HackerTrans
TopNewTrendsCommentsPastAskShowJobs

nembal

no profile record

Submissions

Department of Machine Verification

departmentofmachineverification.com
2 points·by nembal·17 дней назад·1 comments

Know Your .agent?

estherdyson.substack.com
1 points·by nembal·2 месяца назад·0 comments

Code Is State

blog.agentcommunity.org
4 points·by nembal·4 месяца назад·0 comments

[untitled]

1 points·by nembal·4 месяца назад·0 comments

[untitled]

1 points·by nembal·4 месяца назад·0 comments

[untitled]

1 points·by nembal·5 месяцев назад·0 comments

[untitled]

1 points·by nembal·6 месяцев назад·0 comments

[untitled]

1 points·by nembal·8 месяцев назад·0 comments

[untitled]

1 points·by nembal·11 месяцев назад·0 comments

[untitled]

1 points·by nembal·в прошлом году·0 comments

[untitled]

1 points·by nembal·в прошлом году·0 comments

comments

nembal
·4 месяца назад·discuss
The layered architecture argument is right. Discovery, identity, and authorization should be separate concerns. AgentDNS tries to be all three plus billing and proxying, and that's how you get a single point of failure that controls everything.

We've been building the "narrowly scoped discovery" piece this review recommends. Agent Identity & Discovery (AID) [1] is a DNS TXT record at `_agent.<domain>` — endpoint, protocol, auth hint, optional Ed25519 public key. No registry, no proxy, no billing. Add one DNS record and any AID client finds your agent.

Works with MCP, A2A, OpenAPI, gRPC, GraphQL, WebSocket, local agents (Docker, npx, pip). SDKs in TS, Go, Python, Rust, .NET, Java. The discovery lookup is a single DNS query.

The optional PKA (Public Key Attestation) uses RFC 9421 HTTP Message Signatures with Ed25519 for endpoint proof. It sits underneath SPIFFE and OAuth rather than replacing them. We wrote up the cross-boundary auth problem and the remaining gaps [2].

One thing the review misses: the .agent TLD. The .agent Community [3] (3,000+ members, 700+ companies) is going through ICANN's Community Priority Evaluation in the 2026 round to get `.agent` under community governance instead of corporate control. AID works on any domain today, but a community-governed TLD for agents is worth knowing about if you care about who controls the naming layer. Spec is at v1.2 [4].

Your conclusion — "define minimum interoperable layers and connect them with verifiable trust" — that's what we're after. DNS is the minimum viable trust anchor that already runs everywhere.

If any of this is interesting, you can join the community at agentcommunity.org.

[1] https://aid.agentcommunity.org

[2] https://blog.agentcommunity.org/external_identity_anchor

[3] https://agentcommunity.org/about

[4] https://aid.agentcommunity.org/docs/specification

[5] https://github.com/andre-git/agent-internet-rfcs/issues/1
nembal
·4 месяца назад·discuss
is it just me, or feels scary that it is happening
nembal
·4 месяца назад·discuss
the title is misleading. this is the first “claw” swarm hack and we will see a lot more of these!
nembal
·4 месяца назад·discuss
so it seems each RL step extends into a market! 5.3 was target at coding. 5.4 is target at finance 5.5 is healthcare?
nembal
·8 месяцев назад·discuss
this is super exciting! congrats team for OS and it’s an other eval but one that might matter!
nembal
·11 месяцев назад·discuss
Web Bot Auth solves a real problem with a real standard. Per-request signatures make automated traffic accountable, and that is the right long-term primitive. In Cloudflare’s hands, the current implementation is built first for bots, not agents. “Signed agents” read like a label added to a bot-centric system, not a first-class agent identity fabric. The design also centers Cloudflare as the arbiter and on-ramp, which is great for reliability inside their network and great for their business moat, but not great for an open, decentralized agentic web.

While it builds on standards as the top poster notes, cloudflare's version is a business moat driven central registry service and nothing what the decentralized internet would/should look.

i wrote a but more about this on my blog if someone care to read https://blog.agentcommunity.org/2025-08-23-web_auth_box_not_...
nembal
·12 месяцев назад·discuss
wham. thanks for sharing anecdotal episodes from OAI's inner mecahnism from an eng perspective. I wonder if OAI wouldn't be married to Azure would the infra be more resilient, require less eng effort to invent things to just run (at scale).

What i haven't seen much is the split between eng and research and how people within the company are thinking about AGI and the future, workforce, etc. Is it the usual SF wonderland or is there an OAI specific value alignment once someone is working there.
nembal
·в прошлом году·discuss
Securing and operating the .agent TLD, creating a dedicated domain for AI and autonomous agents. We're building an ecosystem to foster interoperability, bringing together AI developers, researchers, and companies to establish conventions for agent discovery, verification, and communication.