c/ietf-draft-analyzer
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
e247bfef8f19702d17def1873240dcc1288d7ab3
ietf-draft-analyzer/data/reports/gaps.md
Christian Nennemann e247bfef8f Run pipeline, write Post 08, commit untracked files 
Pipeline:
- Extract ideas for 38 new drafts → 462 ideas total
- Convergence analysis: 132 cross-org convergent ideas (33% rate)
- Fetch authors for 102 drafts → 709 authors (up from 403)
- Refresh gap analysis: 12 gaps across full 474-draft corpus
- Update verified counts with new totals

Post 08:
- Complete rewrite of "Agents Building the Agent Analysis" (2,953 words)
- Covers 3 phases: writing team → review cycle → fix cycle
- Meta-irony table mapping team coordination to IETF gap names
- Specific examples from dev journal (SQL injection, consent conflation, ideas mismatch)

Untracked files committed:
- scripts/: backfill-wg-names, classify-unrated, compare-classifiers, download-relevant-text, run-webui
- src/ietf_analyzer/classifier.py: two-stage Ollama classifier
- src/webui/: analytics (GDPR-compliant), auth, obsidian_export
- tests/test_obsidian_export.py (10 tests)
- data/reports/: wg-analysis, generated draft for gap #37

Housekeeping:
- .gitignore: exclude LaTeX artifacts, stale DBs, analytics.db

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-08 15:31:30 +01:00

559 lines
37 KiB
Markdown
Raw Blame History

# Gap Analysis: IETF AI/Agent Draft Landscape
*Generated 2026-03-08 14:30 UTC — analyzing 474 drafts, 462 technical ideas*
## Overview
This report identifies **12 gaps** — areas, problems, or technical challenges not adequately addressed by the current 474 IETF AI/agent drafts. Each gap is cross-referenced with related drafts and extracted technical ideas to show partial coverage.
| Severity | Count |
|----------|------:|
| **CRITICAL** | 3 |
| **HIGH** | 6 |
| **MEDIUM** | 3 |
### Safety Deficit
Only **46** of 474 drafts address AI safety/alignment, while **150** focus on A2A protocols and **110** on autonomous operations. The ratio of capability-building to safety is roughly **5:1**.
---
## 1. Real-time Agent Behavior Verification
| | |
|---|---|
| **Severity** | CRITICAL |
| **Category** | AI safety/alignment |
| **Drafts in category** | 46 |
Current AI safety drafts focus on governance but lack technical protocols for real-time verification that agents are behaving according to their declared policies. There's no standard way to cryptographically prove agent actions match stated intentions.
**Evidence:** Only 46 safety drafts versus 474 total, with governance focus rather than technical verification
### Related Drafts
**Keyword matches** (drafts mentioning gap topic):
- [draft-an-nmrg-i2icf-cits](https://datatracker.ietf.org/doc/draft-an-nmrg-i2icf-cits/) (score 3.7) — Interface to In-Network Computing Functions for Cooperative Intelligent Transpor
- [draft-zhao-detnet-enhanced-use-cases](https://datatracker.ietf.org/doc/draft-zhao-detnet-enhanced-use-cases/) (score 3.2) — Enhanced Use Cases for Scaling Deterministic Networks
- [draft-zhang-rvp-problem-statement](https://datatracker.ietf.org/doc/draft-zhang-rvp-problem-statement/) (score 3.5) — Problem Statements and Requirements of Real-Virtual Agent Protocol (RVP): Commun
- [draft-yuan-rtgwg-traffic-agent-usecase](https://datatracker.ietf.org/doc/draft-yuan-rtgwg-traffic-agent-usecase/) (score 3.7) — Use cases of the AI Network Traffic Optimization Agent
- [draft-altanai-aipref-realtime-protocol-bindings](https://datatracker.ietf.org/doc/draft-altanai-aipref-realtime-protocol-bindings/) (score 3.6) — AI Preferences for Real-Time Protocol Bindings
- [draft-zheng-agent-identity-management](https://datatracker.ietf.org/doc/draft-zheng-agent-identity-management/) (score 3.7) — Agent Identity Managenment
**Top-rated in AI safety/alignment** (46 drafts):
- [draft-cowles-volt](https://datatracker.ietf.org/doc/draft-cowles-volt/) (4.8) — Defines tamper-evident execution trace format for AI agent workflows using hash chains and cryptogra
- [draft-aylward-daap-v2](https://datatracker.ietf.org/doc/draft-aylward-daap-v2/) (4.8) — Defines comprehensive protocol for AI agent accountability including authentication, monitoring, and
- [draft-guy-bary-stamp-protocol](https://datatracker.ietf.org/doc/draft-guy-bary-stamp-protocol/) (4.6) — Defines STAMP protocol for cryptographic delegation and proof in AI agent systems. Provides task-bou
- [draft-drake-email-tpm-attestation](https://datatracker.ietf.org/doc/draft-drake-email-tpm-attestation/) (4.6) — Defines hardware attestation for email using TPM verification chains to prevent spam and provide Syb
- [draft-goswami-agentic-jwt](https://datatracker.ietf.org/doc/draft-goswami-agentic-jwt/) (4.5) — Extends OAuth 2.0 with Agentic JWT to address authorization challenges in autonomous AI systems. Int
### Partially Addressing Ideas
17 extracted ideas touch on this gap:
| Idea | Draft | Type |
|------|-------|------|
| Distributed AI Accountability Protocol | draft-aylward-daap-v2 | protocol |
| AGENTS.TXT Policy File | draft-srijal-agents-policy | protocol |
| AI Network Security Agent | draft-yuan-rtgwg-security-agent-usecase | architecture |
| A2A Protocol Transport over MOQT | draft-a2a-moqt-transport | protocol |
| Post-Discovery Authorization Handshake | draft-barney-caam | protocol |
| Evidence-based Autonomy Maturity Model | draft-berlinai-vera | mechanism |
| Verifiable Agent Conversation Format | draft-birkholz-verifiable-agent-conversations | protocol |
| Intent-Based Just-in-Time Authorization | draft-chen-agent-decoupled-authorization-model | architecture |
*...and 9 more*
---
## 2. Multi-Agent Consensus Under Byzantine Conditions
| | |
|---|---|
| **Severity** | CRITICAL |
| **Category** | A2A protocols |
| **Drafts in category** | 150 |
While agent discovery and A2A protocols exist, there's no framework for handling consensus when some agents may be compromised or malicious. Critical for autonomous systems making collective decisions.
**Evidence:** Complex autonomous systems require Byzantine fault tolerance but it's absent from protocol designs
### Related Drafts
**Keyword matches** (drafts mentioning gap topic):
- [draft-li-dmsc-mcps-agw](https://datatracker.ietf.org/doc/draft-li-dmsc-mcps-agw/) (score 3.5) — Multi-agent Collaboration Protocol Suite based on Agent Gateway
- [draft-li-dmsc-inf-architecture](https://datatracker.ietf.org/doc/draft-li-dmsc-inf-architecture/) (score 3.1) — Dynamic Multi-agent Secured Collaboration Infrastructure Architecture
- [draft-yue-anima-agent-recovery-networks](https://datatracker.ietf.org/doc/draft-yue-anima-agent-recovery-networks/) (score 4.1) — Task-Oriented Multi-Agent Recovery Framework for High-Reliability in Converged M
- [draft-chang-agent-context-interaction](https://datatracker.ietf.org/doc/draft-chang-agent-context-interaction/) (score 2.9) — Agent Context Interaction Optimizations
- [draft-fu-nmop-agent-communication-framework](https://datatracker.ietf.org/doc/draft-fu-nmop-agent-communication-framework/) (score 3.0) — Agent Communication Framework for Network AIOps
- [draft-ramakrishna-satp-views-addresses](https://datatracker.ietf.org/doc/draft-ramakrishna-satp-views-addresses/) (score 3.4) — Views and View Addresses for Secure Asset Transfer
**Top-rated in A2A protocols** (150 drafts):
- [draft-guy-bary-stamp-protocol](https://datatracker.ietf.org/doc/draft-guy-bary-stamp-protocol/) (4.6) — Defines STAMP protocol for cryptographic delegation and proof in AI agent systems. Provides task-bou
- [draft-williams-netmod-lm-hierarchy-topology](https://datatracker.ietf.org/doc/draft-williams-netmod-lm-hierarchy-topology/) (4.6) — Defines YANG data model for hierarchical language model coordination across tiny, small, and large L
- [draft-ietf-lake-edhoc](https://datatracker.ietf.org/doc/draft-ietf-lake-edhoc/) (4.6) — Specifies EDHOC, a compact authenticated Diffie-Hellman key exchange protocol for constrained enviro
- [draft-chang-agent-token-efficient](https://datatracker.ietf.org/doc/draft-chang-agent-token-efficient/) (4.5) — Defines ADOL (Agentic Data Optimization Layer) to address token bloat in agent communication protoco
- [draft-chen-oauth-rar-agent-extensions](https://datatracker.ietf.org/doc/draft-chen-oauth-rar-agent-extensions/) (4.2) — Extends OAuth RAR with policy_context and lifecycle_binding members for AI agent environments. Enabl
### Partially Addressing Ideas
2 extracted ideas touch on this gap:
| Idea | Draft | Type |
|------|-------|------|
| ASRank Structural Vulnerability Analysis | draft-xu-sidrops-asrank-vulnerabilities | requirement |
| MCP and A2A Complementary Solutions for Network Management | draft-zeng-opsawg-applicability-mcp-a2a | architecture |
---
## 3. Emergency Agent Shutdown Coordination
| | |
|---|---|
| **Severity** | CRITICAL |
| **Category** | AI safety/alignment |
| **Drafts in category** | 46 |
Missing protocols for coordinated emergency shutdown of autonomous agent networks when safety issues are detected. Individual agent controls exist but not network-wide coordination mechanisms.
**Evidence:** Human-in-the-loop drafts exist but no emergency coordination protocols for autonomous systems
### Related Drafts
**Keyword matches** (drafts mentioning gap topic):
- [draft-aylward-daap-v2](https://datatracker.ietf.org/doc/draft-aylward-daap-v2/) (score 4.8) — Distributed AI Accountability Protocol (DAAP) Version 2.0
- [draft-khatri-sipcore-call-transfer-fail-response](https://datatracker.ietf.org/doc/draft-khatri-sipcore-call-transfer-fail-response/) (score 3.3) — A SIP Response Code (497) for Call Transfer Failure
- [draft-cui-dmsc-agent-cdi](https://datatracker.ietf.org/doc/draft-cui-dmsc-agent-cdi/) (score 3.0) — Cross-Domain Interoperability Framework for AI Agent Collaboration
- [draft-yu-ai-agent-use-cases-in-6g](https://datatracker.ietf.org/doc/draft-yu-ai-agent-use-cases-in-6g/) (score 2.5) — AI Agent Use Cases and Requirements in 6G Network
- [draft-zhang-rvp-problem-statement](https://datatracker.ietf.org/doc/draft-zhang-rvp-problem-statement/) (score 3.5) — Problem Statements and Requirements of Real-Virtual Agent Protocol (RVP): Commun
- [draft-zheng-agent-identity-management](https://datatracker.ietf.org/doc/draft-zheng-agent-identity-management/) (score 3.7) — Agent Identity Managenment
**Top-rated in AI safety/alignment** (46 drafts):
- [draft-cowles-volt](https://datatracker.ietf.org/doc/draft-cowles-volt/) (4.8) — Defines tamper-evident execution trace format for AI agent workflows using hash chains and cryptogra
- [draft-aylward-daap-v2](https://datatracker.ietf.org/doc/draft-aylward-daap-v2/) (4.8) — Defines comprehensive protocol for AI agent accountability including authentication, monitoring, and
- [draft-guy-bary-stamp-protocol](https://datatracker.ietf.org/doc/draft-guy-bary-stamp-protocol/) (4.6) — Defines STAMP protocol for cryptographic delegation and proof in AI agent systems. Provides task-bou
- [draft-drake-email-tpm-attestation](https://datatracker.ietf.org/doc/draft-drake-email-tpm-attestation/) (4.6) — Defines hardware attestation for email using TPM verification chains to prevent spam and provide Syb
- [draft-goswami-agentic-jwt](https://datatracker.ietf.org/doc/draft-goswami-agentic-jwt/) (4.5) — Extends OAuth 2.0 with Agentic JWT to address authorization challenges in autonomous AI systems. Int
### Partially Addressing Ideas
9 extracted ideas touch on this gap:
| Idea | Draft | Type |
|------|-------|------|
| Distributed AI Accountability Protocol | draft-aylward-daap-v2 | protocol |
| Agentic network architecture for multi-agent coordination | draft-chuyi-nmrg-agentic-network-inference | architecture |
| Dynamic Task Coordination Requirements for AI Agents | draft-cui-ai-agent-task | requirement |
| Multi-Agent Communication Framework for AIOps | draft-fu-nmop-agent-communication-framework | architecture |
| Meta-Layer Coordination Substrate | draft-meta-layer-overview | architecture |
| Trinity Configuration for Agent Coordination | draft-takagi-srta-trinity | pattern |
| Internet of Agents Task Protocol for heterogeneous collaboration | draft-yang-dmsc-ioa-task-protocol | protocol |
| Task-Oriented Multi-Agent Recovery Framework | draft-yue-anima-agent-recovery-networks | architecture |
*...and 1 more*
---
## 4. Cross-Protocol Agent Migration
| | |
|---|---|
| **Severity** | HIGH |
| **Category** | A2A protocols |
| **Drafts in category** | 150 |
While A2A protocols exist, there's no standardized mechanism for agents to migrate between different protocol frameworks or service providers while maintaining state and identity. This creates vendor lock-in and limits agent portability across heterogeneous systems.
**Evidence:** 150 A2A protocol drafts with high overlap suggest fragmentation without migration solutions
### Related Drafts
**Keyword matches** (drafts mentioning gap topic):
- [draft-cowles-volt](https://datatracker.ietf.org/doc/draft-cowles-volt/) (score 4.8) — Verifiable Operations Ledger and Trace (VOLT) Protocol
- [draft-han-ai-agent-impact-infra](https://datatracker.ietf.org/doc/draft-han-ai-agent-impact-infra/) (score 2.3) — The Impact of AI Agent to Network Infrastructure
- [draft-narajala-ans](https://datatracker.ietf.org/doc/draft-narajala-ans/) (score 4.2) — Agent Name Service (ANS): A Universal Directory for Secure AI Agent Discovery an
- [draft-ietf-emu-eap-edhoc](https://datatracker.ietf.org/doc/draft-ietf-emu-eap-edhoc/) (score 3.2) — Using the Extensible Authentication Protocol (EAP) with Ephemeral Diffie-Hellman
- [draft-howe-sipcore-mcp-extension](https://datatracker.ietf.org/doc/draft-howe-sipcore-mcp-extension/) (score 3.7) — SIP Extension for Model Context Protocol (MCP)
- [draft-zheng-agent-identity-management](https://datatracker.ietf.org/doc/draft-zheng-agent-identity-management/) (score 3.7) — Agent Identity Managenment
**Top-rated in A2A protocols** (150 drafts):
- [draft-guy-bary-stamp-protocol](https://datatracker.ietf.org/doc/draft-guy-bary-stamp-protocol/) (4.6) — Defines STAMP protocol for cryptographic delegation and proof in AI agent systems. Provides task-bou
- [draft-williams-netmod-lm-hierarchy-topology](https://datatracker.ietf.org/doc/draft-williams-netmod-lm-hierarchy-topology/) (4.6) — Defines YANG data model for hierarchical language model coordination across tiny, small, and large L
- [draft-ietf-lake-edhoc](https://datatracker.ietf.org/doc/draft-ietf-lake-edhoc/) (4.6) — Specifies EDHOC, a compact authenticated Diffie-Hellman key exchange protocol for constrained enviro
- [draft-chang-agent-token-efficient](https://datatracker.ietf.org/doc/draft-chang-agent-token-efficient/) (4.5) — Defines ADOL (Agentic Data Optimization Layer) to address token bloat in agent communication protoco
- [draft-chen-oauth-rar-agent-extensions](https://datatracker.ietf.org/doc/draft-chen-oauth-rar-agent-extensions/) (4.2) — Extends OAuth RAR with policy_context and lifecycle_binding members for AI agent environments. Enabl
### Partially Addressing Ideas
No directly related technical ideas found in current drafts — this gap is entirely unaddressed.
---
## 5. Agent Resource Accounting and Billing
| | |
|---|---|
| **Severity** | HIGH |
| **Category** | new |
| **Drafts in category** | 0 |
No standardized protocols exist for tracking and billing computational resources consumed by autonomous agents across distributed systems. This is essential for commercial deployment but completely unaddressed.
**Evidence:** High focus on protocols and deployment but zero drafts addressing economic models
### Related Drafts
**Keyword matches** (drafts mentioning gap topic):
- [draft-zheng-agent-identity-management](https://datatracker.ietf.org/doc/draft-zheng-agent-identity-management/) (score 3.7) — Agent Identity Managenment
- [draft-li-dmsc-macp](https://datatracker.ietf.org/doc/draft-li-dmsc-macp/) (score 4.2) — Multi-agent Collaboration Protocol Suite
- [draft-zheng-dispatch-agent-identity-management](https://datatracker.ietf.org/doc/draft-zheng-dispatch-agent-identity-management/) (score 3.3) — Agent Identity Managenment
- [draft-fu-nmop-agent-communication-framework](https://datatracker.ietf.org/doc/draft-fu-nmop-agent-communication-framework/) (score 3.0) — Agent Communication Framework for Network AIOps
- [draft-zyyhl-agent-networks-framework](https://datatracker.ietf.org/doc/draft-zyyhl-agent-networks-framework/) (score 3.6) — Framework for AI Agent Networks
- [draft-jia-oauth-scope-aggregation](https://datatracker.ietf.org/doc/draft-jia-oauth-scope-aggregation/) (score 3.5) — OAuth 2.0 Scope Aggregation for Multi-Step AI Agent Workflows
### Partially Addressing Ideas
8 extracted ideas touch on this gap:
| Idea | Draft | Type |
|------|-------|------|
| SCIM 2.0 Extension for Agents and Agentic Applications | draft-abbey-scim-agent-extension | extension |
| Events Query Protocol | draft-gupta-httpapi-events-query | protocol |
| Micro Agent Communication Protocol (µACP) | draft-mallick-muacp | protocol |
| MOQT Binding for A2A and MCP Protocols | draft-nandakumar-ai-agent-moq-transport | extension |
| SCIM 2.0 Agent Extension | draft-scim-agent-extension | extension |
| Authorized Connection Policy Framework | draft-steckbeck-ua-conn-sec | mechanism |
| Agent Workflow Protocol Well-Known Resource | draft-vinaysingh-awp-wellknown | extension |
| AI Network Traffic Optimization Agent | draft-yuan-rtgwg-traffic-agent-usecase | architecture |
---
## 6. Agent Capability Advertisement Verification
| | |
|---|---|
| **Severity** | HIGH |
| **Category** | Agent discovery/reg |
| **Drafts in category** | 87 |
While agent discovery protocols exist, there's no way to cryptographically verify that advertised agent capabilities are accurate. Agents could falsely claim capabilities leading to system failures.
**Evidence:** 87 discovery drafts but no mention of capability verification mechanisms
### Related Drafts
**Keyword matches** (drafts mentioning gap topic):
- [draft-zheng-agent-identity-management](https://datatracker.ietf.org/doc/draft-zheng-agent-identity-management/) (score 3.7) — Agent Identity Managenment
- [draft-li-dmsc-macp](https://datatracker.ietf.org/doc/draft-li-dmsc-macp/) (score 4.2) — Multi-agent Collaboration Protocol Suite
- [draft-zheng-dispatch-agent-identity-management](https://datatracker.ietf.org/doc/draft-zheng-dispatch-agent-identity-management/) (score 3.3) — Agent Identity Managenment
- [draft-fu-nmop-agent-communication-framework](https://datatracker.ietf.org/doc/draft-fu-nmop-agent-communication-framework/) (score 3.0) — Agent Communication Framework for Network AIOps
- [draft-zyyhl-agent-networks-framework](https://datatracker.ietf.org/doc/draft-zyyhl-agent-networks-framework/) (score 3.6) — Framework for AI Agent Networks
- [draft-li-dmsc-inf-architecture](https://datatracker.ietf.org/doc/draft-li-dmsc-inf-architecture/) (score 3.1) — Dynamic Multi-agent Secured Collaboration Infrastructure Architecture
**Top-rated in Agent discovery/reg** (87 drafts):
- [draft-narajala-ans](https://datatracker.ietf.org/doc/draft-narajala-ans/) (4.2) — Introduces Agent Name Service (ANS) as a DNS-based universal directory for AI agent discovery and ve
- [draft-li-dmsc-macp](https://datatracker.ietf.org/doc/draft-li-dmsc-macp/) (4.2) — Specifies a comprehensive multi-agent collaboration protocol suite using Agent Gateways for registra
- [draft-cui-dns-native-agent-naming-resolution](https://datatracker.ietf.org/doc/draft-cui-dns-native-agent-naming-resolution/) (4.1) — Specifies DNS-native naming and resolution for AI agents using FQDNs and SVCB records. Emphasizes DN
- [draft-nederveld-adl](https://datatracker.ietf.org/doc/draft-nederveld-adl/) (4.1) — Defines ADL, a JSON-based standard for describing AI agents including their capabilities, tools, per
- [draft-rosenberg-ai-protocols](https://datatracker.ietf.org/doc/draft-rosenberg-ai-protocols/) (4.1) — Establishes framework for AI agent communications on the Internet, surveying existing protocols like
### Partially Addressing Ideas
25 extracted ideas touch on this gap:
| Idea | Draft | Type |
|------|-------|------|
| DNS-based AI Agent Discovery | draft-mozleywilliams-dnsop-bandaid | mechanism |
| DNS namespace for AI agent discovery | draft-mozleywilliams-dnsop-dnsaid | mechanism |
| Agent Registration and Discovery Protocol | draft-pioli-agent-discovery | protocol |
| Intent-based Agent Interconnection Protocol | draft-sun-zhang-iaip | protocol |
| Capability Advertisement and Intent Resolution | draft-sz-dmsc-iaip | mechanism |
| Intelligent Agent Communication Gateway Architecture | draft-agent-gw | architecture |
| AI-Native Network Protocol (AINP) | draft-ainp-protocol | protocol |
| Distributed AI Accountability Protocol | draft-aylward-daap-v2 | protocol |
*...and 17 more*
---
## 7. Cross-Domain Agent Communication Security
| | |
|---|---|
| **Severity** | HIGH |
| **Category** | Agent identity/auth |
| **Drafts in category** | 145 |
Current identity/auth solutions don't address secure communication between agents operating in different security domains or trust boundaries. Critical for enterprise and government deployments.
**Evidence:** 145 identity drafts show awareness but cross-domain scenarios appear unaddressed
### Related Drafts
**Keyword matches** (drafts mentioning gap topic):
- [draft-diaconu-agents-authz-info-sharing](https://datatracker.ietf.org/doc/draft-diaconu-agents-authz-info-sharing/) (score 3.2) — Cross-Domain AuthZ Information sharing for Agents
- [draft-cui-dmsc-agent-cdi](https://datatracker.ietf.org/doc/draft-cui-dmsc-agent-cdi/) (score 3.0) — Cross-Domain Interoperability Framework for AI Agent Collaboration
- [draft-han-rtgwg-agent-gateway-intercomm-framework](https://datatracker.ietf.org/doc/draft-han-rtgwg-agent-gateway-intercomm-framework/) (score 3.6) — Agent Gateway Intercommunication Framework
- [draft-ni-a2a-ai-agent-security-requirements](https://datatracker.ietf.org/doc/draft-ni-a2a-ai-agent-security-requirements/) (score 3.7) — Security Requirements for AI Agents
- [draft-intellinode-ai-semantic-contract](https://datatracker.ietf.org/doc/draft-intellinode-ai-semantic-contract/) (score 3.2) — Semantic-Driven Traffic Shaping Contract for AI Networks
- [draft-zheng-agent-identity-management](https://datatracker.ietf.org/doc/draft-zheng-agent-identity-management/) (score 3.7) — Agent Identity Managenment
**Top-rated in Agent identity/auth** (145 drafts):
- [draft-cowles-volt](https://datatracker.ietf.org/doc/draft-cowles-volt/) (4.8) — Defines tamper-evident execution trace format for AI agent workflows using hash chains and cryptogra
- [draft-aylward-daap-v2](https://datatracker.ietf.org/doc/draft-aylward-daap-v2/) (4.8) — Defines comprehensive protocol for AI agent accountability including authentication, monitoring, and
- [draft-guy-bary-stamp-protocol](https://datatracker.ietf.org/doc/draft-guy-bary-stamp-protocol/) (4.6) — Defines STAMP protocol for cryptographic delegation and proof in AI agent systems. Provides task-bou
- [draft-drake-email-tpm-attestation](https://datatracker.ietf.org/doc/draft-drake-email-tpm-attestation/) (4.6) — Defines hardware attestation for email using TPM verification chains to prevent spam and provide Syb
- [draft-williams-netmod-lm-hierarchy-topology](https://datatracker.ietf.org/doc/draft-williams-netmod-lm-hierarchy-topology/) (4.6) — Defines YANG data model for hierarchical language model coordination across tiny, small, and large L
### Partially Addressing Ideas
46 extracted ideas touch on this gap:
| Idea | Draft | Type |
|------|-------|------|
| Centralized Gateway for Multi-Agent Communication | draft-song-dmsc-problem-statement | architecture |
| Multi-Tenant Policy Enforcement Infrastructure | draft-song-dmsc-problem-statement | architecture |
| Intelligent Agent Communication Gateway Architecture | draft-agent-gw | architecture |
| AI-Native Network Protocol (AINP) | draft-ainp-protocol | protocol |
| Agent-to-Agent Communication in Transportation Networks | draft-an-nmrg-i2icf-cits | pattern |
| Zero Trust Runtime Agent Architecture | draft-berlinai-vera | architecture |
| Agentic Data Optimization Layer (ADOL) | draft-chang-agent-token-efficient | protocol |
| Agentic network architecture for multi-agent coordination | draft-chuyi-nmrg-agentic-network-inference | architecture |
*...and 38 more*
---
## 8. Agent Performance Degradation Detection
| | |
|---|---|
| **Severity** | HIGH |
| **Category** | new |
| **Drafts in category** | 0 |
No standardized protocols exist for detecting when AI agents are experiencing model drift, adversarial attacks, or performance degradation. Essential for maintaining autonomous system reliability.
**Evidence:** ML traffic management exists but not agent health monitoring standards
### Related Drafts
**Keyword matches** (drafts mentioning gap topic):
- [draft-zheng-agent-identity-management](https://datatracker.ietf.org/doc/draft-zheng-agent-identity-management/) (score 3.7) — Agent Identity Managenment
- [draft-li-dmsc-macp](https://datatracker.ietf.org/doc/draft-li-dmsc-macp/) (score 4.2) — Multi-agent Collaboration Protocol Suite
- [draft-zheng-dispatch-agent-identity-management](https://datatracker.ietf.org/doc/draft-zheng-dispatch-agent-identity-management/) (score 3.3) — Agent Identity Managenment
- [draft-fu-nmop-agent-communication-framework](https://datatracker.ietf.org/doc/draft-fu-nmop-agent-communication-framework/) (score 3.0) — Agent Communication Framework for Network AIOps
- [draft-zyyhl-agent-networks-framework](https://datatracker.ietf.org/doc/draft-zyyhl-agent-networks-framework/) (score 3.6) — Framework for AI Agent Networks
- [draft-xiong-rtgwg-use-cases-hp-wan](https://datatracker.ietf.org/doc/draft-xiong-rtgwg-use-cases-hp-wan/) (score 2.6) — Use Cases for High-performance Wide Area Network
### Partially Addressing Ideas
5 extracted ideas touch on this gap:
| Idea | Draft | Type |
|------|-------|------|
| Virtual In-Cloud Router as IPv6 Enhancement Agent | draft-he-yi-srv6ops-ipv6-enhancemnet-in-cloud-uc | architecture |
| 6G Agent Protocol Requirements and Enabling Technologies | draft-hw-ai-agent-6g | requirement |
| Comparative analysis of messaging protocols for agentic AI | draft-mpsb-agntcy-messaging | pattern |
| AI Network Security Agent | draft-yuan-rtgwg-security-agent-usecase | architecture |
| Task-Oriented Multi-Agent Recovery Framework | draft-yue-anima-agent-recovery-networks | architecture |
---
## 9. Legal Liability Attribution Protocols
| | |
|---|---|
| **Severity** | HIGH |
| **Category** | Policy/governance |
| **Drafts in category** | 115 |
Missing technical protocols for creating audit trails that can determine legal liability when autonomous agents cause harm. Governance drafts exist but not technical accountability mechanisms.
**Evidence:** 115 governance drafts but legal technology gap for liability attribution
### Related Drafts
**Keyword matches** (drafts mentioning gap topic):
- [draft-madhavan-aipref-displaybasedpref](https://datatracker.ietf.org/doc/draft-madhavan-aipref-displaybasedpref/) (score 2.5) — A Vocabulary for Controlling Usage of Content Collected by Search and AI Crawler
- [draft-farzdusa-aipref-enduser](https://datatracker.ietf.org/doc/draft-farzdusa-aipref-enduser/) (score 3.8) — AI Preferences Signaling: End User Impact
- [draft-kotecha-agentic-dispute-protocol](https://datatracker.ietf.org/doc/draft-kotecha-agentic-dispute-protocol/) (score 3.6) — Agentic Dispute Protocol
- [draft-cui-dmsc-agent-cdi](https://datatracker.ietf.org/doc/draft-cui-dmsc-agent-cdi/) (score 3.0) — Cross-Domain Interoperability Framework for AI Agent Collaboration
- [draft-ietf-aipref-vocab](https://datatracker.ietf.org/doc/draft-ietf-aipref-vocab/) (score 4.4) — A Vocabulary For Expressing AI Usage Preferences
- [draft-aylward-aiga-1](https://datatracker.ietf.org/doc/draft-aylward-aiga-1/) (score 4.2) — AI Governance and Accountability Protocol (AIGA)
**Top-rated in Policy/governance** (115 drafts):
- [draft-cowles-volt](https://datatracker.ietf.org/doc/draft-cowles-volt/) (4.8) — Defines tamper-evident execution trace format for AI agent workflows using hash chains and cryptogra
- [draft-aylward-daap-v2](https://datatracker.ietf.org/doc/draft-aylward-daap-v2/) (4.8) — Defines comprehensive protocol for AI agent accountability including authentication, monitoring, and
- [draft-goswami-agentic-jwt](https://datatracker.ietf.org/doc/draft-goswami-agentic-jwt/) (4.5) — Extends OAuth 2.0 with Agentic JWT to address authorization challenges in autonomous AI systems. Int
- [draft-wang-cats-odsi](https://datatracker.ietf.org/doc/draft-wang-cats-odsi/) (4.5) — Specifies framework for decentralized LLM inference across untrusted participants with layer-aware e
- [draft-birkholz-verifiable-agent-conversations](https://datatracker.ietf.org/doc/draft-birkholz-verifiable-agent-conversations/) (4.5) — Defines CDDL-based data format for verifiable agent conversation records using COSE signing. Support
### Partially Addressing Ideas
No directly related technical ideas found in current drafts — this gap is entirely unaddressed.
---
## 10. Agent Memory and State Persistence Standards
| | |
|---|---|
| **Severity** | MEDIUM |
| **Category** | Data formats/interop |
| **Drafts in category** | 165 |
No standardized formats or protocols exist for how agents should persist long-term memory, experience, and learned behaviors across system restarts or migrations. Each implementation creates proprietary solutions.
**Evidence:** 165 data format drafts focus on communication but not persistent state management
### Related Drafts
**Keyword matches** (drafts mentioning gap topic):
- [draft-zheng-agent-identity-management](https://datatracker.ietf.org/doc/draft-zheng-agent-identity-management/) (score 3.7) — Agent Identity Managenment
- [draft-li-dmsc-macp](https://datatracker.ietf.org/doc/draft-li-dmsc-macp/) (score 4.2) — Multi-agent Collaboration Protocol Suite
- [draft-zheng-dispatch-agent-identity-management](https://datatracker.ietf.org/doc/draft-zheng-dispatch-agent-identity-management/) (score 3.3) — Agent Identity Managenment
- [draft-fu-nmop-agent-communication-framework](https://datatracker.ietf.org/doc/draft-fu-nmop-agent-communication-framework/) (score 3.0) — Agent Communication Framework for Network AIOps
- [draft-zyyhl-agent-networks-framework](https://datatracker.ietf.org/doc/draft-zyyhl-agent-networks-framework/) (score 3.6) — Framework for AI Agent Networks
- [draft-gaikwad-llm-benchmarking-terminology](https://datatracker.ietf.org/doc/draft-gaikwad-llm-benchmarking-terminology/) (score 2.7) — Benchmarking Terminology for Large Language Model Serving
**Top-rated in Data formats/interop** (165 drafts):
- [draft-cowles-volt](https://datatracker.ietf.org/doc/draft-cowles-volt/) (4.8) — Defines tamper-evident execution trace format for AI agent workflows using hash chains and cryptogra
- [draft-williams-netmod-lm-hierarchy-topology](https://datatracker.ietf.org/doc/draft-williams-netmod-lm-hierarchy-topology/) (4.6) — Defines YANG data model for hierarchical language model coordination across tiny, small, and large L
- [draft-ietf-lake-app-profiles](https://datatracker.ietf.org/doc/draft-ietf-lake-app-profiles/) (4.6) — Defines canonical CBOR representation for EDHOC application profiles and coordination mechanisms for
- [draft-chang-agent-token-efficient](https://datatracker.ietf.org/doc/draft-chang-agent-token-efficient/) (4.5) — Defines ADOL (Agentic Data Optimization Layer) to address token bloat in agent communication protoco
- [draft-birkholz-verifiable-agent-conversations](https://datatracker.ietf.org/doc/draft-birkholz-verifiable-agent-conversations/) (4.5) — Defines CDDL-based data format for verifiable agent conversation records using COSE signing. Support
### Partially Addressing Ideas
16 extracted ideas touch on this gap:
| Idea | Draft | Type |
|------|-------|------|
| Compliance-oriented agent memory model | draft-gaikwad-aps-profile | pattern |
| Zero Trust Interoperability Framework | draft-liu-saag-zt-problem-statement | requirement |
| Intelligent Agent Communication Gateway Architecture | draft-agent-gw | architecture |
| Zero Trust Runtime Agent Architecture | draft-berlinai-vera | architecture |
| Agentic Hypercall Protocol | draft-campbell-agentic-http | pattern |
| Agent Persistent State Profile | draft-gaikwad-aps-profile | architecture |
| Agentic AI for Autonomous Network Management | draft-hong-nmrg-agenticai-ps | requirement |
| LISP-based geospatial intelligence network | draft-ietf-lisp-nexagon | protocol |
*...and 8 more*
---
## 11. Agent-to-Human Escalation Standards
| | |
|---|---|
| **Severity** | MEDIUM |
| **Category** | Human-agent interaction |
| **Drafts in category** | 41 |
While human-in-the-loop protocols exist, there's no standardized framework for when and how agents should escalate decisions to humans based on uncertainty, risk, or ethical considerations.
**Evidence:** Only 41 human-agent interaction drafts versus complex autonomous systems requiring escalation
### Related Drafts
**Keyword matches** (drafts mentioning gap topic):
- [draft-williams-netmod-lm-hierarchy-topology](https://datatracker.ietf.org/doc/draft-williams-netmod-lm-hierarchy-topology/) (score 4.6) — Hierarchical Topology for Language Model Coordination
- [draft-ietf-websec-mime-sniff](https://datatracker.ietf.org/doc/draft-ietf-websec-mime-sniff/) (score 3.7) — Media Type Sniffing
- [draft-scrm-aiproto-usecases](https://datatracker.ietf.org/doc/draft-scrm-aiproto-usecases/) (score 4.1) — Agentic AI Use Cases
- [draft-zeng-opsawg-llm-netconf-gap](https://datatracker.ietf.org/doc/draft-zeng-opsawg-llm-netconf-gap/) (score 3.9) — Gap Analysis of Network Configuration Protocols in LLM-Driven Intent-Based Netwo
- [draft-jadoon-nmrg-agentic-ai-autonomous-networks](https://datatracker.ietf.org/doc/draft-jadoon-nmrg-agentic-ai-autonomous-networks/) (score 4.1) — Agentic AI Architectural Principles for Autonomous Computer Networks
**Top-rated in Human-agent interaction** (41 drafts):
- [draft-drake-email-tpm-attestation](https://datatracker.ietf.org/doc/draft-drake-email-tpm-attestation/) (4.6) — Defines hardware attestation for email using TPM verification chains to prevent spam and provide Syb
- [draft-ietf-aipref-vocab](https://datatracker.ietf.org/doc/draft-ietf-aipref-vocab/) (4.4) — Defines a standardized vocabulary for expressing preferences about how digital assets should be used
- [draft-dhir-http-agent-profile](https://datatracker.ietf.org/doc/draft-dhir-http-agent-profile/) (4.2) — Defines HTTP Agent Profile for authenticating agent traffic, separating human from agent traffic, an
- [draft-song-tsvwg-camp](https://datatracker.ietf.org/doc/draft-song-tsvwg-camp/) (4.2) — Proposes CAMP, a multipath transport protocol for interactive multimodal LLM systems that maintains
- [draft-liu-agent-operation-authorization](https://datatracker.ietf.org/doc/draft-liu-agent-operation-authorization/) (4.1) — Specifies framework for verifiable delegation of actions from humans to AI agents using JWT tokens.
### Partially Addressing Ideas
No directly related technical ideas found in current drafts — this gap is entirely unaddressed.
---
## 12. Federated Agent Learning Privacy
| | |
|---|---|
| **Severity** | MEDIUM |
| **Category** | new |
| **Drafts in category** | 0 |
Federated AI operations models exist but lack privacy-preserving protocols for agents learning from shared experiences without exposing sensitive data from individual deployments.
**Evidence:** Federated models mentioned but privacy-preserving learning protocols absent
### Related Drafts
**Keyword matches** (drafts mentioning gap topic):
- [draft-kale-agntcy-federated-privacy](https://datatracker.ietf.org/doc/draft-kale-agntcy-federated-privacy/) (score 3.2) — Privacy-Preserving Federated Learning Architecture for Multi-Tenant AI Agent Sys
- [draft-cui-dmsc-agent-cdi](https://datatracker.ietf.org/doc/draft-cui-dmsc-agent-cdi/) (score 3.0) — Cross-Domain Interoperability Framework for AI Agent Collaboration
- [draft-ai-traffic](https://datatracker.ietf.org/doc/draft-ai-traffic/) (score 2.5) — Handling inter-DC/Edge AI-related network traffic: Problem statement
- [draft-aft-ai-traffic](https://datatracker.ietf.org/doc/draft-aft-ai-traffic/) (score 3.1) — Handling inter-DC/Edge AI-related network traffic: Problem statement
- [draft-aylward-aiga-1](https://datatracker.ietf.org/doc/draft-aylward-aiga-1/) (score 4.2) — AI Governance and Accountability Protocol (AIGA)
- [draft-zheng-agent-identity-management](https://datatracker.ietf.org/doc/draft-zheng-agent-identity-management/) (score 3.7) — Agent Identity Managenment
### Partially Addressing Ideas
5 extracted ideas touch on this gap:
| Idea | Draft | Type |
|------|-------|------|
| Privacy-Preserving Federated Learning for Multi-Tenant AI Agents | draft-kale-agntcy-federated-privacy | architecture |
| Cross-Domain Agent Interoperability Framework | draft-cui-dmsc-agent-cdi | architecture |
| HTTP Agent Profile (HAP) | draft-dhir-http-agent-profile | protocol |
| AI Network Security Agent | draft-yuan-rtgwg-security-agent-usecase | architecture |
| AI Network Traffic Optimization Agent | draft-yuan-rtgwg-traffic-agent-usecase | architecture |
---
## Cross-Cutting Analysis
### Gaps by Category
| Category | Drafts | Gaps | Gap Topics |
|----------|-------:|-----:|------------|
| a2a protocols | 150 | 2 | Multi-Agent Consensus Under Byzantine Conditions; Cross-Protocol Agent Migration |
| agent discovery/reg | 87 | 1 | Agent Capability Advertisement Verification |
| agent identity/auth | 145 | 1 | Cross-Domain Agent Communication Security |
| ai safety/alignment | 46 | 2 | Real-time Agent Behavior Verification; Emergency Agent Shutdown Coordination |
| data formats/interop | 165 | 1 | Agent Memory and State Persistence Standards |
| human-agent interaction | 41 | 1 | Agent-to-Human Escalation Standards |
| new | 0 | 3 | Agent Resource Accounting and Billing; Agent Performance Degradation Detection; Federated Agent Learning Privacy |
| policy/governance | 115 | 1 | Legal Liability Attribution Protocols |
## Recommendations
Based on the gap analysis, the highest-impact areas for new standardization work:
1. **Runtime behavior verification** — The most critical safety gap. Agents declare policies but nothing validates compliance at runtime.
2. **Error recovery and rollback** — Autonomous operations need standardized failure handling before real deployment at scale.
3. **Protocol interoperability layer** — 92 competing A2A protocols need a translation/negotiation framework to avoid fragmentation.
4. **Dynamic trust systems** — Static certificates cannot scale to long-running agent ecosystems. Trust must be earned and revocable.
5. **Human emergency override** — The 7:1 ratio of autonomous capability to human oversight drafts is concerning for production deployments.
Reference in New Issue View Git Blame Copy Permalink