf.org/doc/draft-zheng-dispatch-agent-identity-management/) (score 3.3) — Agent Identity Managenment
|
|
- [draft-li-dmsc-macp](https://datatracker.ietf.org/doc/draft-li-dmsc-macp/) (score 4.2) — Multi-agent Collaboration Protocol Suite
|
|
- [draft-fu-nmop-agent-communication-framework](https://datatracker.ietf.org/doc/draft-fu-nmop-agent-communication-framework/) (score 3.0) — Agent Communication Framework for Network AIOps
|
|
- [draft-zyyhl-agent-networks-framework](https://datatracker.ietf.org/doc/draft-zyyhl-agent-networks-framework/) (score 3.6) — Framework for AI Agent Networks
|
|
- [draft-kamimura-rats-behavioral-evidence](https://datatracker.ietf.org/doc/draft-kamimura-rats-behavioral-evidence/) (score 3.0) — On the Relationship Between Remote Attestation and Behavioral Evidence Recording
|
|
|
|
**Top-rated in policy/governance** (214 drafts):
|
|
|
|
- [draft-cowles-volt](https://datatracker.ietf.org/doc/draft-cowles-volt/) (4.8) — Defines tamper-evident execution trace format for AI agent workflows using hash chains and cryptogra
|
|
- [draft-aylward-daap-v2](https://datatracker.ietf.org/doc/draft-aylward-daap-v2/) (4.8) — Defines comprehensive protocol for AI agent accountability including authentication, monitoring, and
|
|
- [itu-t-y-3172](https://datatracker.ietf.org/doc/itu-t-y-3172/) (4.7) — Establishes comprehensive architectural framework for machine learning deployment in future networks
|
|
- [iso-iec-22989-2022](https://datatracker.ietf.org/doc/iso-iec-22989-2022/) (4.7) — ISO/IEC standard defining core AI concepts and establishing standardized terminology across the fiel
|
|
- [iso-iec-42001-2023](https://datatracker.ietf.org/doc/iso-iec-42001-2023/) (4.6) — ISO/IEC standard establishing comprehensive AI management system requirements covering governance, r
|
|
|
|
### Partially Addressing Ideas
|
|
|
|
9 extracted ideas touch on this gap:
|
|
|
|
| Idea | Draft | Type |
|
|
|------|-------|------|
|
|
| Compliance-oriented agent memory model | draft-gaikwad-aps-profile | pattern |
|
|
| Delegated Agent Authorization Protocol | draft-mishra-oauth-agent-grants | protocol |
|
|
| Distributed AI Accountability Protocol | draft-aylward-daap-v2 | protocol |
|
|
| Verifiable Agent Conversation Format | draft-birkholz-verifiable-agent-conversations | protocol |
|
|
| Intent-Based Just-in-Time Authorization | draft-chen-agent-decoupled-authorization-model | architecture |
|
|
| Dynamic Behavior-Based Authentication and Authorization Requirements | draft-chen-ai-agent-auth-new-requirements | requirement |
|
|
| Agent Persistent State Profile | draft-gaikwad-aps-profile | architecture |
|
|
| Agent Interaction & Delegation Protocol | draft-vandoulas-aidp | protocol |
|
|
|
|
*...and 1 more*
|
|
|
|
---
|
|
|
|
## 9. Agent Resource Consumption Limits
|
|
|
|
| | |
|
|
|---|---|
|
|
| **Severity** | MEDIUM |
|
|
| **Category** | autonomous netops |
|
|
| **Drafts in category** | 124 |
|
|
|
|
Missing standards for how agents should self-regulate computational, network, and energy resource usage to prevent runaway consumption. Current traffic management focuses on traditional workloads, not autonomous agent behavior patterns.
|
|
|
|
**Evidence:** Early agent deployments show unpredictable resource usage spikes that can destabilize infrastructure
|
|
|
|
### Related Drafts
|
|
|
|
**Keyword matches** (drafts mentioning gap topic):
|
|
|
|
- [draft-zheng-agent-identity-management](https://datatracker.ietf.org/doc/draft-zheng-agent-identity-management/) (score 3.7) — Agent Identity Managenment
|
|
- [draft-zheng-dispatch-agent-identity-management](https://datatracker.ietf.org/doc/draft-zheng-dispatch-agent-identity-management/) (score 3.3) — Agent Identity Managenment
|
|
- [draft-li-dmsc-macp](https://datatracker.ietf.org/doc/draft-li-dmsc-macp/) (score 4.2) — Multi-agent Collaboration Protocol Suite
|
|
- [draft-fu-nmop-agent-communication-framework](https://datatracker.ietf.org/doc/draft-fu-nmop-agent-communication-framework/) (score 3.0) — Agent Communication Framework for Network AIOps
|
|
- [draft-zyyhl-agent-networks-framework](https://datatracker.ietf.org/doc/draft-zyyhl-agent-networks-framework/) (score 3.6) — Framework for AI Agent Networks
|
|
- [draft-jia-oauth-scope-aggregation](https://datatracker.ietf.org/doc/draft-jia-oauth-scope-aggregation/) (score 3.5) — OAuth 2.0 Scope Aggregation for Multi-Step AI Agent Workflows
|
|
|
|
**Top-rated in autonomous netops** (124 drafts):
|
|
|
|
- [itu-t-y-3172](https://datatracker.ietf.org/doc/itu-t-y-3172/) (4.7) — Establishes comprehensive architectural framework for machine learning deployment in future networks
|
|
- [iso-pas-8800-2024](https://datatracker.ietf.org/doc/iso-pas-8800-2024/) (4.5) — Addresses safety-related E/E systems using AI technology in series-production road vehicles, coverin
|
|
- [draft-cui-nmrg-llm-benchmark](https://datatracker.ietf.org/doc/draft-cui-nmrg-llm-benchmark/) (4.3) — Provides comprehensive evaluation framework for LLM-based network configuration agents. Includes emu
|
|
- [iso-22733-1-2021](https://datatracker.ietf.org/doc/iso-22733-1-2021/) (4.3) — Specifies test methodology for evaluating autonomous emergency braking system performance in car-to-
|
|
- [draft-wmz-nmrg-agent-ndt-arch](https://datatracker.ietf.org/doc/draft-wmz-nmrg-agent-ndt-arch/) (4.2) — Comprehensive architecture combining Network Digital Twin with Agentic AI for intent-based network o
|
|
|
|
### Partially Addressing Ideas
|
|
|
|
12 extracted ideas touch on this gap:
|
|
|
|
| Idea | Draft | Type |
|
|
|------|-------|------|
|
|
| SCIM 2.0 Extension for Agents and Agentic Applications | draft-abbey-scim-agent-extension | extension |
|
|
| Context Distribution Optimization Framework | draft-chang-agent-context-interaction | mechanism |
|
|
| Events Query Protocol | draft-gupta-httpapi-events-query | protocol |
|
|
| Micro Agent Communication Protocol (µACP) | draft-mallick-muacp | protocol |
|
|
| MOQT Binding for A2A and MCP Protocols | draft-nandakumar-ai-agent-moq-transport | extension |
|
|
| AI Agent Protocol Requirements | draft-rosenberg-ai-protocols | requirement |
|
|
| SCIM 2.0 Agent Extension | draft-scim-agent-extension | extension |
|
|
| Authorized Connection Policy Framework | draft-steckbeck-ua-conn-sec | mechanism |
|
|
|
|
*...and 4 more*
|
|
|
|
---
|
|
|
|
## 10. Agent Training Data Provenance Tracking
|
|
|
|
| | |
|
|
|---|---|
|
|
| **Severity** | MEDIUM |
|
|
| **Category** | data formats/interop |
|
|
| **Drafts in category** | 214 |
|
|
|
|
Missing standards for tracking the lineage and provenance of training data as it flows between agents and gets updated through federated learning or agent interactions.
|
|
|
|
**Evidence:** Data protection regulations require knowing data sources, but current AI systems cannot trace training data origins
|
|
|
|
### Related Drafts
|
|
|
|
**Keyword matches** (drafts mentioning gap topic):
|
|
|
|
- [draft-zheng-agent-identity-management](https://datatracker.ietf.org/doc/draft-zheng-agent-identity-management/) (score 3.7) — Agent Identity Managenment
|
|
- [draft-zheng-dispatch-agent-identity-management](https://datatracker.ietf.org/doc/draft-zheng-dispatch-agent-identity-management/) (score 3.3) — Agent Identity Managenment
|
|
- [draft-li-dmsc-macp](https://datatracker.ietf.org/doc/draft-li-dmsc-macp/) (score 4.2) — Multi-agent Collaboration Protocol Suite
|
|
- [draft-fu-nmop-agent-communication-framework](https://datatracker.ietf.org/doc/draft-fu-nmop-agent-communication-framework/) (score 3.0) — Agent Communication Framework for Network AIOps
|
|
- [draft-zyyhl-agent-networks-framework](https://datatracker.ietf.org/doc/draft-zyyhl-agent-networks-framework/) (score 3.6) — Framework for AI Agent Networks
|
|
- [draft-akhavain-moussa-ai-network](https://datatracker.ietf.org/doc/draft-akhavain-moussa-ai-network/) (score 3.9) — AI Network for Training, Inference, and Agentic Interactions
|
|
|
|
**Top-rated in data formats/interop** (214 drafts):
|
|
|
|
- [draft-cowles-volt](https://datatracker.ietf.org/doc/draft-cowles-volt/) (4.8) — Defines tamper-evident execution trace format for AI agent workflows using hash chains and cryptogra
|
|
- [itu-t-y-3172](https://datatracker.ietf.org/doc/itu-t-y-3172/) (4.7) — Establishes comprehensive architectural framework for machine learning deployment in future networks
|
|
- [iso-iec-22989-2022](https://datatracker.ietf.org/doc/iso-iec-22989-2022/) (4.7) — ISO/IEC standard defining core AI concepts and establishing standardized terminology across the fiel
|
|
- [draft-williams-netmod-lm-hierarchy-topology](https://datatracker.ietf.org/doc/draft-williams-netmod-lm-hierarchy-topology/) (4.6) — Defines YANG data model for hierarchical language model coordination across tiny, small, and large L
|
|
- [draft-ietf-lake-app-profiles](https://datatracker.ietf.org/doc/draft-ietf-lake-app-profiles/) (4.6) — Defines canonical CBOR representation for EDHOC application profiles and coordination mechanisms for
|
|
|
|
### Partially Addressing Ideas
|
|
|
|
30 extracted ideas touch on this gap:
|
|
|
|
| Idea | Draft | Type |
|
|
|------|-------|------|
|
|
| EAT Profile for AI Agent Attestation | draft-messous-eat-ai | extension |
|
|
| Warrant Certificate Authority (WCA) | draft-bondar-wca | architecture |
|
|
| Blockchain-Anchored Integrity for AI Provenance | draft-reilly-sentinel-protocol | mechanism |
|
|
| AI Traffic Characterization Framework | draft-aft-ai-traffic | requirement |
|
|
| AI Traffic Characterization Framework | draft-ai-traffic | requirement |
|
|
| Network Architecture for AI Training and Inference | draft-akhavain-moussa-ai-network | architecture |
|
|
| Verifiable Agent Conversation Format | draft-birkholz-verifiable-agent-conversations | protocol |
|
|
| Agentic Data Optimization Layer (ADOL) | draft-chang-agent-token-efficient | protocol |
|
|
|
|
*...and 22 more*
|
|
|
|
---
|
|
|
|
## 11. Agent-Generated Content Attribution
|
|
|
|
| | |
|
|
|---|---|
|
|
| **Severity** | MEDIUM |
|
|
| **Category** | data formats/interop |
|
|
| **Drafts in category** | 214 |
|
|
|
|
Missing technical standards for embedding cryptographic attribution in content created by agents, enabling detection of AI-generated text, code, or decisions. Current synthetic content guidance lacks implementation details.
|
|
|
|
**Evidence:** Need to distinguish agent-generated content from human-generated for legal, security, and quality assurance purposes
|
|
|
|
### Related Drafts
|
|
|
|
**Keyword matches** (drafts mentioning gap topic):
|
|
|
|
- [draft-romanchuk-normative-admissibility](https://datatracker.ietf.org/doc/draft-romanchuk-normative-admissibility/) (score 3.4) — Normative Admissibility Framework for Agent Speech Acts
|
|
- [draft-li-semantic-routing-architecture](https://datatracker.ietf.org/doc/draft-li-semantic-routing-architecture/) (score 3.6) — Semantic Routing Architecture for AI Agents Communication
|
|
- [draft-cui-nmrg-llm-nm](https://datatracker.ietf.org/doc/draft-cui-nmrg-llm-nm/) (score 4.1) — A Framework for LLM Agent-Assisted Network Management with Human-in-the-Loop
|
|
- [draft-mpsb-agntcy-messaging](https://datatracker.ietf.org/doc/draft-mpsb-agntcy-messaging/) (score 2.6) — An Overview of Messaging Systems and Their Applicability to Agentic AI
|
|
- [draft-bondar-wca](https://datatracker.ietf.org/doc/draft-bondar-wca/) (score 3.9) — Warrant Certificate Authorities (WCA): Auditable Data Provenance for AI-Agent To
|
|
- [draft-it-aipref-attachment](https://datatracker.ietf.org/doc/draft-it-aipref-attachment/) (score 3.2) — Indicating Preferences Regarding Content Usage
|
|
|
|
**Top-rated in data formats/interop** (214 drafts):
|
|
|
|
- [draft-cowles-volt](https://datatracker.ietf.org/doc/draft-cowles-volt/) (4.8) — Defines tamper-evident execution trace format for AI agent workflows using hash chains and cryptogra
|
|
- [itu-t-y-3172](https://datatracker.ietf.org/doc/itu-t-y-3172/) (4.7) — Establishes comprehensive architectural framework for machine learning deployment in future networks
|
|
- [iso-iec-22989-2022](https://datatracker.ietf.org/doc/iso-iec-22989-2022/) (4.7) — ISO/IEC standard defining core AI concepts and establishing standardized terminology across the fiel
|
|
- [draft-williams-netmod-lm-hierarchy-topology](https://datatracker.ietf.org/doc/draft-williams-netmod-lm-hierarchy-topology/) (4.6) — Defines YANG data model for hierarchical language model coordination across tiny, small, and large L
|
|
- [draft-ietf-lake-app-profiles](https://datatracker.ietf.org/doc/draft-ietf-lake-app-profiles/) (4.6) — Defines canonical CBOR representation for EDHOC application profiles and coordination mechanisms for
|
|
|
|
### Partially Addressing Ideas
|
|
|
|
No directly related technical ideas found in current drafts — this gap is entirely unaddressed.
|
|
|
|
---
|
|
|
|
## Cross-Cutting Analysis
|
|
|
|
### Gaps by Category
|
|
|
|
| Category | Drafts | Gaps | Gap Topics |
|
|
|----------|-------:|-----:|------------|
|
|
| a2a protocols | 157 | 1 | Multi-Agent Conflict Resolution |
|
|
| agent identity/auth | 160 | 1 | Cross-Domain Agent Identity Portability |
|
|
| ai safety/alignment | 112 | 2 | Agent Capability Degradation Detection; Emergency Agent Override Protocols |
|
|
| autonomous netops | 124 | 1 | Agent Resource Consumption Limits |
|
|
| data formats/interop | 214 | 3 | Inter-Standards-Body Protocol Bridging; Agent Training Data Provenance Tracking; Agent-Generated Content Attribution |
|
|
| human-agent interaction | 57 | 1 | Real-Time Agent Behavior Explanation |
|
|
| policy/governance | 214 | 2 | Agent Legal Liability Framework; Agent Behavioral Audit Trails |
|
|
|
|
## Recommendations
|
|
|
|
Based on the gap analysis, the highest-impact areas for new standardization work:
|
|
|
|
1. **Runtime behavior verification** — The most critical safety gap. Agents declare policies but nothing validates compliance at runtime.
|
|
2. **Error recovery and rollback** — Autonomous operations need standardized failure handling before real deployment at scale.
|
|
3. **Protocol interoperability layer** — 92 competing A2A protocols need a translation/negotiation framework to avoid fragmentation.
|
|
4. **Dynamic trust systems** — Static certificates cannot scale to long-running agent ecosystems. Trust must be earned and revocable.
|
|
5. **Human emergency override** — The 7:1 ratio of autonomous capability to human oversight drafts is concerning for production deployments. |