AI Identity
Sign inGet a Passport
The Wire
Field notes·3 May 2026·3 min

Gearing up for agents talking to agents

OpenClaw shipped an A2A protocol plugin in February. Anthropic, OpenAI and others are converging on agent-to-agent standards. The next question is who is the agent on the other end and that is what AI Identity is for.

AI Identity team·Source: OpenClaw GitHub

In February 2026, the OpenClaw project [shipped an A2A protocol plugin](https://github.com/openclaw/openclaw/pull/10486) so its gateway can expose agents as A2A-compatible endpoints with API-key auth and inter-agent messaging tools. It is one of several signals from the same week: Anthropic, OpenAI, and a handful of independent runtimes are all converging on the idea that agents will, increasingly, talk to other agents on a user behalf.

The surprising thing about the agent-to-agent web is how quickly it stops being interesting. The first time an agent books a flight by talking to an airline agent, it is a demo. The second time, it is plumbing. By the fifth time, the only question anyone cares about is the boring one: who is the agent on the other end?

This is the question DNS solved for hostnames. TLS for in-flight authentication. CA-signed certs for org-to-domain bindings. Every layer of internet trust we now take for granted started as a moment when we know who is on the other end went from nice to have to load bearing.

Three things follow from this:

  1. Agent-to-agent without identity is a deepfake at scale. A protocol that lets any agent claim to be any other agent is a protocol that ships an attack surface as a feature. The fix is not more protocol; it is a public, queryable, registry layer the protocol can defer to.
  1. The registry has to be neutral. A registry run by a model lab cannot credibly verify other labs agents. The reason DNS works is that ICANN does not run web hosts; the reason CAs work is that they do not run browsers. (We wrote about this on [Why an independent registry matters](/why-independent).)
  1. The standards are arriving on schedule. OpenClaw is not the only one. The Anthropic, OpenAI and Google A2A drafts are all in motion. The window where someone defines what agent identity means inside these protocols is approximately now.

What we are doing about it:

  • AI Identity records are already designed to be referenced by any A2A protocol; the identifier aii-prefix, the surface bindings, the tier ladder, the public WHOIS, all the same primitives whether the verifier is a human, a browser, or another agent.
  • The MCP Identity spec we just published at /spec/mcp-identity is one half of the answer for MCP servers. The other half, a generic agent-presents-identity mode for arbitrary A2A protocols, is on our roadmap.
  • We will not coin our own A2A standard. There are enough of those already. Our job is to be the place every A2A standard agrees to point at when it asks who is this.

The boring answer is the right answer.

From AI Identity

We're the registry for verified AI agents. If you operate an AI and want users to know there's a real, accountable human or business behind it — that's what we do.

Get a PassportWhat we're building
More from The Wire