Christian Nennemann
e247bfef8f
Pipeline: - Extract ideas for 38 new drafts → 462 ideas total - Convergence analysis: 132 cross-org convergent ideas (33% rate) - Fetch authors for 102 drafts → 709 authors (up from 403) - Refresh gap analysis: 12 gaps across full 474-draft corpus - Update verified counts with new totals Post 08: - Complete rewrite of "Agents Building the Agent Analysis" (2,953 words) - Covers 3 phases: writing team → review cycle → fix cycle - Meta-irony table mapping team coordination to IETF gap names - Specific examples from dev journal (SQL injection, consent conflation, ideas mismatch) Untracked files committed: - scripts/: backfill-wg-names, classify-unrated, compare-classifiers, download-relevant-text, run-webui - src/ietf_analyzer/classifier.py: two-stage Ollama classifier - src/webui/: analytics (GDPR-compliant), auth, obsidian_export - tests/test_obsidian_export.py (10 tests) - data/reports/: wg-analysis, generated draft for gap #37 Housekeeping: - .gitignore: exclude LaTeX artifacts, stale DBs, analytics.db Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
37 KiB
Gap Analysis: IETF AI/Agent Draft Landscape
Generated 2026-03-08 14:30 UTC — analyzing 474 drafts, 462 technical ideas
Overview
This report identifies 12 gaps — areas, problems, or technical challenges not adequately addressed by the current 474 IETF AI/agent drafts. Each gap is cross-referenced with related drafts and extracted technical ideas to show partial coverage.
| Severity | Count |
|---|---|
| CRITICAL | 3 |
| HIGH | 6 |
| MEDIUM | 3 |
Safety Deficit
Only 46 of 474 drafts address AI safety/alignment, while 150 focus on A2A protocols and 110 on autonomous operations. The ratio of capability-building to safety is roughly 5:1.
1. Real-time Agent Behavior Verification
| Severity | CRITICAL |
| Category | AI safety/alignment |
| Drafts in category | 46 |
Current AI safety drafts focus on governance but lack technical protocols for real-time verification that agents are behaving according to their declared policies. There's no standard way to cryptographically prove agent actions match stated intentions.
Evidence: Only 46 safety drafts versus 474 total, with governance focus rather than technical verification
Related Drafts
Keyword matches (drafts mentioning gap topic):
- draft-an-nmrg-i2icf-cits (score 3.7) — Interface to In-Network Computing Functions for Cooperative Intelligent Transpor
- draft-zhao-detnet-enhanced-use-cases (score 3.2) — Enhanced Use Cases for Scaling Deterministic Networks
- draft-zhang-rvp-problem-statement (score 3.5) — Problem Statements and Requirements of Real-Virtual Agent Protocol (RVP): Commun
- draft-yuan-rtgwg-traffic-agent-usecase (score 3.7) — Use cases of the AI Network Traffic Optimization Agent
- draft-altanai-aipref-realtime-protocol-bindings (score 3.6) — AI Preferences for Real-Time Protocol Bindings
- draft-zheng-agent-identity-management (score 3.7) — Agent Identity Managenment
Top-rated in AI safety/alignment (46 drafts):
- draft-cowles-volt (4.8) — Defines tamper-evident execution trace format for AI agent workflows using hash chains and cryptogra
- draft-aylward-daap-v2 (4.8) — Defines comprehensive protocol for AI agent accountability including authentication, monitoring, and
- draft-guy-bary-stamp-protocol (4.6) — Defines STAMP protocol for cryptographic delegation and proof in AI agent systems. Provides task-bou
- draft-drake-email-tpm-attestation (4.6) — Defines hardware attestation for email using TPM verification chains to prevent spam and provide Syb
- draft-goswami-agentic-jwt (4.5) — Extends OAuth 2.0 with Agentic JWT to address authorization challenges in autonomous AI systems. Int
Partially Addressing Ideas
17 extracted ideas touch on this gap:
| Idea | Draft | Type |
|---|---|---|
| Distributed AI Accountability Protocol | draft-aylward-daap-v2 | protocol |
| AGENTS.TXT Policy File | draft-srijal-agents-policy | protocol |
| AI Network Security Agent | draft-yuan-rtgwg-security-agent-usecase | architecture |
| A2A Protocol Transport over MOQT | draft-a2a-moqt-transport | protocol |
| Post-Discovery Authorization Handshake | draft-barney-caam | protocol |
| Evidence-based Autonomy Maturity Model | draft-berlinai-vera | mechanism |
| Verifiable Agent Conversation Format | draft-birkholz-verifiable-agent-conversations | protocol |
| Intent-Based Just-in-Time Authorization | draft-chen-agent-decoupled-authorization-model | architecture |
...and 9 more
2. Multi-Agent Consensus Under Byzantine Conditions
| Severity | CRITICAL |
| Category | A2A protocols |
| Drafts in category | 150 |
While agent discovery and A2A protocols exist, there's no framework for handling consensus when some agents may be compromised or malicious. Critical for autonomous systems making collective decisions.
Evidence: Complex autonomous systems require Byzantine fault tolerance but it's absent from protocol designs
Related Drafts
Keyword matches (drafts mentioning gap topic):
- draft-li-dmsc-mcps-agw (score 3.5) — Multi-agent Collaboration Protocol Suite based on Agent Gateway
- draft-li-dmsc-inf-architecture (score 3.1) — Dynamic Multi-agent Secured Collaboration Infrastructure Architecture
- draft-yue-anima-agent-recovery-networks (score 4.1) — Task-Oriented Multi-Agent Recovery Framework for High-Reliability in Converged M
- draft-chang-agent-context-interaction (score 2.9) — Agent Context Interaction Optimizations
- draft-fu-nmop-agent-communication-framework (score 3.0) — Agent Communication Framework for Network AIOps
- draft-ramakrishna-satp-views-addresses (score 3.4) — Views and View Addresses for Secure Asset Transfer
Top-rated in A2A protocols (150 drafts):
- draft-guy-bary-stamp-protocol (4.6) — Defines STAMP protocol for cryptographic delegation and proof in AI agent systems. Provides task-bou
- draft-williams-netmod-lm-hierarchy-topology (4.6) — Defines YANG data model for hierarchical language model coordination across tiny, small, and large L
- draft-ietf-lake-edhoc (4.6) — Specifies EDHOC, a compact authenticated Diffie-Hellman key exchange protocol for constrained enviro
- draft-chang-agent-token-efficient (4.5) — Defines ADOL (Agentic Data Optimization Layer) to address token bloat in agent communication protoco
- draft-chen-oauth-rar-agent-extensions (4.2) — Extends OAuth RAR with policy_context and lifecycle_binding members for AI agent environments. Enabl
Partially Addressing Ideas
2 extracted ideas touch on this gap:
| Idea | Draft | Type |
|---|---|---|
| ASRank Structural Vulnerability Analysis | draft-xu-sidrops-asrank-vulnerabilities | requirement |
| MCP and A2A Complementary Solutions for Network Management | draft-zeng-opsawg-applicability-mcp-a2a | architecture |
3. Emergency Agent Shutdown Coordination
| Severity | CRITICAL |
| Category | AI safety/alignment |
| Drafts in category | 46 |
Missing protocols for coordinated emergency shutdown of autonomous agent networks when safety issues are detected. Individual agent controls exist but not network-wide coordination mechanisms.
Evidence: Human-in-the-loop drafts exist but no emergency coordination protocols for autonomous systems
Related Drafts
Keyword matches (drafts mentioning gap topic):
- draft-aylward-daap-v2 (score 4.8) — Distributed AI Accountability Protocol (DAAP) Version 2.0
- draft-khatri-sipcore-call-transfer-fail-response (score 3.3) — A SIP Response Code (497) for Call Transfer Failure
- draft-cui-dmsc-agent-cdi (score 3.0) — Cross-Domain Interoperability Framework for AI Agent Collaboration
- draft-yu-ai-agent-use-cases-in-6g (score 2.5) — AI Agent Use Cases and Requirements in 6G Network
- draft-zhang-rvp-problem-statement (score 3.5) — Problem Statements and Requirements of Real-Virtual Agent Protocol (RVP): Commun
- draft-zheng-agent-identity-management (score 3.7) — Agent Identity Managenment
Top-rated in AI safety/alignment (46 drafts):
- draft-cowles-volt (4.8) — Defines tamper-evident execution trace format for AI agent workflows using hash chains and cryptogra
- draft-aylward-daap-v2 (4.8) — Defines comprehensive protocol for AI agent accountability including authentication, monitoring, and
- draft-guy-bary-stamp-protocol (4.6) — Defines STAMP protocol for cryptographic delegation and proof in AI agent systems. Provides task-bou
- draft-drake-email-tpm-attestation (4.6) — Defines hardware attestation for email using TPM verification chains to prevent spam and provide Syb
- draft-goswami-agentic-jwt (4.5) — Extends OAuth 2.0 with Agentic JWT to address authorization challenges in autonomous AI systems. Int
Partially Addressing Ideas
9 extracted ideas touch on this gap:
| Idea | Draft | Type |
|---|---|---|
| Distributed AI Accountability Protocol | draft-aylward-daap-v2 | protocol |
| Agentic network architecture for multi-agent coordination | draft-chuyi-nmrg-agentic-network-inference | architecture |
| Dynamic Task Coordination Requirements for AI Agents | draft-cui-ai-agent-task | requirement |
| Multi-Agent Communication Framework for AIOps | draft-fu-nmop-agent-communication-framework | architecture |
| Meta-Layer Coordination Substrate | draft-meta-layer-overview | architecture |
| Trinity Configuration for Agent Coordination | draft-takagi-srta-trinity | pattern |
| Internet of Agents Task Protocol for heterogeneous collaboration | draft-yang-dmsc-ioa-task-protocol | protocol |
| Task-Oriented Multi-Agent Recovery Framework | draft-yue-anima-agent-recovery-networks | architecture |
...and 1 more
4. Cross-Protocol Agent Migration
| Severity | HIGH |
| Category | A2A protocols |
| Drafts in category | 150 |
While A2A protocols exist, there's no standardized mechanism for agents to migrate between different protocol frameworks or service providers while maintaining state and identity. This creates vendor lock-in and limits agent portability across heterogeneous systems.
Evidence: 150 A2A protocol drafts with high overlap suggest fragmentation without migration solutions
Related Drafts
Keyword matches (drafts mentioning gap topic):
- draft-cowles-volt (score 4.8) — Verifiable Operations Ledger and Trace (VOLT) Protocol
- draft-han-ai-agent-impact-infra (score 2.3) — The Impact of AI Agent to Network Infrastructure
- draft-narajala-ans (score 4.2) — Agent Name Service (ANS): A Universal Directory for Secure AI Agent Discovery an
- draft-ietf-emu-eap-edhoc (score 3.2) — Using the Extensible Authentication Protocol (EAP) with Ephemeral Diffie-Hellman
- draft-howe-sipcore-mcp-extension (score 3.7) — SIP Extension for Model Context Protocol (MCP)
- draft-zheng-agent-identity-management (score 3.7) — Agent Identity Managenment
Top-rated in A2A protocols (150 drafts):
- draft-guy-bary-stamp-protocol (4.6) — Defines STAMP protocol for cryptographic delegation and proof in AI agent systems. Provides task-bou
- draft-williams-netmod-lm-hierarchy-topology (4.6) — Defines YANG data model for hierarchical language model coordination across tiny, small, and large L
- draft-ietf-lake-edhoc (4.6) — Specifies EDHOC, a compact authenticated Diffie-Hellman key exchange protocol for constrained enviro
- draft-chang-agent-token-efficient (4.5) — Defines ADOL (Agentic Data Optimization Layer) to address token bloat in agent communication protoco
- draft-chen-oauth-rar-agent-extensions (4.2) — Extends OAuth RAR with policy_context and lifecycle_binding members for AI agent environments. Enabl
Partially Addressing Ideas
No directly related technical ideas found in current drafts — this gap is entirely unaddressed.
5. Agent Resource Accounting and Billing
| Severity | HIGH |
| Category | new |
| Drafts in category | 0 |
No standardized protocols exist for tracking and billing computational resources consumed by autonomous agents across distributed systems. This is essential for commercial deployment but completely unaddressed.
Evidence: High focus on protocols and deployment but zero drafts addressing economic models
Related Drafts
Keyword matches (drafts mentioning gap topic):
- draft-zheng-agent-identity-management (score 3.7) — Agent Identity Managenment
- draft-li-dmsc-macp (score 4.2) — Multi-agent Collaboration Protocol Suite
- draft-zheng-dispatch-agent-identity-management (score 3.3) — Agent Identity Managenment
- draft-fu-nmop-agent-communication-framework (score 3.0) — Agent Communication Framework for Network AIOps
- draft-zyyhl-agent-networks-framework (score 3.6) — Framework for AI Agent Networks
- draft-jia-oauth-scope-aggregation (score 3.5) — OAuth 2.0 Scope Aggregation for Multi-Step AI Agent Workflows
Partially Addressing Ideas
8 extracted ideas touch on this gap:
| Idea | Draft | Type |
|---|---|---|
| SCIM 2.0 Extension for Agents and Agentic Applications | draft-abbey-scim-agent-extension | extension |
| Events Query Protocol | draft-gupta-httpapi-events-query | protocol |
| Micro Agent Communication Protocol (µACP) | draft-mallick-muacp | protocol |
| MOQT Binding for A2A and MCP Protocols | draft-nandakumar-ai-agent-moq-transport | extension |
| SCIM 2.0 Agent Extension | draft-scim-agent-extension | extension |
| Authorized Connection Policy Framework | draft-steckbeck-ua-conn-sec | mechanism |
| Agent Workflow Protocol Well-Known Resource | draft-vinaysingh-awp-wellknown | extension |
| AI Network Traffic Optimization Agent | draft-yuan-rtgwg-traffic-agent-usecase | architecture |
6. Agent Capability Advertisement Verification
| Severity | HIGH |
| Category | Agent discovery/reg |
| Drafts in category | 87 |
While agent discovery protocols exist, there's no way to cryptographically verify that advertised agent capabilities are accurate. Agents could falsely claim capabilities leading to system failures.
Evidence: 87 discovery drafts but no mention of capability verification mechanisms
Related Drafts
Keyword matches (drafts mentioning gap topic):
- draft-zheng-agent-identity-management (score 3.7) — Agent Identity Managenment
- draft-li-dmsc-macp (score 4.2) — Multi-agent Collaboration Protocol Suite
- draft-zheng-dispatch-agent-identity-management (score 3.3) — Agent Identity Managenment
- draft-fu-nmop-agent-communication-framework (score 3.0) — Agent Communication Framework for Network AIOps
- draft-zyyhl-agent-networks-framework (score 3.6) — Framework for AI Agent Networks
- draft-li-dmsc-inf-architecture (score 3.1) — Dynamic Multi-agent Secured Collaboration Infrastructure Architecture
Top-rated in Agent discovery/reg (87 drafts):
- draft-narajala-ans (4.2) — Introduces Agent Name Service (ANS) as a DNS-based universal directory for AI agent discovery and ve
- draft-li-dmsc-macp (4.2) — Specifies a comprehensive multi-agent collaboration protocol suite using Agent Gateways for registra
- draft-cui-dns-native-agent-naming-resolution (4.1) — Specifies DNS-native naming and resolution for AI agents using FQDNs and SVCB records. Emphasizes DN
- draft-nederveld-adl (4.1) — Defines ADL, a JSON-based standard for describing AI agents including their capabilities, tools, per
- draft-rosenberg-ai-protocols (4.1) — Establishes framework for AI agent communications on the Internet, surveying existing protocols like
Partially Addressing Ideas
25 extracted ideas touch on this gap:
| Idea | Draft | Type |
|---|---|---|
| DNS-based AI Agent Discovery | draft-mozleywilliams-dnsop-bandaid | mechanism |
| DNS namespace for AI agent discovery | draft-mozleywilliams-dnsop-dnsaid | mechanism |
| Agent Registration and Discovery Protocol | draft-pioli-agent-discovery | protocol |
| Intent-based Agent Interconnection Protocol | draft-sun-zhang-iaip | protocol |
| Capability Advertisement and Intent Resolution | draft-sz-dmsc-iaip | mechanism |
| Intelligent Agent Communication Gateway Architecture | draft-agent-gw | architecture |
| AI-Native Network Protocol (AINP) | draft-ainp-protocol | protocol |
| Distributed AI Accountability Protocol | draft-aylward-daap-v2 | protocol |
...and 17 more
7. Cross-Domain Agent Communication Security
| Severity | HIGH |
| Category | Agent identity/auth |
| Drafts in category | 145 |
Current identity/auth solutions don't address secure communication between agents operating in different security domains or trust boundaries. Critical for enterprise and government deployments.
Evidence: 145 identity drafts show awareness but cross-domain scenarios appear unaddressed
Related Drafts
Keyword matches (drafts mentioning gap topic):
- draft-diaconu-agents-authz-info-sharing (score 3.2) — Cross-Domain AuthZ Information sharing for Agents
- draft-cui-dmsc-agent-cdi (score 3.0) — Cross-Domain Interoperability Framework for AI Agent Collaboration
- draft-han-rtgwg-agent-gateway-intercomm-framework (score 3.6) — Agent Gateway Intercommunication Framework
- draft-ni-a2a-ai-agent-security-requirements (score 3.7) — Security Requirements for AI Agents
- draft-intellinode-ai-semantic-contract (score 3.2) — Semantic-Driven Traffic Shaping Contract for AI Networks
- draft-zheng-agent-identity-management (score 3.7) — Agent Identity Managenment
Top-rated in Agent identity/auth (145 drafts):
- draft-cowles-volt (4.8) — Defines tamper-evident execution trace format for AI agent workflows using hash chains and cryptogra
- draft-aylward-daap-v2 (4.8) — Defines comprehensive protocol for AI agent accountability including authentication, monitoring, and
- draft-guy-bary-stamp-protocol (4.6) — Defines STAMP protocol for cryptographic delegation and proof in AI agent systems. Provides task-bou
- draft-drake-email-tpm-attestation (4.6) — Defines hardware attestation for email using TPM verification chains to prevent spam and provide Syb
- draft-williams-netmod-lm-hierarchy-topology (4.6) — Defines YANG data model for hierarchical language model coordination across tiny, small, and large L
Partially Addressing Ideas
46 extracted ideas touch on this gap:
| Idea | Draft | Type |
|---|---|---|
| Centralized Gateway for Multi-Agent Communication | draft-song-dmsc-problem-statement | architecture |
| Multi-Tenant Policy Enforcement Infrastructure | draft-song-dmsc-problem-statement | architecture |
| Intelligent Agent Communication Gateway Architecture | draft-agent-gw | architecture |
| AI-Native Network Protocol (AINP) | draft-ainp-protocol | protocol |
| Agent-to-Agent Communication in Transportation Networks | draft-an-nmrg-i2icf-cits | pattern |
| Zero Trust Runtime Agent Architecture | draft-berlinai-vera | architecture |
| Agentic Data Optimization Layer (ADOL) | draft-chang-agent-token-efficient | protocol |
| Agentic network architecture for multi-agent coordination | draft-chuyi-nmrg-agentic-network-inference | architecture |
...and 38 more
8. Agent Performance Degradation Detection
| Severity | HIGH |
| Category | new |
| Drafts in category | 0 |
No standardized protocols exist for detecting when AI agents are experiencing model drift, adversarial attacks, or performance degradation. Essential for maintaining autonomous system reliability.
Evidence: ML traffic management exists but not agent health monitoring standards
Related Drafts
Keyword matches (drafts mentioning gap topic):
- draft-zheng-agent-identity-management (score 3.7) — Agent Identity Managenment
- draft-li-dmsc-macp (score 4.2) — Multi-agent Collaboration Protocol Suite
- draft-zheng-dispatch-agent-identity-management (score 3.3) — Agent Identity Managenment
- draft-fu-nmop-agent-communication-framework (score 3.0) — Agent Communication Framework for Network AIOps
- draft-zyyhl-agent-networks-framework (score 3.6) — Framework for AI Agent Networks
- draft-xiong-rtgwg-use-cases-hp-wan (score 2.6) — Use Cases for High-performance Wide Area Network
Partially Addressing Ideas
5 extracted ideas touch on this gap:
| Idea | Draft | Type |
|---|---|---|
| Virtual In-Cloud Router as IPv6 Enhancement Agent | draft-he-yi-srv6ops-ipv6-enhancemnet-in-cloud-uc | architecture |
| 6G Agent Protocol Requirements and Enabling Technologies | draft-hw-ai-agent-6g | requirement |
| Comparative analysis of messaging protocols for agentic AI | draft-mpsb-agntcy-messaging | pattern |
| AI Network Security Agent | draft-yuan-rtgwg-security-agent-usecase | architecture |
| Task-Oriented Multi-Agent Recovery Framework | draft-yue-anima-agent-recovery-networks | architecture |
9. Legal Liability Attribution Protocols
| Severity | HIGH |
| Category | Policy/governance |
| Drafts in category | 115 |
Missing technical protocols for creating audit trails that can determine legal liability when autonomous agents cause harm. Governance drafts exist but not technical accountability mechanisms.
Evidence: 115 governance drafts but legal technology gap for liability attribution
Related Drafts
Keyword matches (drafts mentioning gap topic):
- draft-madhavan-aipref-displaybasedpref (score 2.5) — A Vocabulary for Controlling Usage of Content Collected by Search and AI Crawler
- draft-farzdusa-aipref-enduser (score 3.8) — AI Preferences Signaling: End User Impact
- draft-kotecha-agentic-dispute-protocol (score 3.6) — Agentic Dispute Protocol
- draft-cui-dmsc-agent-cdi (score 3.0) — Cross-Domain Interoperability Framework for AI Agent Collaboration
- draft-ietf-aipref-vocab (score 4.4) — A Vocabulary For Expressing AI Usage Preferences
- draft-aylward-aiga-1 (score 4.2) — AI Governance and Accountability Protocol (AIGA)
Top-rated in Policy/governance (115 drafts):
- draft-cowles-volt (4.8) — Defines tamper-evident execution trace format for AI agent workflows using hash chains and cryptogra
- draft-aylward-daap-v2 (4.8) — Defines comprehensive protocol for AI agent accountability including authentication, monitoring, and
- draft-goswami-agentic-jwt (4.5) — Extends OAuth 2.0 with Agentic JWT to address authorization challenges in autonomous AI systems. Int
- draft-wang-cats-odsi (4.5) — Specifies framework for decentralized LLM inference across untrusted participants with layer-aware e
- draft-birkholz-verifiable-agent-conversations (4.5) — Defines CDDL-based data format for verifiable agent conversation records using COSE signing. Support
Partially Addressing Ideas
No directly related technical ideas found in current drafts — this gap is entirely unaddressed.
10. Agent Memory and State Persistence Standards
| Severity | MEDIUM |
| Category | Data formats/interop |
| Drafts in category | 165 |
No standardized formats or protocols exist for how agents should persist long-term memory, experience, and learned behaviors across system restarts or migrations. Each implementation creates proprietary solutions.
Evidence: 165 data format drafts focus on communication but not persistent state management
Related Drafts
Keyword matches (drafts mentioning gap topic):
- draft-zheng-agent-identity-management (score 3.7) — Agent Identity Managenment
- draft-li-dmsc-macp (score 4.2) — Multi-agent Collaboration Protocol Suite
- draft-zheng-dispatch-agent-identity-management (score 3.3) — Agent Identity Managenment
- draft-fu-nmop-agent-communication-framework (score 3.0) — Agent Communication Framework for Network AIOps
- draft-zyyhl-agent-networks-framework (score 3.6) — Framework for AI Agent Networks
- draft-gaikwad-llm-benchmarking-terminology (score 2.7) — Benchmarking Terminology for Large Language Model Serving
Top-rated in Data formats/interop (165 drafts):
- draft-cowles-volt (4.8) — Defines tamper-evident execution trace format for AI agent workflows using hash chains and cryptogra
- draft-williams-netmod-lm-hierarchy-topology (4.6) — Defines YANG data model for hierarchical language model coordination across tiny, small, and large L
- draft-ietf-lake-app-profiles (4.6) — Defines canonical CBOR representation for EDHOC application profiles and coordination mechanisms for
- draft-chang-agent-token-efficient (4.5) — Defines ADOL (Agentic Data Optimization Layer) to address token bloat in agent communication protoco
- draft-birkholz-verifiable-agent-conversations (4.5) — Defines CDDL-based data format for verifiable agent conversation records using COSE signing. Support
Partially Addressing Ideas
16 extracted ideas touch on this gap:
| Idea | Draft | Type |
|---|---|---|
| Compliance-oriented agent memory model | draft-gaikwad-aps-profile | pattern |
| Zero Trust Interoperability Framework | draft-liu-saag-zt-problem-statement | requirement |
| Intelligent Agent Communication Gateway Architecture | draft-agent-gw | architecture |
| Zero Trust Runtime Agent Architecture | draft-berlinai-vera | architecture |
| Agentic Hypercall Protocol | draft-campbell-agentic-http | pattern |
| Agent Persistent State Profile | draft-gaikwad-aps-profile | architecture |
| Agentic AI for Autonomous Network Management | draft-hong-nmrg-agenticai-ps | requirement |
| LISP-based geospatial intelligence network | draft-ietf-lisp-nexagon | protocol |
...and 8 more
11. Agent-to-Human Escalation Standards
| Severity | MEDIUM |
| Category | Human-agent interaction |
| Drafts in category | 41 |
While human-in-the-loop protocols exist, there's no standardized framework for when and how agents should escalate decisions to humans based on uncertainty, risk, or ethical considerations.
Evidence: Only 41 human-agent interaction drafts versus complex autonomous systems requiring escalation
Related Drafts
Keyword matches (drafts mentioning gap topic):
- draft-williams-netmod-lm-hierarchy-topology (score 4.6) — Hierarchical Topology for Language Model Coordination
- draft-ietf-websec-mime-sniff (score 3.7) — Media Type Sniffing
- draft-scrm-aiproto-usecases (score 4.1) — Agentic AI Use Cases
- draft-zeng-opsawg-llm-netconf-gap (score 3.9) — Gap Analysis of Network Configuration Protocols in LLM-Driven Intent-Based Netwo
- draft-jadoon-nmrg-agentic-ai-autonomous-networks (score 4.1) — Agentic AI Architectural Principles for Autonomous Computer Networks
Top-rated in Human-agent interaction (41 drafts):
- draft-drake-email-tpm-attestation (4.6) — Defines hardware attestation for email using TPM verification chains to prevent spam and provide Syb
- draft-ietf-aipref-vocab (4.4) — Defines a standardized vocabulary for expressing preferences about how digital assets should be used
- draft-dhir-http-agent-profile (4.2) — Defines HTTP Agent Profile for authenticating agent traffic, separating human from agent traffic, an
- draft-song-tsvwg-camp (4.2) — Proposes CAMP, a multipath transport protocol for interactive multimodal LLM systems that maintains
- draft-liu-agent-operation-authorization (4.1) — Specifies framework for verifiable delegation of actions from humans to AI agents using JWT tokens.
Partially Addressing Ideas
No directly related technical ideas found in current drafts — this gap is entirely unaddressed.
12. Federated Agent Learning Privacy
| Severity | MEDIUM |
| Category | new |
| Drafts in category | 0 |
Federated AI operations models exist but lack privacy-preserving protocols for agents learning from shared experiences without exposing sensitive data from individual deployments.
Evidence: Federated models mentioned but privacy-preserving learning protocols absent
Related Drafts
Keyword matches (drafts mentioning gap topic):
- draft-kale-agntcy-federated-privacy (score 3.2) — Privacy-Preserving Federated Learning Architecture for Multi-Tenant AI Agent Sys
- draft-cui-dmsc-agent-cdi (score 3.0) — Cross-Domain Interoperability Framework for AI Agent Collaboration
- draft-ai-traffic (score 2.5) — Handling inter-DC/Edge AI-related network traffic: Problem statement
- draft-aft-ai-traffic (score 3.1) — Handling inter-DC/Edge AI-related network traffic: Problem statement
- draft-aylward-aiga-1 (score 4.2) — AI Governance and Accountability Protocol (AIGA)
- draft-zheng-agent-identity-management (score 3.7) — Agent Identity Managenment
Partially Addressing Ideas
5 extracted ideas touch on this gap:
| Idea | Draft | Type |
|---|---|---|
| Privacy-Preserving Federated Learning for Multi-Tenant AI Agents | draft-kale-agntcy-federated-privacy | architecture |
| Cross-Domain Agent Interoperability Framework | draft-cui-dmsc-agent-cdi | architecture |
| HTTP Agent Profile (HAP) | draft-dhir-http-agent-profile | protocol |
| AI Network Security Agent | draft-yuan-rtgwg-security-agent-usecase | architecture |
| AI Network Traffic Optimization Agent | draft-yuan-rtgwg-traffic-agent-usecase | architecture |
Cross-Cutting Analysis
Gaps by Category
| Category | Drafts | Gaps | Gap Topics |
|---|---|---|---|
| a2a protocols | 150 | 2 | Multi-Agent Consensus Under Byzantine Conditions; Cross-Protocol Agent Migration |
| agent discovery/reg | 87 | 1 | Agent Capability Advertisement Verification |
| agent identity/auth | 145 | 1 | Cross-Domain Agent Communication Security |
| ai safety/alignment | 46 | 2 | Real-time Agent Behavior Verification; Emergency Agent Shutdown Coordination |
| data formats/interop | 165 | 1 | Agent Memory and State Persistence Standards |
| human-agent interaction | 41 | 1 | Agent-to-Human Escalation Standards |
| new | 0 | 3 | Agent Resource Accounting and Billing; Agent Performance Degradation Detection; Federated Agent Learning Privacy |
| policy/governance | 115 | 1 | Legal Liability Attribution Protocols |
Recommendations
Based on the gap analysis, the highest-impact areas for new standardization work:
- Runtime behavior verification — The most critical safety gap. Agents declare policies but nothing validates compliance at runtime.
- Error recovery and rollback — Autonomous operations need standardized failure handling before real deployment at scale.
- Protocol interoperability layer — 92 competing A2A protocols need a translation/negotiation framework to avoid fragmentation.
- Dynamic trust systems — Static certificates cannot scale to long-running agent ecosystems. Trust must be earned and revocable.
- Human emergency override — The 7:1 ratio of autonomous capability to human oversight drafts is concerning for production deployments.