Agent Name Service

From MgmtWiki
Jump to: navigation, search

Full Title

Agent Name Service

Context

AI Agent discovery is needed, but will the OWASP Agent Name Service (ANS) protocol be a piece of the solution? Tune into this discussion with Ken Huang, CISSP, one of the contributors to the ANS white paper to learn more! Here were my takeaways:

⚡ Some kind of AI agent discovery service is probably needed in some ecosystems. But DNS is a security and privacy nightmare. PKI is a nightmare to scale. Is putting these two things together really a good idea?

⚡ To what extent we can trust the data itself? If "federation" is the answer, what kind of federation? A banking-like multi-party federation where a federation operator vets and certifies the participants? An open federation, like the Web, where anyone can connect who aligns with HTTP messaging? Or will different federations arise in different ecosystems? If so, this is un-DNS-like... DNS is an Internet scale infrastructure.

⚡ Capabilities search is a great idea for a registry! But if the registries are federated, it's unclear how this could be accomplished. And what about fuzzy pattern matching, for example "voice authentication" and "speech authentication". It would be possible, but data coordination and optimization may be needed for federation participants.

⚡ Why isn't ANS just a DID method? For example: did:ans:mcp://<ANSName>? What wouldn't that accomplish? Do we really need the PKI if domains publish their public keys somewhere like on a URL or "on the blockchain"? PKI is warranted for banking... but is it really warranted for Agent Discovery?

⚡ It's unclear what identifer to use for ANSName. Will each protocol (e.g. mcp, a2a) define its own naming convention? Will the names have some kind of built in trust model, for example to delegate authority for a "top level domain"?

⚡ Is a new ANS Server worth the risk of compromise? Just look how much trouble we have with DNS servers getting hacked... and people being hurt because they "trust" DNS. The ANS server is yet another infrastructure with hard-to-detect subtle compromises in the data.

References

https://www.linkedin.com/events/7329960344192196608/comments/

The link in the OWASP paper no longer resolves to the prototype. Use this link instead https://github.com/kenhuangus/ANS

Retrieved from "http://tcwiki.azurewebsites.net/index.php?title=Agent_Name_Service&oldid=24337"