HackerTrans
トップ新着トレンドコメント過去質問紹介求人

positiveblue

no profile record

投稿

Stop giving your AI Agent admin credentials

positiveblue.substack.com
5 ポイント·投稿者 positiveblue·10 か月前·1 コメント

JWTs and OAuth suck for AI agents. Meet Wafers

positiveblue.substack.com
3 ポイント·投稿者 positiveblue·10 か月前·5 コメント

The web does not need gatekeepers: Cloudflare’s new “signed agents” pitch

positiveblue.substack.com
454 ポイント·投稿者 positiveblue·11 か月前·489 コメント

コメント

positiveblue
·10 か月前·議論
It’s wild, decades of work on least privilege and delegation, and we’re back to handing out root credentials to bots T.T
positiveblue
·10 か月前·議論
Adoption is definitely the hardest "cryptographic" problem :D

You can think about this as a new auth token to add in your stack. It does not need to grow and take over the world overnight. We have seen how hard it is to change the status quo + how much it can adapt to new ideas (ex: SQL vs NoSQL)

For now I would imagine teams who need more flexibility in their auth stack to adopt this for new API
positiveblue
·10 か月前·議論
Wafers are definitely inspired by Macaroons, but the core difference is that delegation is tied to identity.

In Macaroons, anyone who holds the token can tack on caveats.

In Wafers, only the current holder can extend it, and they can explicitly name the next holder by public key.

That gives you a verifiable chain of custody instead of an unanchored blob.
positiveblue
·10 か月前·議論
TLDR: JWTs say who you are. Wafers say who this request is on behalf of and exactly what it can do.
positiveblue
·11 か月前·議論
I could not give less of a shit between whitelist/allowlist. I use them indistinctly.

You can sleep peacefully today but you should try to don't over stress from how other people write on the internet
positiveblue
·11 か月前·議論
100% needs to be done at the last mile.
positiveblue
·11 か月前·議論
Hi, "this person here" Cloudflare will block that request that has a jwt because "it does not come from a person".

What I was trying to say is that even the discussion "is this a bot 100% sure or not" makes no sense.
positiveblue
·11 か月前·議論
many people don't remember/know history though
positiveblue
·11 か月前·議論
yep, that's why I am writing this now :)

You can see it in the web vs mobile apps.

Many people may not see a problem on wallet gardens but reality is that we have much less innovation in mobile than in web because anyone can spawn a web server vs publish an app in the App Store (apple)
positiveblue
·11 か月前·議論
I know the image, what I do not understand is the argument between using it being incompatible with "fairness" and "openness"
positiveblue
·11 か月前·議論
No
positiveblue
·11 か月前·議論
Where everyone needs a cloudflare account to be able to pay*
positiveblue
·11 か月前·議論
> An allowlist run by one company that site owners chose to engage with.

Exactly, no problem with that, just hinting that's not a protocol.

> But the irony of taking an ideological stance about fairness while using AI generated comics for blog posts

Wait, what?
positiveblue
·11 か月前·議論
The point is "should everyone just have an account with Cloudflare then"
positiveblue
·11 か月前·議論
This is one of the main points :+1:
positiveblue
·11 か月前·議論
I actually thought about this before publishing it hahaha

Good thing they are not the only place to post!
positiveblue
·11 か月前·議論
Narrator: but he did put effort...

Anyway, main take aways for you:

- We REALLY need a way to tie identity to agent/requests - The idea of registering with cloudflare to be able to access a website is bad - Sites should be able to block whoever they want or make anything they desire a requirement (there are people that has login only with google after all)

We have the right primitives to build something that works for any provider (from cloudflare, to Akamai, to self hosting nginx servers). Let's take that route
positiveblue
·11 か月前·議論
Giving an agent full access to your data without clear guardrails is a really bad idea.

We automate checkouts for e-commerce stores and work with very sensitive information, but our agents never see the real data. They only fill forms with placeholders, which later get swapped with the actual values downstream.

Prompt injection is a real risk, and while the industry will adapt, you need to be extremely cautious when letting agents operate in these contexts. Long story short: do not give "admin" privileges to AI Agents in the wild.
positiveblue
·2 年前·議論
Well, the answer is "I do not know"

Now, if I had to guess, this are "a new kind of cookies" so they just took a name that went with it (like they did with biscuits https://www.biscuitsec.org/)

There are many chances that they got he name wrong and they meant Macaron (with one O instead of two). Those are "layered" cookies, which bring some resemblance on how "caveats" can be understood.
positiveblue
·2 年前·議論
Unfortunately, that is so complex and changes so often that should not be implemented at protocol level, but around it.

P.S: I feel you :)