| Internet-Draft | agent-dir | March 2025 |
| Muscariello | Expires 15 September 2025 | [Page] |
This document specifies a protocol for announcing and discovering AI agents in a distributed system using the Open Agentic Schema Framework (OASF). The Agent Directory Protocol enables agents to advertise their capabilities through attribute-based taxonomies and discover other agents based on their skills. The protocol leverages a Distributed Hash Table (DHT) for storing and retrieving agent directory records.¶
This note is to be removed before publishing as an RFC.¶
The latest revision of this draft can be found at https://verbose-adventure-1pnqvyr.pages.github.io/. Status information for this document may be found at https://datatracker.ietf.org/doc/draft-agntcy-ads/.¶
Discussion of this document takes place on the WG Working Group mailing list (mailto:discussion@agntcy.org).¶
Source for this draft and an issue tracker can be found at https://github.com/agntcy/dir.¶
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.¶
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.¶
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."¶
This Internet-Draft will expire on 15 September 2025.¶
Copyright (c) 2025 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document.¶
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.¶
As AI systems become more prevalent, there is an increasing need for agents to discover and interact with each other dynamically based on their capabilities. The Agent Directory Protocol provides a standardized way for agents to:¶
Announce their presence using OASF attribute taxonomies¶
Discover other agents based on required skills and attributes¶
Maintain distributed directory information in a DHT¶
Enable attribute-based routing and discovery¶
The protocol is designed to be fully distributed, extensible, and secure while supporting the dynamic nature of agentic AI systems.¶
The protocol uses OASF to define attribute taxonomies that describe agent capabilities. These attributes fall into categories such as:¶
Skills and competencies¶
Domain knowledge¶
Interaction patterns¶
Security propertion Attributes are organized hierarchically and can be extended to support new capabilities.¶
The content digest MUST be generated using a. The purpose of the digest is to serve as a global identifier of arbitrary data on the storage layer. An example of calculating content digest in Golang using SHA-256 hashing function can be found in go-cid package.¶
The current implementation of the Directory uses CID as a default standard when dealing with content digests. See more in the Content Identity specs.¶
The Directory network MUST use a cryptographically strong identity. A "dir node" is a program that can publish, find, and replicate objects across the network. Its identity is defined by a private key.¶
The node MAY be allowed to work in one of the following modes of operation: - client -- The node can interact with the public network, but it does not expose any interfaces to it. The interfaces can be exposed only to the local network. - swarm -- The node exposes all its interfaces to a subset of nodes on the network. - server -- The node exposes all its interfaces to the public network.¶
All interfaces and operations on the network MUST be provided and performed by the node itself.¶
Agent directory records are stored in a DHT with the following properties:¶
Records are indexed by attribute combinations¶
Support for partial and wildcard attribute matching¶
Built-in replication and fault tolerance¶
Decentralized operation with no single point of failure¶
+------+
| Node |
+------+
/ \
/ \
+--------+ +--------+
| Agents | | Skills |
+--------+ +--------+
| |
| |
+---------+ +-------------+
| Alice | | TextSummary|
+---------+ +-------------+
| |
| |
+-------------+ +-------------+
| /dir/CID- | | /dir/CID- |
| Alice-v1 | | Bob-v1 |
+-------------+ +-------------+
|
|
+-------------+
| Bob |
+-------------+
|
|
+-------------+
| /dir/CID- |
| Bob-v2 |
+-------------+
¶
Clients SHOULD first query the Skill Routing Table to find which agents have a given skill, and then query the releases for a given agent using the Agent Routing Table.¶
Note that each skill only points to the agent name (or subgraph) rather than having all the digests for all agents. This is to prevent creating record duplications between the two graphs. An agent with a given skill can be traversed using Agent Routing table once we know that the given agent has a release that contains a given skill.¶
Implementations MUST expose a routing interface that allows the announcement and discovery of agent records across the network. The routing layer serves two important purposes:¶
peer routing -- to find and connect with other nodes on the network¶
content routing -- to find the data published across the network¶
The routing system can be satisfied with various kinds of implementations. The current implementation of the Directory uses DHT (distributed hash table) for routing. See more in the libp2p specs. The interface currently used across the system is defined in api/routing.¶
The nodes participating in the network MUST be able to receive the announcement events when the new data is published to the network to be able to update their routing tables. Nodes MAY also optionally pull the data if needed from the node that sent the event.¶
The minimal interface required to implement the Announcement API consists of a
method that broadcasts locally available Agent data models to the rest of the
network. For example, Announce(node routing.Node, model core.ObjectRef).¶
The nodes participating in the network MUST be able to find published contents. The minimal interface required to implement the Discovery API consists of two sub-interfaces for querying and traversing the objects on a given node based on:¶
Implementations MAY allow more granular querying logic for the Discovery API.¶
The Agent Directory Protocol relies on several security mechanisms to ensure the integrity and authenticity of directory records:¶
All agent directory records MUST be digitally signed by the producing agent. The signature covers:¶
Signatures enable consumers to verify the authenticity and integrity of records independent of their location in the DHT.¶
Agent directory records are location-independent - their trust is derived from cryptographic signatures rather than network location. This means:¶
Agents MUST generate and maintain cryptographic key pairs following these requirements:¶
The DHT implementation MUST provide:¶
This document has no IANA actions.¶